“Log4j is a popular logging library for JAVA applications. It is used for high-performance aggregation of log data from an application.”

Analysis and measures: For FELA’s applications, different toolings are used for logging. Among others also the affected Log4j library. For the services that use Log4j, we have taken all precautions and fixed the vulnerabilities. Also, all exposed components have been audited and assessed by third parties. All components used are non-critical.

Log4j vulnerability CVE-2021-44228 for JAVA applications: FELA products POIS, CarLoc and EasyDrive are protected against Log4j vulnerability

FELA Management AG