====== [2021.12.13] CloudBacko Advisory - Log4j vulnerability (CVE-2021-44228) ======

<html><br/><br/></html>
**Announcement date:** 2021-12-13

  * CloudBacko Pro/Home/Lite **version 4.5.4.x (and above)** <color #ed1c24>**are not vulnerable**</color> to CVE-2021-44228 (Log4j vulnerability).
<html><ul><ul>
    The version of Log4j Ahsay products bundled does not contain the JNDILookup plugin and is not one of the affected versions. Also, remote logging feature and all logging had been disabled for Log4j Logger (set to OFF) (CVE-2019-17571).
</ul></ul></html>

  * **CloudBacko Mobile App 1.6+ is not vulnerable**.


<html><br/><br/></html>