You may have learned in the last couple of days the vulnerability issue of Apache Log4j 2.

This exploit is based on the Log4j variable lookup mechanism in v2.x (related to Log4Shell / CVE-2021-44228). This feature does not exist in Log4j 1.2.x used by icCube.

For info, by default, Log4J 2.x was activating a message lookup (formatMsgNoLookups) that can be exploited when running the java code in certain JRE versions.

icCube is using a former Log4j version (1.2) that does not support the faulty lookup behavior, and therefore icCube is not impacted by this vulnerability.

 

ADDENDUM (Dec 14, 2021): Impact if JMSAppender is being used

Please note that in the specific case of having configured Log4j v1.x to use JMSAppender, then the reported vulnerability issue is in fact a potential threat with “moderate severity”. Read more: CVE-2021-4104.

icCube does not use this Log4j JMSAppender by default (you can check log4.xml file)

We’d like to kindly thank our user who has warned us about this very specific configuration.

13 Dec 2021

icCube NOT IMPACTED by the Log4j vulnerability issue if JMSAppender is inactive

You may have learned in the last couple of days the vulnerability issue of Apache Log4j 2. This exploit is based on the Log4j variable lookup...

03 Nov 2021

icCube v8: the dev2dev version

It has been quite some time since we gave some news, we were in fact preparing a substantial surprise for you, icCube v8 RC1 is...

20 Feb 2020

Want to be up-to-date with icCube's Reporting?

Not only the new icCube Server UI should have all the attention these last months! Let's make some room for the Reporting as well :) Here are two...

Happy &
Satisfied Clients

0

Clients Who Stay
With Us, Every Year

0%

Countries
Trusting Us

0

POC
Success Rate

0%

Renjin is an R JVM-based interpreter enabling the integration of R in Java solutions. The native integration of R in icCube is done thanks to Renjin.

As you may know, you can include your R code within MDX queries to give more mathematical power to your data analysis and exploration.

BeDataDriven, the company which developed Renjin, kindly proposed us to collaborate with them to produce a case study of an actual client application of R in icCube. Alongside with our longtime partner Inside Vision, a case study is now live and shows detailed R application in icCube for a client’s project.

Check out the case study here!

The R algorithm was developed by Inside Vision and included in icCube for this client’s live production system that is optimizing workflow efficiency.

Thank you both BeDataDriven and Inside Vision for this great collaboration showing an actual project under the hood using R and icCube.

13 Dec 2021

icCube NOT IMPACTED by the Log4j vulnerability issue if JMSAppender is inactive

You may have learned in the last couple of days the vulnerability issue of Apache Log4j 2. This exploit is based on the Log4j variable lookup...

03 Nov 2021

icCube v8: the dev2dev version

It has been quite some time since we gave some news, we were in fact preparing a substantial surprise for you, icCube v8 RC1 is...

20 Feb 2020

Want to be up-to-date with icCube's Reporting?

Not only the new icCube Server UI should have all the attention these last months! Let's make some room for the Reporting as well :) Here are two...

Happy &
Satisfied Clients

0

Clients Who Stay
With Us, Every Year

0%

Countries
Trusting Us

0

POC
Success Rate

0%

We have started the year by providing a 10-minute quick start video course for all our new users.

Shorten your learning curve, and start your course right now!

I want to check it out!

13 Dec 2021

icCube NOT IMPACTED by the Log4j vulnerability issue if JMSAppender is inactive

You may have learned in the last couple of days the vulnerability issue of Apache Log4j 2. This exploit is based on the Log4j variable lookup...

03 Nov 2021

icCube v8: the dev2dev version

It has been quite some time since we gave some news, we were in fact preparing a substantial surprise for you, icCube v8 RC1 is...

20 Feb 2020

Want to be up-to-date with icCube's Reporting?

Not only the new icCube Server UI should have all the attention these last months! Let's make some room for the Reporting as well :) Here are two...