IntelliJ/JetBrains products & Log4j Impact
JetBrains has come out with a blog post on the list of products and the services that are affected by Log4j CVE-2021-44228 vulnerability. Most of the JetBrains IDEs like IntelliJ & products like TeamCity has not been affected by this vulnerability except some of their services as noted in their blogpost over here. And as of today they are still continuing to investigate to see the products that might have been affected by this vulnerability.
List of products affected:
- Code with Me
- JetBrains Account
- YouTrack Standalone
- YouTrack InCloud
- Floating license server
List of Products that were not affected
- All IntelliJ platform based IDEs
- All .NET tools
Though the blog post says setting MsgNoLookups to true will prevent this. Actually it’s not!