All high security products from Rohde & Schwarz Cybersecurity are not affected by the Log4j vulnerability.
All products of the categories network encryption*1, endpoint security*2 and data protection for cloud environments (R&S®Trusted Gate) are not affected by the Log4j vulnerability because this function is not used.
R&S®Web Application Firewall and R&S®Cloud Protector use components that use the vulnerable Log4j versions. Fixes are provided as quickly as possible and all customers are informed directly.
All customers have already been informed directly about the configuration of R&S®Web Application Firewall and R&S®Cloud Protector security engines to block JNDI injections.
If you have any questions, please contact our technical support.
*1 R&S®SITLine, R&S®Trusted VPN
*2 R&S®Trusted VPN Client, R&S®Trusted Disk, R&S®Browser in the Box, R&S®Trusted Mobile