Alibaba Cloud Computing Co. Ltd. recently discovered a vulnerability in Apache Log4j2 and reported the vulnerability to the Apache Software Foundation (ASE). The vulnerability can be exploited by attackers to run arbitrary commands or code on remote machines or in remote processes. The ApsaraDB RDS technical team verified that the vulnerability has no impacts on ApsaraDB RDS.

For more information, see Alibaba Cloud Statement on the Impact Assessment of Apache Log4j2 RCE Vulnerability (CVE-2021-44228).