earth
    earth

      Veertly's response to Log4j exploit

      1 min read

      An exploit in the Apache Log4j component used in many systems worldwide has been reported end of last week.

      We have reviewed all our systems and patched the impacted ones, so there is no action needed from the side of our users and customers can continue using Veertly without any worries.

      What is this vulnerability?

      Apache Log4j is a Java-based logging framework used by developers in many of their systems to capture and log key metadata. The Log4Shell vulnerability, also called CVE-2021-44228, is a pretty painful vulnerability affecting Log4j that allowed hackers and bad actors to remotely execute arbitrary code from another computer.

      What is the status of our systems?

      • Google Firebase: there are no reports by Google that their Firebase systems are affected by this vulnerability.
      • 8x8 video-call system: only the dial-in server component was determined vulnerable by 8x8 and was patched on December 10.
      • Elastic Search: our Elastic Search instance has been patched on December 14 and no attack tentatives have been identified.
      • Metabase: our internal Metabase instance has been updated to the latest release on December 15 and no suspected activity has been identified.

       

      We haven't identified any unusual activity in any of our systems and we are constantly monitoring them to make sure all your data is safe. If you need any further clarification, do not hesitate to contact us.

       

      Want to know more?

      Schedule a demo with our amazing customer service team.