Log4J Vulnerability to Zero-Day Exploit and Digital.ai Intelligence

Overview

Many of our users will have seen recent news about ongoing problems with the Zero-Day attack which exploits vulnerabilities in the Apache Log4j library - CVE-2021-44228 

We do not believe that any of our Intelligence / Numerify Analytics SaaS systems can be exploited by CVE-2021-44228. As a precaution, all active services have been re-evaluated for this vulnerability. Vulnerable sections of the service have been patched with remedial steps and services restarted.

Our engineers will continue to assess all aspects of the service for vulnerability. If applicable, Digital.ai will upgrade systems to non-vulnerable versions of software as and when updates are available.

For on-premise installations of the Numerify Data Collector, if the host environment has been modified to use affected versions of Log4j (<=2.14.1), we recommend taking remedial action as suggested by NIST CVE-2021-44228

Related Information

To view Log4J notices for other Digital.ai products, please see Log4J Vulnerability to Zero Day Exploit and Digital.ai.

 

Was this article helpful?
1 out of 1 found this helpful

Comments

0 comments

Please sign in to leave a comment.