Overview
On December 9, 2021, a previously unknown zero-day vulnerability in the Apache Log4j Java-based logging library was reported. While we have not seen any exploitations of this vulnerability, we did reach out to all customers over the weekend to make everyone aware that our development teams have been and will continue to monitor and remediate applications if needed.
Our teams worked through the weekend and scrubbed through all our codebases. We have at this point taken the required actions to remediate any references we have identified to this package. Again no exploitations have been seen to date so these were simply remediations.
Additionally, a new technote has been created for TeamForge OnPrem customers with simple steps to remediate.
Please see our product-specific responses below. We will update these articles to provide additional levels of detail. As always, please reach out to support@digital.ai with any additional questions.
Product-Specific Responses
- Log4J Vulnerability to Zero-Day Exploit and Digital.ai Agility
- Log4J2 Vulnerability to Zero-Day Exploit and Continuum
- Log4J Vulnerability to Zero-Day Exploit and Digital.ai Continuous Testing
- Log4J Vulnerability to Zero-Day Exploit and Digital.ai Intelligence
- Log4j Vulnerability to Zero-Day Exploit and Digital.ai Release and Deploy
- Log4j Vulnerability to Zero-Day Exploit and Digital.ai Application Management
- Log4j Vulnerability to Zero-Day Exploit and Digital.ai Application Protection and App Aware
Comments
Please sign in to leave a comment.