Apache Log4j 2 vulnerability (CVE-2021-44228)

We have been made aware of a remote code execution vulnerability in Apache Log4j 2.

Please be assured that the License Dashboard product suite, and public facing services provided by License Dashboard, are not vulnerable to this exploit, and we are following National Cyber Security Centre (NCSC) guidance. Initially there were a small number of internal infrastructure components which were affected by this vulnerability and have since been remediated or turned off until a patch is available.

For more information about the event, read the latest news from Microsoft and VMware, and view the full list of products affected.

This is an ongoing event and we are continuing to track the developments.

Please contact us for more information.

Harry Webb

Harry Webb

Comments are closed.