Apache Log4j 2 vulnerability (CVE-2021-44228)
We have been made aware of a remote code execution vulnerability in Apache Log4j 2.
Please be assured that the License Dashboard product suite, and public facing services provided by License Dashboard, are not vulnerable to this exploit, and we are following National Cyber Security Centre (NCSC) guidance. Initially there were a small number of internal infrastructure components which were affected by this vulnerability and have since been remediated or turned off until a patch is available.
This is an ongoing event and we are continuing to track the developments.
Please contact us for more information.