15th December 2021
Details
Waterford Technologies has received information that a vulnerability in Apache-Log4j has been discovered.
This vulnerability is registered under CVE-2021-44228.
https://nvd.nist.gov/vuln/detail/CVE-2021-44228
Description
The vulnerability impacts Apache-Log4j 2 versions 2.0 through to 2.14.1.
Risks and Exposure
In general MailMeter and Siscin have no Java-based components (JavaScript which we do use is not implicated in this vulnerability).
Our analysis has shown that Mailmeter, MailMeter Cloud and Siscin Software are not affected as we do not use or consume Apache-Log4j. As part of our ongoing vulnerability scanning and penetration testing, we scan our entire cloud infrastructure when a new vulnerability is published to the security community. We have scanned daily since Dec 10 for this particular risk.
No part of our infrastructure shows any vulnerability re CVE-2021-44288.
Summary
We understand and appreciate the trust our customer’s place in us and we take our responsibility seriously. Our security response team have been engaged from the first notification of this risk and have conducted a thorough investigation.
No part of our infrastructure shows any vulnerability re CVE-2021-44288.
If you have any queries please contact our support team. [email protected]