News & Blog

Log4J Vulnerability Statement- Waterford Technologies

15th December 2021 Details Waterford Technologies has received information that a vulnerability in Apache-Log4j has been discovered. This vulnerability is registered under

15th December 2021

Details

Waterford Technologies has received information that a vulnerability in Apache-Log4j has been discovered.

This vulnerability is registered under CVE-2021-44228.

https://nvd.nist.gov/vuln/detail/CVE-2021-44228

Description

The vulnerability impacts Apache-Log4j 2 versions 2.0 through to 2.14.1.

Risks and Exposure

In general MailMeter and Siscin have no Java-based components (JavaScript which we do use is not implicated in this vulnerability).

Our analysis has shown that Mailmeter, MailMeter Cloud and Siscin Software are not affected as we do not use or consume Apache-Log4j. As part of our ongoing vulnerability scanning and penetration testing, we scan our entire cloud infrastructure when a new vulnerability is published to the security community. We have scanned daily since Dec 10 for this particular risk.
No part of our infrastructure shows any vulnerability re CVE-2021-44288.

Summary

We understand and appreciate the trust our customer’s place in us and we take our responsibility seriously. Our security response team have been engaged from the first notification of this risk and have conducted a thorough investigation.

No part of our infrastructure shows any vulnerability re CVE-2021-44288.

If you have any queries please contact our support team. [email protected]