Skip to content

Apache Log4J Zero Day Vulnerability

apache log4j zero day vulnerability

Background:
CSI is actively investigating a remote code execution vulnerability (CVE-2021-44228) – deemed “Log4Shell”  that was discovered on 9th December.

Who is affected?
Systems using Apache Log4j2 version 2.14.1 and earlier are affected. Also affected are any products that bundle log4j2 by default.

What is CSI doing in response?
CSI is working with vendors to understand the scope of services and systems affected by this vulnerability and planning remediation efforts.

We are investigating and taking action for CSI services that may be potentially impacted.

We will communicate to any clients who are impacted and help customers detect, investigate and mitigate attacks.

Additional information can be found on the NCSC website below: 

https://www.ncsc.gov.uk/news/apache-log4j-vulnerability

 

Ready to talk?

Get in touch today to find out how we can help your business discover its competitive edge.