Please apply Apache log4j security patch on Workiva
Hi Team,
Could you please advise what version of Apache log4j version has been patched on Workiva?
Thanks,
Neelima
-
Hi Neelima!
Thanks for asking. I have forwarded this question onto our Security team to get an answer for you. I'll be in touch ASAP.
0Quick follow-up here.
At this time, the only information Workiva can provide is what's in our bulletin here: https://support.workiva.com/hc/en-us/articles/ 4412643446804 0Hi Mike,
Would it be possible to get patched log4j version as well?
Thanks,
Neelima
0Hi Neelima,
Sorry for the delay here. I have the following update for you.
Due to the reported vulnerability with the 2.15 version of log4j (CVE-2021-45046), Workiva has patched our usage of the library to the 2.16 version across all environments. We continue to work with our third-parties to identify and mitigate any upstream impact.
To date, there has been no impact to our platform or customer data. If that changes, we will notify affected customers without any undue delay.
0Accedi per aggiungere un commento.
Commenti
4 commenti