Please apply Apache log4j security patch on Workiva
Hi Team,
Could you please advise what version of Apache log4j version has been patched on Workiva?
Thanks,
Neelima
-
Hi Neelima!
Thanks for asking. I have forwarded this question onto our Security team to get an answer for you. I'll be in touch ASAP.
0
Quick follow-up here.
At this time, the only information Workiva can provide is what's in our bulletin here: https://support.workiva.com/hc/en-us/articles/ 4412643446804 0
Hi Mike,
Would it be possible to get patched log4j version as well?
Thanks,
Neelima
0
Hi Neelima,
Sorry for the delay here. I have the following update for you.
Due to the reported vulnerability with the 2.15 version of log4j (CVE-2021-45046), Workiva has patched our usage of the library to the 2.16 version across all environments. We continue to work with our third-parties to identify and mitigate any upstream impact.
To date, there has been no impact to our platform or customer data. If that changes, we will notify affected customers without any undue delay.
0请先登录再写评论。
评论
4 条评论