Recent Searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Cloud Retailer and the Log4j/Log4Shell Vulnerability

            Modified on Thu, 30 Dec 2021 at 10:12 AM

            Overview

            The Apache Log4j software has made headlines recently with multiple vulnerabilities, including the Log4Shell exploit.  This threat is currently being traced by NIST as CVE-2021-4428. We have had multiple inquiries as to if our products are vulnerable due to this exploit.


            None of Cloud Retailers applications (Back Office, Point of Sale, Mobile) make use of the Java programming language, nor do we utilize the Apache web server platform (including Tomcat) within our infrastructure.


            We have reviewed any other software within our environment, not connected to Cloud Retailer and found no open attack vectors.  Even still, as an abundance of caution we are putting into place mitigation strategies outlined here: Apache Log4j Vulnerability Guidance.


            References


            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select atleast one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0