This statement provides details about Adaptiv Networks products and services related to the Log4J vulnerability and our response.
Adaptiv Networks is aware of the ongoing Apache Log4J security vulnerability published in December 2021 and has taken all the recommended steps to verify and mitigate the risk in our products and our network.
Adaptiv Networks does not use Apache Log4j software in our products or our network.
We have also verified our supply chain vendors, and all are not vulnerable, or have mitigated the risk of this vulnerability.
As with any network vulnerability, our operations team will continue to monitor and manage the situation and take all necessary steps to mitigate security risks.
Details on Log4J
- A critical vulnerability in Apache Log4j identified as CVE-2021-44228 was publicly disclosed on December 10, 2021, along with a second vulnerability identified as CVE-2021-45046.
- The vulnerability can be exploited by a malicious actor to gain network access and take control of a target system and/or perform a denial-of-service attack.
Recommendations
- Our statements above relate to our products and services, and we encourage our partners and customers to actively verify their own networks and supply chain vendors.
- Follow the developments in your usual security channels and the official Apache page: https://logging.apache.org/log4j/2.x/
If you have any additional questions please email the Adaptiv Networks Support Team at support@adaptiv-networks.com