Get fresh insights, pro tips, and thought starters–only the best of posts for you.
Dec 21, 2021
3 min read
A recent zero-day vulnerability impacting the Apache Log4j library was made public on December 9, 2021, and assigned the tag, CVE-2021-44228, scoring 10 of 10 on the Common Vulnerability Scoring System (CVSS).
The team at Hexnode is aware of this exploit. Nonetheless, we would like to assure our customers that none of our products, services, websites, and internal or third-party infrastructure uses the Apache Log4j module for logging purposes, and hence, are not affected by this vulnerability.
We will continue to track updates around this vulnerability and will offer more information as they become available.
Following the Log4j exploit, Hexnode conducted a comprehensive security impact assessment to identify any potential vulnerabilities that may have arisen. The following are the results from the assessment.
In the wake of this vulnerability, we understand that many of our customers and partners are concerned about Log4j’s potential threats to data security. You can rest assured, Hexnode is unaffected, and we do not anticipate any downtime.
As part of our standard operating procedure, we will continue to monitor the situation including third party services we use. If you have additional questions, you can always reach out to email@example.com.