Forum Discussion

Aïda's avatar
Aïda
Occasional Visitor
4 years ago

Related to log4j and Bitbar

Hi, as recently has been revealed such a big vulnerability like log4j I wanted to ask if is Bitbar affected somehow. With the recent updates over version 2.15.0 not being a full solution as a second vulnerability has been detected, I wanted to know if this has any impact or already a patch fixing it over Bitbar. 
https://www.zdnet.com/article/second-log4j-vulnerability-found-apache-log4j-2-16-0-released/

  • Hi Aïda,

     

    SmartBear is aware of the recently disclosed security issue affecting the open-source Apache “Log4j2” utility (CVE-2021-44228). The Security team is actively working to mitigate our exposure and continue to provide enhanced monitoring of our platforms to safeguard information. Resources potentially affected by this vulnerability have been identified and our Information Technology and Information Security teams are working closely together to remediate any potential exposure in our platforms and environment. SmartBear is also actively communicating with our partners for due diligence in mitigation of this vulnerability related to embedded tools and services.

     

    Please check https://smartbear.com/security/cve-2021-44228/ for further updates.

  • D0UG's avatar
    D0UG
    Community Manager

    Hi Aïda,

     

    SmartBear is aware of the recently disclosed security issue affecting the open-source Apache “Log4j2” utility (CVE-2021-44228). The Security team is actively working to mitigate our exposure and continue to provide enhanced monitoring of our platforms to safeguard information. Resources potentially affected by this vulnerability have been identified and our Information Technology and Information Security teams are working closely together to remediate any potential exposure in our platforms and environment. SmartBear is also actively communicating with our partners for due diligence in mitigation of this vulnerability related to embedded tools and services.

     

    Please check https://smartbear.com/security/cve-2021-44228/ for further updates.