Log4j vulnerability sweep

Avatar for Martijn Hoogeveen
By
Likethumbsup(3)Dislikesthumbsdown(0)

The critical log4j vulnerability, the logging library of the widely used Apache web server, was worldwide in the news. As part of our services make use of Apache web servers, we therefore screened them immediately. The initial conclusion was that the vulnerability is not present in our core services. Because we didn’t enable log4j there.

Afterwards, we looked into third party frameworks that we use. There, we detected the presence of the log4j function in the Elastic Search environment. A popular open source environment for real-time indexing and search. We urgently updated this framework with a log4j patch.

We did this vulnerability sweep on top of our standard security monitoring and maintenance protocol.


Subscribe to our newsletter and stay updated.
Loading

Leave a Reply

Your email address will not be published.

Icecat xml
 November 3, 2019
 October 4, 2018
Manual

Manual for Icecat Live: Real-Time Product Data in Your App

Icecat Live is a (free) service that enables you to insert real-time produc...
 June 10, 2022
Manual for Icecat CSV Interface

Manual for Icecat CSV Interface

This document describes the manual for Icecat CSV interface (Comma-Separate...
 September 28, 2016
Manual

Manual for Open Icecat JSON Product Requests

JSON (JavaScript Object Notation) is an increasingly popular means of trans...
 September 17, 2018
icecat add ons

Icecat Add-ons including Magento, PrestaShop, Shopify, Magento, Google Shopping. NEW: Pimcore

Icecat has a huge list of integration partners, that make it easy for clien...
 August 1, 2020
Manual

Manual for Personalized Interface File and Catalog from Icecat

With Icecat, you can generate personalized or customized CSV or Excel files...
 May 3, 2022
New Standard video thumbnail

Autheos video acquisition completed

July 21, Icecat and Autheos jointly a...
 September 7, 2021