We have received a number of questions from Clients reporting from security
news outlets of a critical vulnerability CVE-2021-44228
in the Apache Log4j
library. Millions of Java applications use this library to log error messages.
We wanted to provide information to Clients who are understandably interested
to know if Safeguard Global is affected.
Safeguard Global utilizes the Log4j library in one application related to
Unity Payroll. This application does have additional layers of abstraction and
security present that the exploit does not circumvent. In addition, Unity
Payroll has recently undergone regular penetration testing, and we are
confident that the threat posed by this exploit is low.
Since learning of the exploit, we have configured additional firewall
protection to block any traffic related to this vulnerability. We are planning
further remediation to update the Log4j implementation and will keep Clients
informed.
If you have any questions in the meantime, please contact your Service
Delivery Manager or email privacy@safeguardglobal.com
.
Solicite una consulta gratuita
Nuestros asesores en soluciones internacionales pueden ayudarte a evaluar los retos que se te planteen y recomendarte los pasos a seguir para cumplir tus objetivos