We have received a number of questions from Clients reporting from security
news outlets of a critical vulnerability CVE-2021-44228
in the Apache Log4j
library. Millions of Java applications use this library to log error messages.
We wanted to provide information to Clients who are understandably interested
to know if Safeguard Global is affected.
Safeguard Global utilizes the Log4j library in one application related to
Unity Payroll. This application does have additional layers of abstraction and
security present that the exploit does not circumvent. In addition, Unity
Payroll has recently undergone regular penetration testing, and we are
confident that the threat posed by this exploit is low.
Since learning of the exploit, we have configured additional firewall
protection to block any traffic related to this vulnerability. We are planning
further remediation to update the Log4j implementation and will keep Clients
informed.
If you have any questions in the meantime, please contact your Service
Delivery Manager or email privacy@safeguardglobal.com
.
安排免费咨询
我们的全球解决方案顾问可以评估您所面临的挑战,并向您推荐有利于您达成目标的后续步骤
联系我们