Dubber Log4J Response
Over the weekend a critical vulnerability within Apache Log4J CVE-2021-44228 was discovered. Dubber has conducted an extensive review of our internal applications and we have found that we are not impacted by the vulnerability. As the full impact of the vulnerability comes to light Dubber will continue to monitor and resolve any vulnerabilities that may arise and communicate these as required.
About the Vulnerability
The vulnerability can allow an unauthenticated attacker to gain complete access to a system. Specific strings can be processed by the vulnerable Log4j component which can cause unauthorised access.
Dubber 3rd Parties
Dubber is also working with our 3rd party vendors to ensure that they uncover any vulnerabilities and resolve them as soon as possible. Most 3rd parties have deployed fixes or are in the process of doing so.
If you have any questions please contact our support team at support.dubber.net