Gratavid Statement on the Recent Log4j 2 Vulnerability
December 15, 2021 · 2 min read
The Apache Log4j 2 utility is an open-source Apache framework that is commonly used for logging requests. On December 9, 2021, a vulnerability was reported that could allow a system running Apache Log4j version 2.15 or below to be compromised and allow an attacker to execute arbitrary code on the vulnerable server. On December 10th, 2021, NIST published a critical CVE in the National Vulnerability Database identifying this as CVE-2021-44228. The official CVSS base severity score has been determined as a severity of 10.
Are Gratavid users affected?
No. Our IT team reviewed our infrastructure and application stack and did not find any affected systems or services that use the vulnerable Log4j 2 package. Our tech stack does not employ Java-based applications. We checked with upstream cloud providers and found the cloud services they provide Gratavid were not affected by the recent Log4j 2 vulnerability.
Ready to stand out with personalized video?
Check out our favorite Gratavid testimonials below, and visit Gratavid.com for examples and to learn more.