After the discovery of CVE-2021-44228 , popularly known as the Log4shell vulnerability, you should definitely worry whether any Java application you run - or depend on, like for example any cloud service you subscribe to - might be affected.

Luckily, QueueMetrics, WombatDialer, our SaaS platform QueueMetrics Live and our Microsoft Teams integration are not affected, as they do not use log4j and do not depend on third-party libraries using it.

Log4shell is a high-risk vulnerability in the very popular log4j logging framework that may cause arbitrary remote code execution when logging a specially-crafted payload - and this is relatively easy for an attacker to do as it is pretty common to log any unknown payload that hits a web application or triggers an error.

It seems to be actively exploited at least since December 1st, according to the CloudFlare CEO.

keyboard_arrow_left Back