QueueMetrics and WombatDialer are safe from Log4shell
After the discovery of CVE-2021-44228 , popularly known as the Log4shell vulnerability, you should definitely worry whether any Java application you run - or depend on, like for example any cloud service you subscribe to - might be affected.
Luckily, QueueMetrics, WombatDialer, our SaaS platform QueueMetrics Live and our Microsoft Teams
integration are not affected, as they do not use log4j
and do not depend on third-party libraries
using it.
Log4shell is a high-risk vulnerability in the very popular log4j
logging framework that may
cause arbitrary remote code execution when logging a specially-crafted payload - and this is
relatively easy for an attacker to do as it is pretty common to log any unknown payload that hits a web application
or triggers an error.
It seems to be actively exploited at least since December 1st, according to the CloudFlare CEO.
keyboard_arrow_left Back