A new exploit was discovered in the Java logging framework Log4J 2.x on Friday, December the 10th (CVE-2021-44228).
We would like to re-assure our clients that this exploit does not affect our servers nor applications. We do not run nor use any third party tools or libraries using Log4J Version 2.x.
Even though our servers don’t run the affected versions of Log4J, a rule on our WAF was added to further prevent the execution of that vulnerability.
If you have any further questions or concerns feel free to reach out to us.