Apache Log4j 2 vulnerability

Background  

Apache Log4j 2 is a tool that is commonly used for logging requests. As of December 9, 2021, a security vulnerability CVE-2021-44228 was reported for using this utility that could allow attacker to execute arbitrary code - which could allow the attacker to modify computer files or gain access to sensitive data on your computer.  

What does it mean for Speeki clients and users  

Speeki has a component that utilizes the mentioned utility; however, it cannot be accessed from outside the network. Speeki uses this component for internal tool communications. Therefore, Speeki is not vulnerable to attack via the Apache Log4j 2 vulnerability.  

Action from Speeki Team  

  • Clients and users do not need to take any action.
  • Speeki's cybersecurity team is eliminated these vulnerabilities by end of Dec 2021.
  • No data thief or lost was reported regarding this matter.