Last week a security vulnerability in the Apache Log4j 2 library was publicised. The vulnerability has been given the formal title of CVE-2021-44228, but is also being reported using the terms Log4Shell and LogJam.
This vulnerability can, under specific circumstances, allow a malicious third party to execute code on a remote server which is running an unpatched version of Log4j, potentially allowing the exploit to gain remote control of the server.
For a system to be vulnerable it requires four pieces of software infrastructure to be in place and actively used:
The system has to be coded in Java
The system is not using the Java Security Manager
The Java based software system is exposed to and accepts input from the public internet
The Java based software system uses Apache Log4j 2 to undertake logging
None of Kamma’s platform or services, in our production, integration, staging or development environments, are coded in Java and thus we would like to reassure all our customers that as a company, Kamma is unaffected by this vulnerability.
However if you would like to discuss this in greater detail or require any further information, please contact us at support@kammadata.com.
The most recent amendments to the Renters Reform Bill passed on the 25th April 2024 signal a transformative shift in the regulation of Houses in Multiple Occupation (HMOs), specifically affecting the roles and responsibilities of superior and immediate landlords in regards to property licensing. This post delves into the evolving landscape of HMO property management […]
Regular news, information and insights from Kamma. No spam. Unsubscribe at any time.
Sign me up!
Subscribing ...
Sorry, we really want to but we couldn't subscribe you due to missing or incorrect information; please update the information that's highlighted in red and try again.
Well this is awkward. Something went wrong on the internet between your browser and our newletter subscription service. Please let us know and we'll do our best to fix it for you.
Thanks for subscribing! Check your Inbox in a short while for a confirmation email to check it was really you that just subscribed. If you've already subscribed, we'll keep your subscription but you won't receive a confirmation email this time.