Kamma’s Response to CVE-2021-44228 (Apache Log4j 2 Vulnerability)


Last week a security vulnerability in the Apache Log4j 2 library was publicised. The vulnerability has been given the formal title of CVE-2021-44228, but is also being reported using the terms Log4Shell and LogJam.

This vulnerability can, under specific circumstances, allow a malicious third party to execute code on a remote server which is running an unpatched version of Log4j, potentially allowing the exploit to gain remote control of the server.

For a system to be vulnerable it requires four pieces of software infrastructure to be in place and actively used:

  1. The system has to be coded in Java
  2. The system is not using the Java Security Manager
  3. The Java based software system is exposed to and accepts input from the public internet
  4. The Java based software system uses Apache Log4j 2 to undertake logging

None of Kamma’s platform or services, in our production, integration, staging or development environments, are coded in Java and thus we would like to reassure all our customers that as a company, Kamma is unaffected by this vulnerability.

However if you would like to discuss this in greater detail or require any further information, please contact us at support@kammadata.com.

Share this article

Read more recent articles

Builder wearing a blue boiler suit installs pink wall insulation in a home

How to convince homeowners to retrofit: a retrofit messaging toolkit for mortgage lenders

What retrofit messaging can mortgage lenders convince more homeowners to increase the energy efficiency of their homes? Most mortgage lenders now fully grasp the benefits that increasing the energy efficiency…

Read more
Illustration showing a magnifying glass hovering over two rows of houses, which each have an EPC label from A to G.

Property licensing update: May 2024

At Kamma, we know how important it is to have the most up-to-date information at your fingertips. Each month, we provide a full rundown of the latest scheme announcements and…

Read more
Photo showing row of UK houses with different coloured doors

The complete guide to EPC data for mortgage lenders

EPCs are the core measure of energy efficiency for UK houses, used by mortgage lenders in several ways. Here’s everything you need to know.

Read more