LOG4J vulnerability threat
Incident Report for SGS DIGICOMPLY LIVE STATUS
Postmortem

There were only 3 services using affected library (Log4j). cl-labelwise-controller which using dependency that includes also affected library but is not used primary for logging cl-worker which is using library but is protected from the vulnerability since external users cannot interact with the service. elasticsearch which on latest versions which we have installed should not be affected as per official announcement

Posted Dec 16, 2021 - 14:18 UTC
Resolved
A Security Vulnerability Alert was issued in the evening of Friday, Dec.10, for a library called “Log4Shell,” published by Apache, used to keep a record of activity within many applications in companies around the world.
Companies, government agencies and the IT service providers are all working to respond to the vulnerability issue
Posted Dec 15, 2021 - 04:00 UTC
Current Status Powered by Atlassian Statuspage