A zero-day vulnerability was identified in the Apache Log4j logging software on Friday, Dec. 10 (CVE-2021-44228). A related Log4j vulnerability was identified on Tuesday, Dec. 14 (CVE-2021-45046), and a third was identified on Friday, December 17 (CVE-2021-45105). These vulnerabilities could allow malicious actors to take control of organizational networks using Log4j.
We took immediate action to secure our platform, and are pleased to state that our platform and all environments used by our clients remain completely unaffected by this vulnerability.