Log4J Security Vulnerability Analysis

Summary: Peachtree Data is not affected by this vulnerability.

NIST NVD published 12/10/2021:
A dangerous zero-day vulnerability was recently discovered in the popular Java logging library Apache Log4j. The vulnerability, CVE-2021-44228, is actively being exploited. This vulnerability affects Apache web servers and also many other popular business applications that will need a patch from the vendor.

As of 12/13/2021:
Peachtree Data has actively researched all of the applications on our internet facing devices to verify their potential vulnerability. The single instance of a vulnerable application was mitigated according to the manufacturer's knowledge base procedure. This specific server did not handle any customer data.

Third-party vendors
Peachtree Data has also been in communication with our third-party vendors to verify they are taking similar actions. All vendors have responded and have patched any affected systems or confirmed that they were not affected by the Log4j vulnerability.

If you would like more detailed information on the vulnerability, you can visit the following link:
https://nvd.nist.gov/vuln/detail/CVE-2021-44228

If you have additional questions, please reach out to us.