ImageSilo - Log4J Vulnerability
- Taylor Treece (Unlicensed)
Analytics
Please see the official statement below from Digitech regarding the Log4J vulnerability and their ImageSilo systems.
”Late last week, a critical security vulnerability in the open source Apache logging library (log4j) was disclosed to the public. ImageSilo Engineering immediately began a thorough review of all systems to determine the impact of this vulnerability on ImageSilo systems and customers. The vast majority of software utilized by ImageSilo does not contain or utilize Apache libraries, making the vulnerability a non-issue for those systems. In addition, the network and security architecture of ImageSilo would have prevented the exploitation of this vulnerably if it existed. For the handful of ImageSilo systems that utilize Apache software, no systems were found that present a risk of exploitation.
In addition to the review of our own systems, we are monitoring any AWS services used by ImageSilo to ensure that patches or mitigations are put in place by AWS.
While the initial review of the impact of this issue has shown a very limited exposure to this vulnerability, we continue to monitor and evaluate the situation. As always, the integrity, security and availability of our customer’s data is of utmost importance.”
Related content
Copyright © CASO Document Management
All product names, logos, brands, and trademarks featured or referred to on this page are the property of their respective trademark holders. These trademark holders are not affiliated with, nor do they sponsor or endorse this website or the products/services offered unless explicitly stated otherwise.