[arin-announce] ARIN’s Log4j Zero-day Bug Vulnerability Review Results

[ARIN]

ARIN is aware of the zero-day bug located in Apache Log4j software. We have completed an audit of our codebase for public-facing services and found that ARIN is not vulnerable to this exploit. Our team is actively working with our third-part vendors to identify and resolve any potential issues with their tools and services, and we will be monitoring this situation closely going forward.

 

For additional information on the log4j vulnerability, please visit NIST’s National Vulnerability Database, located at https://nvd.nist.gov/vuln/detail/CVE-2021-44228.

 

Regards,

 

Mark Kosters

Chief Technology Officer

American Registry for Internet Numbers (ARIN)

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-announce/attachments/20211215/49fc727c/attachment.htm>