Apache Log4j2 vulnerability (CVE-2021-44228)
ISSUE: At E2open, the protection of our customers’ data and the integrity of our systems is of paramount importance. We are aware of the recently disclosed Apache Log4j2 vulnerability (CVE-2021-44228).
IMPACT: We are actively monitoring this issue and continue to work diligently to patch all E2open services and customer premise applications that use the vulnerable component Log4j2.
For more information, please review CVE-2021-44228 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228) and the Apache Log4j2 (https://logging.apache.org/log4j/2.x/index.html) post. We appreciate your patience and confidence in us as we continue to provide our service to your business.
E2open IDS and WAF layers are now providing additional layers of protection specifically against the Log4j vulnerability.
LAST UPDATED: 7 Jan 2022 – 9:00 AM ET
NEXT UPDATE: Updates will be posted daily, or more frequently as needed.
= Log4J issue remediation for the product have finished
UNDER REVIEW = Confirming whether fix is needed.