Apache Log4j2 vulnerability (CVE-2021-44228)

ISSUE: At E2open, the protection of our customers’ data and the integrity of our systems is of paramount importance. We are aware of the recently disclosed Apache Log4j2 vulnerability (CVE-2021-44228).

IMPACT: We are actively monitoring this issue and continue to work diligently to patch all E2open services and customer premise applications that use the vulnerable component Log4j2.

For more information, please review CVE-2021-44228 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228) and the Apache Log4j2 (https://logging.apache.org/log4j/2.x/index.html) post. We appreciate your patience and confidence in us as we continue to provide our service to your business.

E2open IDS and WAF layers are now providing additional layers of protection specifically against the Log4j vulnerability.

LAST UPDATED: 16 Jan 2022 – 9:00 AM ET

NEXT UPDATE: Updates will be posted as needed.

Product Log4J Status
Channel Shaping
Demand Sensing
Business Planning
Global Trade Management
Collaborative Manufacturing
Supply Management
Transportation and Logistics
↳ Rates and Schedules Management
↳ Container Management
↳ Shipment Bookings and Instructions
Transportation Forecasting
In-Transit Visibility
Predictive ETA
Global Logistics Orchestration
TM-Cloud Logistics
↳ KT
↳ MobileSTAR
↳ Parcel
↳ Transportation Management for Forwarders
↳ Transportation Management for LSPs

= Log4J issue remediation for the product have finished

UNDER REVIEW = Confirming whether fix is needed.