Log4Shell - No direct impact on EverIT customers

On Dec. 9, 2021, a zero-day exploit (since dubbed ?Log4Shell?) was observed in the wild targeting a critical RCE vulnerability in Log4j. CVE-2021-44228 affects versions of Log4j 2.0-beta9 up to 2.14.1. The issue has been fixed in Log4j 2.15.0 and above.

Marketplace apps

Cloud Apps

Timetracker for Jira Cloud is not affected by this vulnerability. Our cloud product uses a different logging library.

Server Apps

Our Server and Data Center apps (Timetracker, Epic Roadmap, Issue Score, License Monitoring, License Optimizer, Thread Profiler) are not directly affected by this vulnerability. Our Server and Data Center products either use the logging libraries provided by the host application or provide a different logging library.

 

Everit websites

Our company homepage is not affected.

Our other webpages (Support Portal, App Documentation) that use Atlassian cloud products are not affected, since Atlassian already treated and prevented this vulnerability in their cloud services.

 

Atlassian guidelines

We advise you to follow Atlassian?s recommendations described in their FAQ, especially if you have customized your own logging tools for server/data center Atlassian products.

Lépj kapcsolatba velünk

If you have any questions, don’t hesitate to contact us.

Safe from Log4Shell Vulnerability