iGrafx Thwarts Log4j Vulnerability
Early detection and remediation of the recent Log4j vulnerability by security teams helps to protect BPM customers from loss.
A recent report from NTT Application Security found that businesses and agencies today are spending an average of about 250 days to remediate high-severity risks. At iGrafx we know how essential secure systems are to our business process management (BPM) customers. By taking a proactive approach to security, the iGrafx team was able to identify and mitigate the recent Log4j vulnerability, protecting business customers from significant losses.
Identifying the Log4j Vulnerability
On Saturday, December 11, the US Cybersecurity and Infrastructure Security Agency (CISA) released a statement regarding the dangers of the Log4j vulnerability.
“CISA is working closely with our public and private sector partners to proactively address a critical vulnerability affecting products containing the log4j software library,” stated CISA Director, Jen Easterly. “This vulnerability, which is being widely exploited by a growing set of threat actors, presents an urgent challenge to network defenders given its broad use. End users will be reliant on their vendors, and the vendor community must immediately identify, mitigate, and patch the wide array of products using this software. Vendors should also be communicating with their customers to ensure end users know that their product contains this vulnerability and should prioritize software updates.”
Vulnerability CVE-2021-44228 exploits the use of a common third-party enterprise endpoint feature LDAP (and other JNDI related endpoints) where if an attacker were in control of log messaging, that individual or organization could execute malicious code from the LDAP servers.
Any feature that can be exploited and execute malicious code onto a company’s server could cause harm which is why this was a zero-day bug and considered a 10 on the critical level (based on 1-10 levels).
Recognition and Remediation
At iGrafx, we actively monitor vulnerability exploits through various means. In this case, the team was aware of it early on Friday morning, December 10. Our cross-functional global team coordinated to resolve the vulnerability over the weekend to ensure limited exposure. Working in round-the-clock shifts, the organization committed to making sure that customer data was safe.
We can now confirm that:
- Within 12 hours we had fixed and deployed the new release to our cloud customers that approved updates of this type
- Within 48 hours we fixed and deployed the release to our datacenter customers
- All customers were contacted and informed of the vulnerability, as well as the steps iGrafx took to remediate it
We continue to analyze the logs of our cloud services to identify any attempts to leverage the exploit. We have not found any attempts to date. For more information about iGrafx BPM solutions, security, or the Log4j vulnerability, please contact us.