Walley response to the Log4j CVE-2021-44228 and related vulnerabilities

Resolved
Resolved

On Thursday 2021-12-09 a vulnerability in the Apache Log4j library was detected and potentially affecting systems running the library. Walley do not use Java as a core part of our stack, however we do have dependencies to systems that do.

Walley immediately acted together with our suppliers to remediate the vulnerability. We have not identified any signs that the vulnerability has been exploited in our core services and will continue to follow the situation closely and monitor our systems for suspicious activity.

Walley is currently not at risk of breach via this vulnerability.

We strongly recommend all partners to perform analysis of their own systems for vulnerabilities.

See more information about this 0-day exploit here. https://nvd.nist.gov/vuln/detail/CVE-2021-44228 https://logging.apache.org/log4j/2.x/security.html

Avatar for
Began at:

Affected components
  • Walley Checkout
  • Payments API
  • App / MyWalley
  • In-Store
  • Widgets
  • Partner Portal
  • Merchant Hub