CVE-2021-44228 - Apache Log4j Tool
Incident Report for Bold Commerce
Resolved
We have continued to monitor the situation and have not uncovered any of our systems with the CVE-2021-44228 vulnerability.
We will continue to monitor for any upcoming vulnerabilities as per our normal practice.
Posted Jan 06, 2022 - 12:47 CST
Update
Update: As we have been monitoring the unfolding situation with CVE-2021-44228 across the internet we can confirm that Bold has completed a thorough investigation internally and also with our sub-processors for this vulnerability and put in place any remediation as needed. Our core services have never used this technology but we will continue to closely monitor the situation as we near the end of the week.
Posted Dec 15, 2021 - 17:49 CST
Investigating
We have been investigating the impact of CVE-2021-44228 on Bold and our applications. The investigation has shown that we have no concerns at this time but as the situation unfolds across the internet with Bold and its partners our Security team are continuing to actively monitor over the weekend and will post an update as needed.
Posted Dec 11, 2021 - 11:29 CST