On 10th of December 2021, Apache Log4j, an open-source software library widely used to log into several java applications was publicly marked as vulnerable. This security vulnerability can lead to remote code execution without authentication.
Bepoz approach towards Apache Log4j Vulnerability
Since Bepoz develops and offers a wide variety of software products, we utilise several technologies and programming languages. As soon as the vulnerability was made public, we prioritised based on risk but made sure to leave no stone unturned.
Our team of engineers and developers have confirmed that none of the products that we offer here at Bepoz use Apache’s Log4j logging utility. Hence, will not present a Log4Shell vulnerability.
As we have done in the past, we will continue to make every effort to ensure that the software we develop and deliver to customers is secure and robust. We take the security of our customers’ networks and data seriously. Our dedicated cyber security team will continue to be vigilant in responding to future potential threats. We have a responsible disclosure policy in place and promote transparency when it comes to sharing information to keep everyone safe online.