or is there an offical announcement of log4j aka log4shcell - cve-2021-44228?
Question
log4j affecting any of the products?
Yes
Has your product line been impacted by the Log4j Vulnerability?
Have you experienced any security incidents as a result of Log4J Vulnerability?
Have any of your third party vendors been impacted?
+6yes, there was vulnarability with log4j and not just freshworks, many other products were affected.
we had to release an update to over come the issue. but i am not sure this affected freshworks in any way.
+9- Community Manager
- 626 replies
Hello Everyone,
We understand your concern related to the log4j vulnerability. As per our security team’s update, we have implemented specific rules in the Freshworks WAF (web application firewall) configuration to protect our perimeter and to block and throttle payloads that are related to this CVE. Please be informed that this is considered a priority activity and our engineering teams are currently performing analysis to verify services if any impacted and will be working to apply the necessary fix/patch.
We have also published a public-facing Security Advisory Page for Log4j Vulnerability. This page currently has updates on action taken so far and timelines and will be updated with the progress from time to time as needed - https://www.freshworks.com/security/alerts/cve-2021-44228/
Thank you,
Ramya, Freshworks Community || Learn something new today, get recognized for your contributions, stay on top of product updates and build meaningful connections in our Freshdesk community. Fresh ideas, quality service :)
Reply
Join the Community
Already have an account? Login.
Sign in to the Community
No account yet? Create an account.
Social Login
Login with LinkedInor use your username
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.