» Published on Fri, 10 Dec 2021 00:00:00 +0000

• Resolved

  On Friday 10th December, Kallidus was made aware of the recently disclosed vulnerability in apache Log4j (CVE-2021-44228).

  We have reviewed Kallidus-Suite applications that we provide as a service to customers, and determined that our applications and platform services do not utilise the affected Log4j component and thus are not impacted by CVE-2021-44228.

  We are carrying out further investigations across the business as part of supply chain monitoring to determine if any ancillary third party software or service suppliers to us are affected by this vulnerability.

  » Updated Fri, 10 Dec 2021 00:00:00 +0000