The impact of the Apache Log4j2 vulnerability on Salesforce products

Brightfox Data, Salesforce

The vulnerability in Apache Log4J, which was discovered at the end of last year, will continue to pose a major security risk to businesses. As an ISO/IEC 27001 certified partner, we want to keep you informed about the current status of the vulnerability and its possible impact on Salesforce services and on your business.

What is the Log4J vulnerability?

Log4j is an open-source library that IT developers use to keep digital logs. For example, the software records whether errors occur in an application. A lot of applications and cloud services, including Salesforce, use this Java library. The vulnerability allows an attacker to execute code on a server or computer.

How is this threat being addressed by Salesforce?

You can rest assured that Salesforce and BRIGHTFOX are doing everything possible to protect customers from these security risks. Salesforces services have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.

Salesforce will continue to monitor and implement additional remediative actions as needed to ensure Salesforce systems are patched and protected against the security issues identified in CVE-2021-44228 and CVE-2021-45046, as well as monitor for changes referenced in CVE-2021-44228, CVE-2021-45046, CVE-2021-4104, CVE-2021-45105, and CVE-2021-44832.

You can check the current status of the issue and consult a complete overview with details for each individual service on the Salesforce website.

Do you have any questions or concerns?

We are happy to help you.

Leave a Reply

Your email address will not be published.

Fill out this field
Fill out this field
Please enter a valid email address.
You need to agree with the terms to proceed

Menu