コメント

3件のコメント

  • 正式なコメント
    France

    Hi Everyone, 

    Welcome to the Box Community and thanks for posting!

    Please find Box's official statement regarding this issue on this blog post: https://blog.box.com/boxs-statement-recent-log4j-vulnerability-cve-2021-44228

    Many thanks for your patience and please let us know how else we can help.

    コメントアクション パーマリンク
  • Ian Roberts

    Vince, I totally agree... Would be nice to know if Box can attest that they have implemented the "Apache released Log4j version 2.15.0 security update to address this vulnerability." https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance  

    0
    コメントアクション パーマリンク
  • John Schulte

    I opened a Chat Session with Box Support, they say:

    We have completed our investigation around the impact of log4j on Box and have found no evidence that any log4j instance was successfully exploited.

    Our teams have worked throughout the weekend to review our systems and have made appropriate patches where needed. We have found no evidence that customer data or content has been impacted and will will provide more details soon.

     

     

     

    0
    コメントアクション パーマリンク

サインインしてコメントを残してください。