December 13, 2021
1 Minute Read
Recently, warnings have been issued by several national cybersecurity agencies that a remote code execution flaw in Log4j 2 (CVE-2021-44228), which is a Java library for logging errors in various applications, was at severe risk of being exploited.
Based on the information provided by the National Vulnerability Database, which is managed by the National Institute of Standards and Technology, U.S. Department of Commerce, our team has determined that Titan CMS is not impacted by Log4j 2. Titan CMS does not use Java and does not run on Apache, which is the primary point of vulnerability for Log4j 2. Northwoods, which develops and manages Titan CMS, does not run Apache nor Log4j 2 libraries in our Microsoft Azure hosting environments.
However, we are monitoring the situation and will follow Microsoft’s recommendations related to patching any Microsoft system running Apache.
We will provide updates as needed.
If you have any questions, please don’t hesitate to contact us.