A vulnerability, called Log4Shell, was found in Log4j 2. Log4j is an open-source Apache logging library. This library is used by many popular applications, services, and Java components. The vulnerability is indexed as CVE-2021-44228 and assessed as a critical vulnerability. The flaw enables an attacker to execute arbitrary code on the affected system. Even though the vulnerability is severe, our products and services are not impacted.
Should I be worried?
|
Our security team has just wrapped up a thorough analysis of our own systems. We have not identified any services, products, or applications that are at risk. However, we will continue to monitor the vulnerability as details are unfolding. cPanel also had this issue fixed if you had Solr plugin installed (auto-update would have fixed that issue a couple of days ago and DirectAdmin does not use log4j so if you have any managed server with us or have auto-update on cPanel (by default) issue does not apply to you.
|
What can I do?
|
||||||||||||||
Even though UnderHost applications are not affected, there is a possibility that your services are impacted. This is due to the unmanaged nature of our servers, and the fact that you have full control over your server.
|
||||||||||||||
We have detailed steps to identify the vulnerability with links to tools you can use to protect yourself.
|
||||||||||||||
|
Should you have any pressing questions regarding this subject, please let us know?
Simply open a request at our cP support desk via CustomersPanel.com