Log4j2 Vulnerability Mitigation Efforts
What risks exist within the Smartsheet platform regarding the Log4j2 Vulnerability and what are the Smartsheet admin and/or security teams doing to ensure we, as your customer, will not be impacted regarding connected systems like MS Teams, private information, etc?
The blanket response of the following answer is NOT acceptable or descriptive enough to ensue confidence in the security of your application. "On December 9, 2021, Apache Foundation, a provider of enterprise apps and cloud services, was the target of a critical zero-day vulnerability in their Log4j2 logging library. We continue to track this issue and will take all necessary steps to maintain our strong security posture. Additional information related to the vulnerability is available at: https://nvd.nist.gov/vuln/detail/CVE-2021-44228."
Comments
-
If you need more specific information, please have your Smartsheet Account Admin contact your Smartsheet Account Representative or Smartsheet Support and they can provide you with up-to-date information.
Thank you,
Genevieve
