A vulnerability in Apache’s Log4j logging framework was disclosed on Friday (10 December 2021) and has come to be known as Log4Shell/Log4J Vulnerability or CVE-2021-44228 by the Cybersecurity & Infrastructure Security Agency.
Ticketure does not directly use the technology/programming language that is impacted by this vulnerability.
Ticketure does leverage other technology partners in the delivery of the Ticketure solution such as Amazon's AWS Hosting Services and Elastic Search, both have issued statements around their handling of the vulnerability below:
* Ticketure leverages Elastic Cloud 7.14.1 which is not susceptible to the vulnerability
We encourage customers who are leveraging other systems/integrations to confirm those systems are also taking proper steps in resolution to this vulnerability. Some common Ticketure integrations to 3rd party tools include those below (links are provided/accurate as of the writing of this article).
- Mailchimp (no statement available)