All Collections
Security Updates
Apache Log4j Vulnerability
Apache Log4j Vulnerability

Status Report for Cloud Customers

Meirav Matto avatar
Written by Meirav Matto
Updated over a week ago

Date: December 15, 2021

Labguru is following the vulnerability management process in monitoring and patching Labguru services to address the security issue referenced in CVE-2021-44228. For more details specific to individual services, see below.

Service

Status

Labguru Application

Labguru is reported to NOT be affected by CVE-2021-44228. No further action is necessary at this time.

AWS OpenSearch (formerly AWS ElasticSearch)

AWS OpenSearch is reported to be affected by CVE-2021-44228. The service has been updated with AWS patch R20211203-P2 to remediate the vulnerability identified in CVE-2021-44228. No further action is necessary at this time.

ChemAxon Web Services for Labguru

The ChemAxon services used by Labguru are reported to NOT be affected by CVE-2021-44228. No further action is necessary at this time.

We are actively working with our third-party vendors to ensure that they have mitigations in place and if necessary updating their software or services to remediate this issue. As this issue continues to evolve, we will continue to implement additional remediation actions as appropriate.

As part of our continuous detection and monitoring systems, we have implemented detection and monitoring to alert for any potential exploitation attempts. If Labguru becomes aware of unauthorized access to Customer Data, we will notify impacted customers without undue delay.

Did this answer your question?