On Thursday 2021-12-09 a vulnerability in the Apache Log4j library was detected and potentially affecting systems running the library. Walley do not use Java as a core part of our stack, however we do have dependencies to systems that do.

Walley immediately acted together with our suppliers to remediate the vulnerability. We have not identified any signs that the vulnerability has been exploited in our core services and will continue to follow the situation closely and monitor our systems for suspicious activity.

Walley is currently not at risk of breach via this vulnerability.

We strongly recommend all partners to perform analysis of their own systems for vulnerabilities.

See more information about this 0-day exploit here. https://nvd.nist.gov/vuln/detail/CVE-2021-44228
https://logging.apache.org/log4j/2.x/security.html