All Data Center Apache Vulnerability
Incident Report for Otava Status Page
Resolved
This incident has been resolved.
Posted Jul 05, 2022 - 11:14 EDT
Monitoring
A fix has been implemented and we are monitoring the results.
Posted Feb 04, 2022 - 16:16 EST
Identified
Otava is aware of the remote code execution vulnerability in Apache Log4j. This vulnerability is also known as Log4shell and has the CVE assignment CVE-2021-44228

Background:
Log4j is a Java based logging audit framework. Log4j2 2.14.1 and below are susceptible to a remote code execution vulnerability where a remote attacker can leverage this vulnerability to take full control of a vulnerable machine.

IMPORTANT: This is a notice of a critical vulnerability and related threat; this is NOT a notice that we have been compromised as a result of this vulnerability.

Otava Security has been actively working with our third-party service partners and will apply critical patches immediately upon release. Otava has currently applied "known" security signatures for perimeter defense sensors, is actively scanning for such security vulnerabilities in all data centers and will continue active monitoring for all data centers for any bad actors and related malicious behavior.

If Otava does not manage your infrastructure devices we still recommend you follow vendor best practices and guidelines regarding patches for this vulnerability.

If you have questions about products or services that Otava can help provide please reach out to your account representative for further discussion.

Status updates can be viewed at Status.Otava.com where this incident is published. ALL customers can subscribe and receive real-time updates as we proceed.

Thank you,

Otava Operations
Posted Dec 14, 2021 - 19:01 EST
Investigating
VMware has released a notification of a critical vulnerability related to Apache. Otava is currently investigating the vulnerability and will be applying changes within the Otava network infrastructure in the attempt to mitigate any risk while Otava works with the vendor.

CVE: CVE-2021-44228
Posted Dec 12, 2021 - 16:17 EST
This incident affected: MA3 - Manchester, UK (OTAVA Managed Server Protection), VA4 - Ashburn, VA (OTAVA Managed Server Protection), NV1 - Las Vegas, NV (OTAVA Managed Server Protection), AU1 - Austin, TX (OTAVA Managed Server Protection), MM1 - Flint, MI (Mid-Michigan) (OTAVA Managed Server Protection), and IN1 - Indianapolis, IN (OTAVA Managed Server Protection).