As a matter of critical priority, archTIS has undergone technical analysis of this vulnerability and any impacts that it may have on the archTIS suite of products.
After a full investigation, the response team have confirmed that the NC Protect, cp.Protect and cp.Discover products are unaffected by this vulnerability.
Kojensi does utilise the library in a number of its components. However, access to these components is controlled and blocked by firewall, accredited at the PROTECTED level. We have conducted investigations and found no evidence of any exploitation of the Log4J vulnerability. As a result, we have assessed the vulnerability as ‘Very Low’.
Kojensi is also hosted on an Australian PROTECTED cloud service with 24 hour monitoring of the platform. We will continue to deploy patches from software vendors as they become available as a matter of urgency to remove the Log4j vulnerability from Kojensi.
If you should have any further questions, please get in touch.
archTIS Product Management & Development