Is CCDC CSD software affected by the CVE-2021-44228 vulnerability?
In response to the CVE-2021-44228 vulnerability in the Apache Log4j library, also known as Log4Shell, we at CCDC can confirm that our software and services do not use this Apache logging component and are therefore not affected.
While CCDC software and services are not affected, there may be third-party software and services where our data or software is utilised or linked to - CCDC is not responsible for the maintenance of such systems and we would recommend customers perform a thorough review of all software and services they may use and apply any patches or fixes that third party software recommends.
We have ourselves carried out a thorough review of all of our internal systems and have applied patches and fixes where necessary. An extensive vulnerability check has determined our systems are secure and we will continue to monitor our systems to ensure they remain secure from both this and any other threats that may emerge.