IMPORTANT NOTICE - Log4J update: All CVEs Published to Date Have Been Mitigated by the ControlUp Security Team
Scheduled Maintenance Report for ControlUp Status Page
Completed
The scheduled maintenance has been completed.
Posted Dec 19, 2021 - 14:36 UTC
Scheduled
Following the discovery of the Apache Log4j vulnerability known as Log4Shell (CVE-2021-44228) on 9 December 2021, other Log4J vulnerabilities were then discovered: CVE-2021-45046, CVE-2021-4104 and CVE-2021-45105.
● After thorough investigation, we can verify that none of the above vulnerabilities exist on our customer installed products:
▪ Real-Time DX Agent
▪ Real-Time DX RT Console
▪ Real-Time DX Monitor Service
▪ Real-Time DX On-Premises Server (COP)
▪ Insights On-Premises (IOP)
▪ Solve On-Premises (SOP)
▪ Remote DX Plug-ins
▪ Edge DX Agent
▪ Scoutbees Custom Hive
● We can confirm that all vulnerable components were mitigated in our backend cloud environment.

We are staying alert and continue to follow Log4J CVE’s updates. We will keep updating for any new vulnerabilities found.

If you have any questions, please contact us via support@controlup.com.

ControlUp Security Team
Posted Dec 19, 2021 - 14:35 UTC
This scheduled maintenance affected: ControlUp Real-Time DX Services (Login Services).