Worksphere is aware of the following Apache Log4j Remote Code Execution Vulnerabilities. We have conducted a detailed investigation for these CVEs:
The Worksphere core platform runs on non-JVM (non-Java) based runtimes. At this time, we have identified no impact to core Worksphere functionality. Additionally, we have patched one Java-based auxiliary service as a precaution, and have verified that it was not compromised or vulnerable.
Worksphere’s layered defense includes technologies and controls to prevent these types of threats, and we will continue to monitor for any affected services and patch or remediate as required.
If you have questions, please contact Worksphere Support. For more information and technical details, please see https://www.lunasec.io/docs/blog/log4j-zero-day/
Thank you,
The Worksphere Team