Response to LOG4J vulnerability
WHOIS API, Inc. is a highly distributed, globally deployed platform, and ensuring the security of all our users is a top priority for us. Our engineering and security teams have been urgently assessing any potential impact on our system following the recent Log4J/Log4Shell vulnerability announcement (CVE-2021-44228).
An initial analysis has shown that appropriate mitigations are in place to protect our customer data and system integrity and that our system's security has not been breached. Due to the distributed nature and complexity of our platform, we are continuing our analysis to formally confirm that all possible attack vectors relating to this vulnerability have been identified and that required mitigations have been implemented.
The next update will be posted when we have completed the final analysis. For more information, please contact us at [email protected].
- Jonathan Zhang, WhoisXML API CEO
Reference:
- NIST Vulnerability Database: https://nvd.nist.gov/vuln/detail/CVE-2021-44228
- CISA: https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance