Forum Discussion

SuhazHari-75c5f's avatar
SuhazHari-75c5f
Community Member
3 years ago

Log4j vulnerability

Does the Log4j vulnerability affect Articulate 360? If someone could share some information about this I would appreciate it.

  • Hello Suhaz, and welcome to E-Learning Heroes. 😊

    Thank you for reaching out regarding the Apache Log4j vulnerability.

    Your data is secure. Articulate 360 and Rise.com aren't susceptible to the code injection exploit in Apache Log4j (CVE-2021-44228), and none of our customers' PII (Personal Identifiable Information) is compromised. Check out this article for more details. Let me know if you need anything else!

    • ViktorNagy-a81f's avatar
      ViktorNagy-a81f
      Community Member

      Hi Leslie, how about Storyline 3? Is that version or its output susceptible?

       

      Best regards, Viktor Nagy

      • BeccaLevan's avatar
        BeccaLevan
        Community Member

        Hey Viktor, great follow-up question! 

        The information Leslie shared also applies to Storyline 3. We only use the Java library in an internal reporting tool, and we mitigated the issue by configuring the system properties that the Apache Log4j vulnerability targeted. We found no indication of exploits in our internal reporting tool nor any compromised data.

        Articulate Data Is Safe from the Apache Log4j Vulnerability

  • JoeFrancis's avatar
    JoeFrancis
    Community Member

    Couldn't resist. From The Cyber Security Hub on LinkedIn.

  • ChalTutan's avatar
    ChalTutan
    Community Member

    It is possible that Articulate 360 could be affected by a vulnerability in Log4j. Log4j has had several vulnerabilities over the years, some of which could potentially be exploited to compromise the security of applications that use it. However, without more information about the specific vulnerability in question and how it might be exploited, it is difficult to determine whether Articulate 360 is affected.

    It is important to note that vulnerabilities can be discovered and fixed over time, so it is always a good idea to ensure that you are using the latest version of any software that you rely on. This includes keeping your operating system, web browsers, and other applications up to date with the latest security patches. Vulners is a search engine for security intelligence. It provides a comprehensive and customizable platform for searching, tracking and analyzing vulnerabilities, exploits, patches and updates. Vulners allows users to search for security information on a variety of sources such as CVE (Common Vulnerabilities and Exposures), NVD (National Vulnerability Database), OSVDB (Open Source Vulnerability Database), CERT and more. The engine is equipped with analytics and visualization tools, including a heat-map visualizer which helps users to better understand the security posture of their system. Additionally, Vulners allows users to access the CVE alert wall that displays the most common vulnerabilities and their overall severity and risk.