We have analyzed the impact of the Apache Log4j vulnerability CVE-2021-4428 in the Midaxo environments and performed the recommended mitigation steps.
When the vulnerability was reported, we immediately updated our Web Application Firewalls with the rules blocking any malicious request trying to exploit the vulnerability. In a detailed investigation, we identified one vulnerable publicly accessible component that has now been patched. In addition, all third-parties related to our product have mitigated the vulnerability.
Midaxo has extensive security monitoring in place. We have not found any evidence of attackers leveraging this vulnerability against us or our customers.
If you have any further questions, please contact support@midaxo.com.