The Auvik team has completed a thorough investigation of CVE-2021-44228 (https://www.cve.org/CVERecord?id=CVE-2021-44228) and how it may impact the Auvik product. The investigation concluded that the affected version of log4j was in use in some Auvik cloud components, and our team subsequently took steps to remediate and update all systems to ensure our customers are protected.
While we have now completed all remediation steps to ensure all systems are not vulnerable, our team continues to monitor the situation as new information becomes available.
There is no action required by Auvik customers and partners to remain secure. We can confirm there has been no successful attack against our infrastructure.
Thank you for your understanding as the team at Auvik, and the entire industry, has worked through the impact of this situation.