Dec 16, 2021

IPFS Corporation (IPFS) is actively responding to the reported remote code execution vulnerability specific to the Apache Log4j library or the Log4Shell/LogJam vulnerability. IPFS has investigated the issue, and at this time, we have no indication that our core systems that run our SaaS applications are affected by this vulnerability.

IPFS does not use any popular java frameworks, including Apache Struts2, Apache Solr, Apache Druid, and Apache Flink. In addition, IPFS is in contact with third party vendors to monitor any applications that may be vulnerable.

IPFS continues to monitor our endpoint protection systems for any newly introduced resources, and we have configured Infrastructure and Security tools to alert us of any indication of compromise (IOCs) that are available.

IPFS will continue to follow this issue and make appropriate changes to systems as recommended by various industry leaders to ensure a secure and reliable solution.

Data protection at IPFS is a top priority. Technical and procedural controls to remediate existing technology risks and proactively address emerging threats are part of our standard methodology. For more information, contact us here.