AdmiralCloud uses mainly AWS for its infrastructure. Below you can find a list of services used and how Log4j2 issues is handled by AdmiralCloud and/or AWS.
Only VPC, Load Balancing, S3 and Cloudfront are publicly available. No AdmiralCloud servers or service run on Java, no Apache web servers are in use.
| AWS_Service | Updated/Fixed | Summary |
|---|---|---|
| Athena | 2021-12-17 | Amazon Athena has been updated to mitigate the issues identified in CVE-2021-44228. All versions of the Amazon Athena JDBC driver vended to customers were not affected by this issue. |
| Certificate Manager | 2021-12-17 | AWS Certificate Manager services have been updated to mitigate the issues identified in CVE-2021-44228. |
| Cloudfront | 2021-12-12 | Amazon CloudFront services have been updated to mitigate the issues identified in CVE-2021-44228. The CloudFront request handling services that run in our POPs are not written in Java and therefore were not affected by this issue. |
| Cloudwatch | 2021-12-15 | Amazon CloudWatch services have been updated to mitigate the issues identified in CVE-2021-44228. |
| EC2 | 2021-12-11 | We are not using Java applications. All instances are up-to-date in regard to the OS. |
| KMS | 2021-12-15 | AWS KMS has been updated to mitigate the issues identified in CVE-2021-44228. |
| Lambda | AWS Lambda does not include Log4j2 in its managed runtimes or base container images. These are therefore not affected by the issue described in CVE-2021-44228 and CVE-2021-45046. We are not using Java applications there. | |
| Load Balancing | 2021-12-16 | Elastic Load Balancing services have been updated to mitigate the issues identified in CVE-2021-44228. All Elastic Load Balancers, as well as Classic, Application, Network and Gateway, are not written in Java and therefore were not affected by this issue. |
| Opensearch | 2021-12-16 | Amazon OpenSearch Service has released a critical service software update, R20211203-P2, that contains an updated version of Log4j2 in all regions. We strongly recommend that customers update their OpenSearch clusters to this release as soon as possible. ES MC Cluster update has been completed 16.12.2021, 05:53:37. ES Stat Cluster update has been completed 16.12.2021, 02:47:25. |
| RDS | 2021-12-17 | Amazon RDS and Amazon Aurora have been updated to mitigate the issues identified in CVE-2021-44228. |
| Route53 | 2021-12-16 | Route 53 has been updated to mitigate the issues identified in CVE-2021-44228. |
| Secrets | 2021-12-15 | AWS Secrets Manager has been updated to mitigate the issues identified in CVE-2021-44228. |
| SQS | 2021-12-15 | Amazon Simple Queue Service (SQS) completed patching for the Apache Log4j2 issue (CVE-2021-44228) for SQS’s data ingress and egress on December 13, 2021. We have also completed patching all other SQS systems that used Log4j2. |
| S3 | 2021-12-11 | Amazon S3 completed patching for the Apache Log4j2 issue (CVE-2021-44228) for S3’s data ingress and egress on December 11, 2021. We have also completed patching all other S3 systems that used Log4j2. |
| VPC | 2021-12-17 | Amazon VPC, including Internet Gateway and Virtual Gateway services, have been updated to mitigate the Log4j issue referenced in CVE-2021-44228. |