Applies to these roles: Admin

In December 2021, the Apache Software Foundation discovered a security vulnerability (CVE-2021-44228, CVE-2021-45046, CVE-2021-4104) in Apache Log4j, a Java library. The vulnerability allows attackers to trigger remote code execution or denial of service.

The good news is your Rise data is secure.

Rise.com isn't susceptible to the Apache Log4j exploit, and your Personal Identifiable Information (PII) isn't compromised.

We followed our vulnerability monitoring policy, investigated the Apache Log4j issue, and determined that we only use the Java library in an internal reporting tool. We mitigated the issue by updating the Log4j library to version 2.16.0. We found no indication of exploits in our internal reporting tool nor any compromised data.

We take security seriously. If you have any questions, contact us at help@rise.com. Visit the Rise security page for more information about our security efforts.

Did this answer your question?