Applies to these roles: Admin
In December 2021, the Apache Software Foundation discovered a security vulnerability (CVE-2021-44228, CVE-2021-45046, CVE-2021-4104) in Apache Log4j, a Java library. The vulnerability allows attackers to trigger remote code execution or denial of service.
The good news is your Rise data is secure.
Rise.com isn't susceptible to the Apache Log4j exploit, and your Personal Identifiable Information (PII) isn't compromised.
We followed our vulnerability monitoring policy, investigated the Apache Log4j issue, and determined that we only use the Java library in an internal reporting tool. We mitigated the issue by updating the Log4j library to version 2.16.0. We found no indication of exploits in our internal reporting tool nor any compromised data.