On December 10, 2021, NIST published details of a critical vulnerability (CVE-2021-44228) in Apache Log4j.
The Conferences i/o team has reviewed the details of this vulnerability and determined that the core Conferences i/o service is not impacted (the product's technology stack has never included Apache Log4j).
The Conferences i/o team has also reviewed the potential impact of this vulnerability to vendors providing ancillary support for business operations (for example, CRM software and project management software). As of December 20, 2021, no impact to these vendors has been found.
Further updates will be posted to this knowledge base article as necessary.
If you have any additional questions, please contact customer support.