Contact Sales
previous icon Back to blog
Dec 14, 2021
2 minutes read
Platform

CM.com Response to the Log4J Vulnerability

On 10-12-2021 CM.com became aware of the Log4J security vulnerability also known as CVE-2021-44228. We would like to share with our customers how we've acted upon the zero-day vulnerability.

CM.com
CM.com

On 10-12-2021 CM.com became aware of the Log4J security vulnerability also known as CVE-2021-44228. Any software application using this popular Java logging library is vulnerable to a so-called ‘Remote Code Execution’. Whereby attackers are able to execute malicious code on the servers of the vulnerable party.

No Misuse Was Found

As a result of this, we directly started an internal investigating to determine the impact on the CM.com services. The conclusion from our security team is that no misuse was detected resulting from the Log4J vulnerability. We will continue to monitor the situation and improve our security on a daily basis.

Systems Are Updated

We’ve performed the following research and measures:

  • Updated our Web Application Firewall rules to filter malicious requests,
  • Scanned our own software,
  • Analyzed software and third-party applications we use in our own solutions following the guidelines published by the Dutch National Cyber Security Center,
  • If necessary performed updates and changes to mitigate any risks with Log4J,
  • Started a backward scan of log files to detect any possible exploitation before the mitigations
  • Intensify our Network Monitoring specifically for these possible exploits.

Update: CVE-2021-45046

15-10-2021 09.32 CET: A new vulnerability within Log4J has been discovered and filed under CVE-2021-45046. CM.com has taken notice of the new development and will mitigate this by updating our services where applicable.

For any questions surrounding this topic feel free to reach out to our support team.

Contact Us
Was this article interesting?
Share it!
Tags
CM.com
CM.com
logo linkedin icon
connects tens of thousands of companies with millions of consumers via their mobile phone each day. Behind the scenes, from our innovative platform, CM.com makes sure companies can use these millions of messages, phone calls and payments to become part of people’s lives.

Latest Articles

unlock-communication-excellence-with-cpaas
Jun 06, 2024 • CM.com

Unlock Communication Excellence With CPaaS

Diving deeper into CM.com's CPaaS approach in empowering business users to unlock Communication Excellence - a guest article by Quadrant Knowledge Solutions, a global advisory and consulting firm focused on helping clients in achieving business transformation goals with Strategic Business and Growth advisory services.
Protect Your Customers from Fraud With RCS Sender Verification
Jun 05, 2024 • RCS

Protect Your Customers from Fraud With RCS Sender Verification

Cybercrime and spam messaging is on the rise. Criminals attempt to impersonate trusted businesses in the hopes of scamming loyal customers out of their personal details, login credentials, and even banking information. This damages the trust between customers and businesses. How can you tell which messages are legit, and which ones aren't? RCS Business offers verified sender profiles, helping customers identify official business accounts so they can engage with business communication with confidence.
engage-platform-effect-customer-service
Apr 22, 2024 • CM.com

Happy Clients, Happy Agents: the Platform Effect in Customer Service

As a member of the customer service team, you stand on the front lines of customer interaction every day. In a world where customers demand quick and personalized service, long wait times, impersonal responses, or worse, incorrect answers, can quickly drive a customer away. Your goal, however, is to connect customers with your organization and deliver the best answers and service possible. It’s incredibly satisfying to see a customer leave a conversation happier and eager to purchase your product. Your efforts can significantly enhance the customer experience, but you need the right tools to truly excel. Integrating these tools into a platform amplifies your capabilities and lets you experience the power of the platform effect.
SMS Security
Apr 18, 2024 • Security

Secure Your Business With SMS OTPs and Alerts

In the current digital era, technological and online advances are rapidly growing, creating new ways for businesses to engage their customers. Unfortunately, where there is growth, there will be criminals trying to steal some of the profits. Protecting business data, customer information, and online accounts is a priority for every modern business. SMS security can help protect your business and your customers from online fraud and cyber crime.
customer lifetime value touch points in the journey blog explain
Oct 20, 2023 • Email

What Is DMARC and How Do You Implement It?

In our digital age, email threats loom large, with phishing and spoofing becoming increasingly sophisticated. DMARC is the powerful shield that businesses and individuals need. This authentication protocol ensures email integrity, safeguarding against domain impersonation and cyberattacks. In this article, we demystify DMARC, explaining its significance in bolstering email security.
messaging-fraud-and-prevention-for-businesses
Sep 25, 2023 • Security

Combat SMS Pumping (AIT) Fraud Effectively With CM.com

In this digital era, providing the optimal customer experience means connecting and engaging with your customers online on their favorite platforms and channels. Online (automated) customer engagement and A2P (application-to-person) messaging is bigger than ever, which unfortunately also means that messaging fraud is on the rise. Artificially Inflated Traffic (AIT) fraud has become an alarming issue in the telecommunications industry, but worry not! CM.com has built the perfect safeguard feature to protect your business endeavors from AIT fraud.
messaging-fraud-and-prevention-for-businesses
Sep 06, 2023 • Instant Messaging

A2P Messaging Fraud and Prevention for Businesses

Safeguarding company data against security threats should be on the top of the priorities list for every modern company. Especially since A2P, or application-to-person messaging fraud is on the rise. Read all about the different types of A2P fraud and what steps you can take to avoid being the next victim.
how-to-protect-your-customers-against-a2p-messaging-fraud
Sep 06, 2023 • Security

How to Protect Your Customers Against A2P Messaging Fraud

Protecting your data, and the data of your customers, is top priority for most modern companies. And it should be! Now that A2P (application-to-person) messaging is bigger than ever, A2P messaging fraud is also on the rise. As a business, you can protect yourself against threats by implementing certain security measures, but you're not the only target. Criminals will also attempt to scam or deceive your customers! Let's take a look at the types of A2P messaging fraud your customers can face, and what measures can be taken against them.
The Software Debate: CPaaS vs Saas
Sep 05, 2023 • Messaging

The Software Debate: DIY, CPaaS, or SaaS?

Every business wants to communicate with its customers, whether for marketing, support, or operational purposes. But to do so, you'll need a way to get in touch with your customers- a communications platform. You can build software from scratch, integrate third-party software into your own systems, or implement new software all together. Are you still pondering the correct approach for your business? Then let's figure it below!
CM.com logo
f facebook icon f github icon image.icon.alt.f-instagram f linkedin icon f twitter icon f youtube icon

Choose Your Region

Select a region to show relevant information. This may change the language.

Our Suggestion
United States
English
Africa
next icon
South Africa
English
Asia
next icon
China
中文
Hong Kong SAR China
中文
India
English
Japan
日本語
Singapore
English
United Arab Emirates
English
United Arab Emirates
العربية
Europe
next icon
Belgium
Nederlands
Belgium
Français
Denmark
Dansk
France
Français
Germany
Deutsch
Italy
Italiano
Netherlands
Nederlands
Spain
Español
Sweden
Svenska
United Kingdom
English
North America
next icon
United States
English
Is your region not there?
language icon
Global
English
Is this region a better fit for you?
Go
close icon