Support #12703
[SCP ID :##6073##] : Apache Log4j
| Status: | Closed - End of life cycle | Start date: | December 21, 2021 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: |  Zahir Abd Latif | % Done: | 100% | |
| Category: | MY RIB | Spent time: | - | |
| Target version: | - |
Description
Hi,
Kindly attend below request:-
Due to the discovery of the Apache log4j v2 (CVE-2021-44228) vulnerability, BNM's Cyber Risk Supervision Unit would like to carry out a quick industry stock take to measure the status of impacted institutions and their mitigation/remediation plans.
Please help to confirm whether the KFH application under your care below is using Apache Log4j?
· eBanking
· CMS
· IBG
· KFHMB Website
· Or any other related Penril application
Kindly confirm on this matter latest by tomorrow (22/12/2021), at 2:00PM.
History
#1
Updated by Zahir Abd Latif over 2 years ago
- Status changed from New - Begin Life Cycle to Closed - End of life cycle
- Assignee changed from Hafizudin MD to Zahir Abd Latif
- % Done changed from 0 to 100
Hafiz, Dec 21, 2021:-
Below are the list of system that used log4j: kfh_consumer kfh_bib kfh_corus IBGCore bulkpayment bibreport ibutils ESBWebService EPAYWS CreditCard_WS Fraud_Detection RPP_WS Just to remind you, the below list is not used anymore and should be remove from server kfh_bib_labuan kfh_corus_labuan