Tickit Systems Response to Log4J (CVE-2021-44228) Vulnerability

There has been considerable attention on a vulnerability (CVE-2021-44228) first reported on Friday, 10 December 2021, regarding specific versions of the Apache Log4J logging service. Tickit Systems takes all threats to our systems, our clients and their data very seriously.

Once Tickit Systems was made aware of the Log4j vulnerability, we immediately commenced an audit of all Tickit Systems’ products, hosted environments and third-party systems.

We can advise;

  1. No Tickit Systems supplied product or service uses the Log4J Logging service,
  2. No Tickit Systems managed hosting environments use the Log4J Logging service,
  3. Tickit Systems has received confirmation from our suppliers that they are not affected by this vulnerability.

Therefore, Tickit Systems can confirm that our applications, hosted environments and third-party systems are not affected by the Log4J (CVE-2021-44228) vulnerability.

If you believe you may be impacted by this issue, Tickit Systems recommends following the guidance of the Australian Cyber Security Centre.