Boeing and the Log4J Vulnerability
Created Date:
Dec 2021
Article ID:
000010531
Version:
4
Environment:
N/A
Document Type(s):
--
Related Products: --
Boeing is taking the risks associated with Log4j seriously. Our teams are working to identify vulnerable applications and detect potential attacks, and we are taking every action possible to mitigate risk to our systems.
We have directed suppliers to review their environments and the software services they provide, and address Log4j-related vulnerabilities in accordance with the latest guidance from CISA.
Boeing will continue to work with information sharing organizations, government partners, and suppliers to collect additional information about Log4j and any potential impact to Boeing.
We are continuing to identify, address, and mitigate flaws in our deployed systems, understanding that technical details about the Log4j flaw and the patches needed to remediate it are continuing to evolve. At this time, we have seen no evidence of intrusion or unauthorized activity.
We have directed suppliers to review their environments and the software services they provide, and address Log4j-related vulnerabilities in accordance with the latest guidance from CISA.
Boeing will continue to work with information sharing organizations, government partners, and suppliers to collect additional information about Log4j and any potential impact to Boeing.
We are continuing to identify, address, and mitigate flaws in our deployed systems, understanding that technical details about the Log4j flaw and the patches needed to remediate it are continuing to evolve. At this time, we have seen no evidence of intrusion or unauthorized activity.