Apigee incident

Log4j Vulnerability - CVE-2021-44228

Notice Resolved View vendor source →

Apigee experienced a notice incident on December 10, 2021 affecting API Services and Edge Private Cloud - API Platform, lasting 5h 5m. The incident has been resolved; the full update timeline is below.

Started
Dec 10, 2021, 04:49 PM UTC
Resolved
Dec 10, 2021, 09:55 PM UTC
Duration
5h 5m
Detected by Pingoru
Dec 10, 2021, 04:49 PM UTC

Affected components

API ServicesEdge Private Cloud - API Platform

Update timeline

  1. investigating Dec 10, 2021, 04:49 PM UTC

    Apigee acknowledges the reports received regarding the potential vulnerability of log4j - https://nvd.nist.gov/vuln/detail/CVE-2021-44228 . We are actively investigating the impact, and at this stage we have yet to determine the scope of impact within Apigee’s core infrastructure. This space will be updated with findings.

  2. resolved Dec 10, 2021, 09:55 PM UTC

    Apigee has conducted a detailed investigation and we believe that the Edge and OPDK products are not vulnerable to this exploit.