Innovo experienced a notice incident on December 10, 2021 affecting Customer Portal, lasting —. The incident has been resolved; the full update timeline is below.
Affected components
Customer Portal
Update timeline
- resolved Dec 13, 2021, 03:13 PM UTC
As you may be aware, a critical vulnerability (CVE-2021-44228) was recently discovered in Log4j, a java library that is used by millions of software applications including Innovo. This vulnerability affects versions 2.0 to 2.14.1. We are currently using version 1 which is not affected. No updates to our service are needed at this time. Please see https://nvd.nist.gov/vuln/detail/CVE-2021-44228 for more information. If you have any questions, please reach out to us at [email protected].