Welkin Health incident

Update regarding Log4j Day Zero vulnerability

Notice Resolved View vendor source →

Welkin Health experienced a notice incident on December 11, 2021 affecting Care and Designer and 1 more component, lasting 13s. The incident has been resolved; the full update timeline is below.

Started
Dec 11, 2021, 09:19 AM UTC
Resolved
Dec 11, 2021, 09:19 AM UTC
Duration
13s
Detected by Pingoru
Dec 11, 2021, 09:19 AM UTC

Affected components

CareDesignerAdmin

Update timeline

  1. investigating Dec 11, 2021, 09:19 AM UTC

    I'm sure that many of our customers are aware, we are using Java as our backend service. on 12/10/2021, Day Zero vulnerability was discovered in Log4j library. While we do not use that library directly and are not exposed to the vulnerability, we still followed recommended steps to mitigate the issue, to exclude possibility of the exploit. You can read more about it here: https://nvd.nist.gov/vuln/detail/CVE-2021-44228

  2. resolved Dec 11, 2021, 09:19 AM UTC

    This incident has been resolved.