Knowledge base for CVE-2021-44228

General Information

This page contains information and frequently asked questions and answers related to the recently published remote code execution (RCE) vulnerability affecting Log4j: https://www.lunasec.io/docs/blog/log4j-zero-day

CVE IDs	CVE-2021-44228 CVE-2021-45046

Are my ServiceRocket Cloud apps affected?

Product	Impact
Composition Tabs for Confluence	NOT AFFECTED
Connector for Salesforce & Confluence Cloud	NOT AFFECTED
Connector for Salesforce and Jira	NOT AFFECTED
Connector for Workplace and Jira (Beta)	NOT AFFECTED
Contact Views for Salesforce & JSM	NOT AFFECTED
Linking for Confluence	NOT AFFECTED
Publisher for Confluence Cloud to Salesforce	NOT AFFECTED
Reporting for Confluence	NOT AFFECTED
Scaffolding Forms & Templates	NOT AFFECTED
Security and Encryption for Confluence	NOT AFFECTED
Support Dashboards and Reports for JSM	NOT AFFECTED
Surveys for JSM	NOT AFFECTED
Visibility for Confluence	NOT AFFECTED
Birdview for Confluence	NOT AFFECTED
Google Data Studio for Jira	NOT AFFECTED
Attendance Taker for Classroom	NOT AFFECTED
Moderate for Workplace	NOT AFFECTED
Ourly/Emailless for Workplace	PATCHED
Salesforce Lead Bot for Workplace	PATCHED

Are my ServiceRocket Server apps affected?

Product	Impact
Classic Connector for Salesforce & Jira	NOT AFFECTED
Composition Tabs for Confluence	NOT AFFECTED
Connector for Google Drive & Confluence	NOT AFFECTED
Connector for Salesforce & Confluence Server & Data Center	NOT AFFECTED
Connector for Salesforce and Jira	NOT AFFECTED
Connector for Venafi & JSM (Beta)	PATCHED
Linking for Confluence	NOT AFFECTED
Page Approval for Confluence	NOT AFFECTED
Pathways Lite for Confluence	NOT AFFECTED
Pathways Pro for Confluence	NOT AFFECTED
Redirection for Confluence	NOT AFFECTED
Reporting for Confluence	NOT AFFECTED
Scaffolding Forms & Templates	NOT AFFECTED
SCORM Learning for Confluence	NOT AFFECTED
Security and Encryption for Confluence	NOT AFFECTED
Tracking Access for Confluence	NOT AFFECTED
Visibility for Confluence	NOT AFFECTED

Are my ServiceRocket Data Center apps affected?

Product	Impact
Classic Connector for Salesforce & Jira	NOT AFFECTED
Composition Tabs for Confluence	NOT AFFECTED
Connector for Google Drive & Confluence	NOT AFFECTED
Connector for Salesforce & Confluence Server & Data Center	NOT AFFECTED
Connector for Salesforce and Jira	NOT AFFECTED
Linking for Confluence	NOT AFFECTED
Reporting for Confluence	NOT AFFECTED
Scaffolding Forms & Templates	NOT AFFECTED
Security and Encryption for Confluence	NOT AFFECTED
Visibility for Confluence	NOT AFFECTED

How can I mitigate this exploit?

Ensure all ServiceRocket apps have been updated to the latest release and review Atlassian's FAQ for CVE-2021-44228 for more information.

How can I tell if my system has been compromised?

Unfortunately, ServiceRocket cannot confirm if your instance has been compromised. All security compromises are different, and we strongly recommend involving your local security team or a specialist security forensics firm for further investigation.