Reckon products and the Log4j vulnerability
Community Manager
RECKON PRODUCTS AND THE LOG4J VULNERABILITY
On Dec 9 2021, a remote code execution (RCE) vulnerability in Apache log4j 2.x was identified being exploited in the wild.
Public proof of concept (PoC) code was released and subsequent investigation revealed that exploitation was incredibly easy to perform. This has been identified as CVE-2021-44228 in Common Vulnerabilities and Exposures listings and is also known as Log4Shell.
For further information consult the NIST Listing here: https://nvd.nist.gov/vuln/detail/CVE-2021-44228
Reckon has conducted a full investigation throughout its source code and can confirm that no Reckon product was, or is, vulnerable to CVE-2021-44228.
Additionally, Reckon is assessing all suppliers that are significant sub-processors of Reckon Customer data, and is pleased to report that the vast majority are not impacted by CVE-2021-44228 and where they are, mitigation actions are taking place. You can view our list of sub-processors here
Reckon will continue to monitor for any future developments in regards to this vulnerability and take further action if required.
Categories
- 18.3K All Categories
- 6.3K Accounts Hosted
- 5.7K Reckon Accounts (Desktop)
- 10 PaySauce for Reckon Accounts NZ
- 977 Reckon Payroll App
- 12 Payroll App - Help Videos
- 13 Reckon Mate App
- 2.9K Reckon One
- 8 Reckon Invoices App
- 12 Reckon Insights
- 105 Reckon API
- 773 Payroll Premier
- 290 Point of Sale (Desktop)
- 1.8K Personal Plus and Home & Business
- 57 About Reckon Community