Outage in Inline Manual

Log4j RCE vulnerability mitigation

Resolved Minor
December 16, 2021 - Started about 3 years ago - Lasted 3 months
Official incident page

Need to monitor Inline Manual outages?
Stay on top of outages with IsDown. Monitor the official status pages of all your vendors, SaaS, and tools, including Inline Manual, and never miss an outage again.
Start Free Trial

Outage Details

Incident ongoing since December 11th. We're following the evolution of the situation around CVE-2021-45046. Our Engineering and Security teams started to work on log4j incident on December 10th in the morning EU time and updated, mitigated or removed the vulnerable log4j packages from our environment. No misuse has been detected and active threat hunting continues. Our mitigation actions: - Updated log4j where possible - Scanned logs retrospectively one month back for various scenarios - Our security team is still actively hunting for signs of exploitation The service affected is not directly accessible through internet. It sits within our private network. The request can be made through an API which goes through application first, not passing any headers and it correctly sanitizes all user entered content. This has been verified and confirmed. The service itself logs only minimum information, none of the user entered content makes it through to the logs. The attacker would need to be logged in to Inline Manual Portal or have API Access Tokens to be able to communicate indirectly through the API with the service - we have not detected any attempts to do so.
Latest Updates ( sorted recent to last )
MONITORING about 3 years ago - at 12/18/2021 09:24AM

We are closely following Log4j vulnerability evolution and the latest release of Log4j 2.17.0.

As we have fully removed Log4j packages from our infrastructure, we are not affected by newly found issues within Log4j packages.

MONITORING about 3 years ago - at 12/16/2021 10:35AM

Incident ongoing since December 11th.
We're following the evolution of the situation around CVE-2021-45046.

Our Engineering and Security teams started to work on log4j incident on December 10th in the morning EU time and updated, mitigated or removed the vulnerable log4j packages from our environment.

No misuse has been detected and active threat hunting continues.

Our mitigation actions:
- Updated log4j where possible
- Scanned logs retrospectively one month back for various scenarios
- Our security team is still actively hunting for signs of exploitation

The service affected is not directly accessible through internet. It sits within our private network.
The request can be made through an API which goes through application first, not passing any headers and it correctly sanitizes all user entered content. This has been verified and confirmed.
The service itself logs only minimum information, none of the user entered content makes it through to the logs.
The attacker would need to be logged in to Inline Manual Portal or have API Access Tokens to be able to communicate indirectly through the API with the service - we have not detected any attempts to do so.

Latest Inline Manual outages

Authoring Tool Unavailable - about 1 year ago
Degraded performance - People tab - almost 2 years ago
Google Cloud Downtime - All apps - about 3 years ago

Need to know when vendors go down? You’re in the right place

With IsDown, you can monitor all your critical services' official status pages from one centralized dashboard and receive instant alerts the moment an outage is detected. Say goodbye to constantly checking multiple sites for updates and stay ahead of outages with IsDown.

Start free trial

No credit card required · Cancel anytime · 3278 services available

Integrations with Slack Microsoft Teams Google Chat Datadog PagerDuty Zapier Discord Webhook

Setup in 5 minutes or less

How much time you'll save your team, by having the outages information close to them?

14-day free trial · No credit card required · Cancel anytime