Situation - What happened?
On December 9, 2021, it was reported and Apache confirmed that a new vulnerability was identified impacting Apache Log4j utility. For additional details on the Log4Shell vulnerability see CVE-2021-44228
What is the impact?
This could impact many companies that do business on the internet. Our priority is the security and integrity of our systems and data. In accordance with Mediaocean’s incident response plan, we have been analyzing and we continue to actively analyze the exposure of our application suites for both Mediaocean and Flashtalking by Mediaocean solutions, and we are continuing with our thorough review of our application logs by leveraging code scanning tools including industry-standard static analysis tools. We continue to monitor our systems, and to date we do not have any evidence of our systems being compromised by the Log4j vulnerability. We will continue to assess the impact and remediate or mitigate as required.
Flashtalking Application Details
The Flashtalking application suite has limited exposure that does not impact Ad Serving or customer assets. Patches addressing this issue will be completed over the course of the week.
Mediaocean Product Details
Buyer Workflow (Prisma)
Prisma has limited exposure that does not impact any customer data, and the affected areas will be hot fixed this week.
Spectra O/X
Spectra O/X has limited exposure that does not impact any customer data, and patches addressing this will be completed by Friday.
Spectra D/S
Spectra D/S has limited exposure that does not impact any customer data, and patches addressing this will be completed by Friday.
Social Ads (Scope)
Scope was not impacted by this issue.
Media Finance (Ignitia)
Ignitia was not impacted by this issue.
Global Plans (Lumina)
Lumina was not impacted by this issue
Estimates and Costs (Aura)
Aura has limited exposure that does not impact any customer data, and the affected areas will be patched this week.
Deal Maker
Deal Maker was not impacted by this issue.
A/V
A/V was not impacted by this issue.
Additional measures
- Our firewall vendor has updated Intrusion Protection/Detection with a profile for this vulnerability. This adds another layer of protection to many environments. Currently, our firewalls are running secure versions and do not require any additional patching.
- Mediaocean has deployed a host-based intrusion detection system to production hosts, which provides active 24/7 intrusion mitigation and alerting, a dashboard highlighting any attempted exploits of the vulnerability on monitored servers not blocked, and a listing of executions that show Log4j use.
- Our Operations team is reviewing common server services and vendor updates.
For additional information, please reach out to our Tech team at tech@mediaocean.com