January 06, 2022
Final Updates on Log4j Vulnerability
Freshworks has completed a full assessment of our possible exposure to log4j. We have updated and/or patched all vulnerable instances of Java and, further, have had no indication of any compromise to our environment.

 

December 21, 2021
Updates on Log4j Vulnerability CVE-2021-44228, CVE-2021-45046 & CVE-2021-45105
Freshworks continues to monitor for all the vulnerabilities disclosed recently related to the Apache log4j2 vulnerability. We have completed the upgrade of all the components using the vulnerable versions of log4j to v2.16. We are also further evaluating upgrading to v2.17 and will continue to post updates on our progress here.

 

December 16, 2021
Updates on Log4j Vulnerability CVE-2021-44228 & CVE-2021-45046
Freshworks continues to follow our vulnerability management process in patching Freshworks products and services to address the Apache Log4j2 vulnerabilities referenced in CVE-2021-44228 and CVE-2021-45046. We will continue to post updates on our progress here.

 

December 15, 2021
Update on Log4j Vulnerability CVE-2021-45046
We at Freshworks became aware of the added CVE-2021-45046 late yesterday and were able to quickly reset in terms of efforts related to upgrading and/or patching any vulnerable products and services. We will continue to update this site as we make progress.

 

December 14, 2021
Update on Log4j Vulnerability CVE-2021-44228
We have applied temporary patches/fixes until we are able to identify and apply more permanent solutions which we expect to be complete by December 28, 2021. We will provide further updates on this page once the activity is completed.

 

December 13, 2021
Log4j Vulnerability CVE-2021-44228
We at Freshworks take the security of our customers’ data seriously. We are aware of the recently disclosed Apache Log4j2 vulnerability (CVE-2021-44228) and are actively monitoring this issue. We are working to identify and patch any Freshworks products or services that may use the vulnerable component Log4j2.

For more information, please review CVE-2021-44228 and the Apache Log4j2 post. We appreciate your trust in us as we continue to make your success our top priority.