All systems are operational

Past Incidents

Monday 27th December 2021

No incidents reported

Sunday 26th December 2021

No incidents reported

Saturday 25th December 2021

No incidents reported

Friday 24th December 2021

No incidents reported

Thursday 23rd December 2021

No incidents reported

Wednesday 22nd December 2021

No incidents reported

Tuesday 21st December 2021

Apache Log4j RCE Vulnerability (CVE-2021-44228 & CVE-2021-45046)

Due to recent developments regarding a major vulnerability on Apache Foundations' Log4j software package, we are currently investigating all managed servers, and are patching those that require it accordingly.

We will be updating this notice as and when we have more information concerning this matter.

UPDATE (17:30 13/12)

We are continuing to work on all managed servers, and will be in contact if your server has been affected or has had work carried out to mitigate the vulnerability.

All of our core servers (including backups, shared hosting, and similar utilities) have been checked, and appropiate works carried out where applicable.

UPDATE (10:00 14/12)

We have continued to work on all managed servers overnight, and will be in contact if your server has been affected or has had work carried out to mitigate the vulnerability.

At this time we have identified the following common services to be vulnerable:

  • Cisco Firepower Threat Defense (FTD) (managed by Firepower Device Manager (FDM))

  • Adobe ColdFusion Versions 2018 & 2021

  • cPanel Solr (Dovecot plugin)

(Note: this is not an exhaustive list)

If you are unsure about the vulnerability of any software package then we strongly recommend that you contact the vendor for more information, or check their website(s) for more information.

UPDATE (09:30 15/12)

We have continued to work on all managed servers overnight, and will be in contact if your server has been affected or has had work carried out to mitigate the vulnerability.

We are continuing to monitor updates from software vendors in order to provide the most up-to-date solutions to this vulnerability.

UPDATE (13:30 15/12)

We are continuing to work on all managed servers, and will be in contact if your server has been affected or has had work carried out to mitigate the vulnerability.

We are also reviewing the recently announced CVE-2021-45046, and how best to ensure that this is also mitigated in software updates/remediation actions as part of the response to CVE-2021-44228.

UPDATE (17:00 15/12)

We are continuing to work on all managed servers, and will be in contact if your server has been affected or has had work carried out to mitigate the vulnerability. These works will continue overnight.

We have reviewed CVE-2021-45046 and have restrospectively applied any further mitigations where required.

UPDATE (09:30 16/12)

We are continuing to work on all managed servers, and will be in contact if your server has been affected or has had work carried out to mitigate the vulnerability.

We have reviewed CVE-2021-45046 and have restrospectively applied any further mitigations where required.

UPDATE (13:30 16/12)

We are continuing to work on all managed servers, and will be in contact if your server has been affected or has had work carried out to mitigate the vulnerability.

We have reviewed CVE-2021-45046 and have restrospectively applied any further mitigations where required.

UPDATE (17:00 16/12)

We are continuing to work on all managed servers, and will be in contact if your server has been affected or has had work carried out to mitigate the vulnerability.

We have reviewed CVE-2021-45046 and have restrospectively applied any further mitigations where required.

UPDATE (09:30 17/12)

We are continuing to work on all managed servers, and will be in contact if your server has been affected or has had work carried out to mitigate the vulnerability.

We have reviewed CVE-2021-45046 and have restrospectively applied any further mitigations where required.

UPDATE (13:00 17/12)

We are continuing to work on all managed servers, and will be in contact if your server has been affected or has had work carried out to mitigate the vulnerability.

We have reviewed CVE-2021-45046 and have restrospectively applied any further mitigations where required.

UPDATE (10:30 21/12)

We are continuing to work on all managed servers, and will be in contact if your server has been affected or has had work carried out to mitigate the vulnerability.

We are also now reviewing CVE-2021-45105 as an update over the previous two CVEs (CVE-2021-44228 & CVE-2021-45046), regarding Log4j.