Dear Valued Partner,

As you may have heard, a recently discovered flaw in commonly used software is raising concerns over unauthorized access risks. CVE-2021-44228, also known as Log4J, was announced on December 10, 2021, as a high severity vulnerability that is being actively exploited in the wild. When exploited, unauthenticated remote codes can be executed, compromising systems that are accessible on the internet. This is a global issue that impacts Apache Log4j 2 installations.

At Supplies Network, we have a dedicated security team that continually monitors our systems and networks for vulnerabilities, which now includes CVE-2021-44228. We have already begun our remediation plans and are working closely with our partners as they develop and provide updates and patches for their tools. We expect minimal or no meaningful impact at this time.

We strive to keep our customers informed on any critical issues that may have a potentially widespread impact. We will send updates based on any change in status.

As always, thank you for your business.

The Supplies Network Team