Hi GNU Project Team, The Log4j questionnaire sent on *Feb 15, 2022*, is overdue. Zoom requires this information in order to ensure no further compromise due to the vulnerability. Please submit the questionnaire as soon as possible.
Thank you for doing your part in protecting Zoom! Zoom Third Party Risk Management On Wed, Feb 16, 2022 at 5:55 AM Third Party Risk Management < [email protected]> wrote: > Hi GNU Project Team, > > > > Zoom needs your assistance regarding the recent Apache Log4j > vulnerability. Log4j is a Java-based logging utility. Older versions are > vulnerable to remote code execution (RCE) attacks, where an attacker could > be able to modify logging configuration files. In order to provide > assurance to our customers, Zoom is conducting outreach to our third > parties to mitigate the potential risk of compromise due to these > vulnerabilities. > > As a third party to Zoom, we are requesting that your company complete the > attached questionnaire by *February 18, 2022 (Friday)*. Please provide > any supporting documentation on your company’s formal response to how you > are addressing the vulnerability. > > Your response must cover the following products/applications in use at > Zoom: > > - > > GNU Parallel > > > If you have any questions or concerns, please reach out to [email protected]. > Thank you for your participation! > > Zoom Third Party Risk Management > > -- > [image: Zoom Logo for Email Signature.png] <https://zoom.us/> > > *Third Party Risk Management* > > Zoom Video Communications > [image: Zoomtopia] > <https://explore.zoom.us/docs/ent/10yr-aniversary-12.html> >
Zoom_Vendor Questionnaire_Log4j Vulnerability.docx
Description: MS-Word 2007 document
