|
From: | Third Party Risk Management |
Subject: | Re: GNU Project (GNU Parallel) | Zoom Log4j Vulnerability Questionnaire |
Date: | Tue, 22 Feb 2022 01:32:25 +0800 |
Hi GNU Project Team,
Zoom needs your assistance regarding the recent Apache Log4j vulnerability. Log4j is a Java-based logging utility. Older versions are vulnerable to remote code execution (RCE) attacks, where an attacker could be able to modify logging configuration files. In order to provide assurance to our customers, Zoom is conducting outreach to our third parties to mitigate the potential risk of compromise due to these vulnerabilities.
As a third party to Zoom, we are requesting that your company complete the attached questionnaire by February 18, 2022 (Friday). Please provide any supporting documentation on your company’s formal response to how you are addressing the vulnerability.
--Your response must cover the following products/applications in use at Zoom:
GNU Parallel
If you have any questions or concerns, please reach out to TPRM@zoom.us. Thank you for your participation!
Zoom Third Party Risk Management
Zoom_Vendor Questionnaire_Log4j Vulnerability.docx
Description: MS-Word 2007 document
[Prev in Thread] | Current Thread | [Next in Thread] |