Known Issues
- 11 Jan 2022
- 1 Minute To Read
- Print
- DarkLight
- PDF
Known Issues
- Updated On 11 Jan 2022
- 1 Minute To Read
- Print
- DarkLight
- PDF
Article summary
This page outlines known issues affecting Mambu and its services, including the Mambu Process Orchestrator, Connectors, and APIs. A significant concern is the Log4j vulnerability, known as Log4Shell. Mambu has been actively addressing this security threat, confirming that all affected services have been updated, Web Application Firewall (WAF) rules have been implemented, and traffic from anonymizer services like TOR is blocked. A dedicated external penetration test focused on this vulnerability has shown no further issues. Additionally, users of the Mambu Process Orchestrator may experience UI problems after an update if they were logged in during the process. The recommended solution is to clear the browser cache and log in again. The information was last updated in January 2022, and Mambu continues to monitor the situation for any further developments.
Did you find this summary helpful?
Thank you for your feedback
This page describes any known issues affecting Mambu, Mambu Process Orchestrator, our Connectors, our APIs, or any other Mambu services or tools.
| Product or Feature | Issue | Comments and/or Remediation Steps | Date Added |
|---|---|---|---|
| All Mambu Products | Log4j vulnerability Log4Shell | Mambu has been actively managing and mitigating threats associated with the recently disclosed security issue Log4Shell (initially CVE-2021-44228 - Log4j2, and other related ones). We continue to actively monitor the situation and we will provide new updates and new posts as required. At this moment we can confirm that all identified affected Mambu services were updated, related WAF rules have been deployed, traffic from anonymizer services such as TOR are blocked, and a dedicated external penetration test with only that particular library in scope has been conducted without any further findings. | Jan 2022 |
| Mambu Process Orchestrator (MPO) | After an update, the UI may sometimes have problems for any user who was logged in while the update occurred. | Clear your browser cache and log in again. | Jan 2022 |
Was this article helpful?
