
Get the report
More
Companies of all sizes are facing heightened cyber security threats in response to state actors, increasing supply chain attacks and open source vulnerabilities. Keeping customers informed, enabled and protected is Sumo Logic's highest priority.
September 28, 2023
Sumo Logic is aware of the vulnerabilities (CVE-2023-5129 and CVE-2023-4863) that Google published indicating a critical vulnerability in libwebp. We are actively investigating to identify any and all areas where we may be leveraging the vulnerable versions of this library. As of now our investigations have revealed no indications of compromise. We will keep this page up to date as our investigations continue.
June 20, 2023
Sumo Logic is aware of the published vulnerabilities (CVE-2023-34362, CVE-2023-35036, and CVE-2023-35708) by Progress software indicating that the MOVEit Transfer tool was vulnerable to multiple SQL injection vulnerabilities. Our investigation suggests that Sumo Logic is not impacted as our products and services do not use MOVEit Transfer tool. Our current assessment is that no action is required from our customers, but we will continue to monitor and update as appropriate.
Nov 4, 2022
Sumo Logic is aware of the recently announced OpenSSL vulnerabilities (CVE-2022-3786 and CVE-2022-3602). Our initial investigation suggests that Sumo Logic is not impacted as our products and services do not rely on OpenSSL. Our current assessment is that no action is required from our customers, but we will continue to monitor and update as appropriate.
April 1, 2022
Sumo Logic has validated that we do not use any part of the vulnerable Spring Cloud framework found in CVE-2022-22963. We have also reviewed CVE-2022-22965 and have validated that Sumo Logic is not vulnerable to known exploitable methods. Out of an abundance of caution, we will be updating our Sumo Logic Service; however, no action is required on your part. The Sumo Logic collector is not vulnerable to known Spring Cloud framework exploitation methods.
March 31, 2022
Sumo Logic is aware of CVE-2022-22963, which is an exploitable Remote Code Execution (RCE) in Spring Cloud Functions. Our initial investigation suggests that Sumo Logic is not impacted. Our current assessment is that no action is required on your part at this time, but we will continue to monitor and keep you posted as our analysis progresses.
Our Global Operations Center investigated Okta’s evolving situation as Sumo Logic currently leverages Okta's federated identity solution. So far we have no evidence that Sumo Logic, our employees or services are impacted in any way.
Beginning early in the morning on Dec. 10th, Sumo Logic’s security team investigated and validated the nature and severity of the exploit against potential points of compromise and determined that at NO time was Sumo Logic exploited.
We use a custom SumoLog4Layout library that never invokes custom lookups (as compared to Apache Log4j) so the Sumo Logic Service was never impacted.
Summary
A support engineer's laptop at the Identity and Authentication (IAM) firm, Okta was compromised
What steps has Sumo Logic taken?
Our Global Operations Center investigated Okta’s evolving situation as Sumo Logic currently leverages Okta's federated identity solution. So far we have no evidence that Sumo Logic, our employees or services are impacted in any way.
What can I do?
Customers and prospects in a currently 30-day trial can use the Okta app to determine if they are compromised and leverage Cloud SIEM targeted searches.
Actively monitoring current threats in real-time to ensure customers are not impacted
Creating easy-to-copy search queries and filters customers can use to determine if they are at risk
Providing security-specific onboarding to prospects in our 30-day trial to help them determine if they are compromised.
Start a 30 Day trial
Leverage our application integrations and log ingesting capabilities to determine if your organization has been compromised
Talk to our security experts
Take a tour of our security capabilities and Cloud SIEM. Our team can walk you through common threat response scenarios and how to build pro-active threat monitoring.