Informasjon om Compello og Spring4Shell
Incident Report for Compello AS
Resolved
This incident has been resolved.
Posted Jun 24, 2022 - 08:39 CEST
Monitoring
Vi får inn henvendelser fra kunder knyttet til sårbarheten som er avdekket i Java-rammeverket Spring Framework, omtalt som Spring4Shell, ref. oppdatering fra Nasjonal Sikkerhetsmyndighet 31.mars:
link til artikkel hos NSM

Vi har gått i gjennom våre systemer og verifisert at alle systemer vi har direkte kontroll over ikke er sårbare for dette.

Compello er et Visma selskap. Les mer sårbarheten og hvordan Visma jobber med sikkerhetstrusler her:
link til visma.com

---
Mvh
Compello Operations
Posted Apr 06, 2022 - 12:24 CEST
This incident affected: SEND (SEND - eInvoice Portal Login - Compello ID API, SEND - eInvoice Portal, SEND - eInvoice API, SEND - File collector Azure, SEND - Access Point, SEND - Reports API, SEND - eInvoice Portal Login - Compello ID, SEND - FTP - transfer.compello.com, SEND - Major internal component - Json API, SEND - Portal API Partner, SEND - Portal API, SEND - Linkmobility API, SEND - VIPPS, SEND - Validation, SEND - Bank integration NOR - NETS API, SEND - Fjordkraft API, SEND - Processing - invoices, SEND - SendMail, SEND - Digipost, SEND - SendInvoice API, SEND - Print delivery, SEND - Evo Pdf API, SEND - PassThroughInvoicing API, SEND - Bank integration SWE, SEND - VAX Transfer - mySupply®DK, SEND - NETS Enrollment Washer), EDI/FMS/ELHUB (EDI/FMS - EDI Web, EDI/FMS - Powel API, EDI/FMS - ELHUB - Query, EDI/FMS - EDI Portal, EDI/FMS - Mail delivery, EDI/FMS - Powel API, EDI/FMS - AS4FMS), PROCESS (PROCESS - Legacy Silverlight Web, PROCESS - Touch web, PROCESS - Web Router, PROCESS - Legacy PDF Collector, PROCESS - Interpreter service, PROCESS - Integrations - REST api, PROCESS - Process Approve Web, PROCESS – Mail Import), and RECEIVE (RECEIVE - Receive Service).