Storable Responds to Log4J Software Vulnerability
A newly uncovered computer vulnerability is setting off alarm bells throughout the business world, as a flood of cybercriminals rush to exploit it.
The vulnerability was found in a Java software utility called Log4j. The open-source code is used extensively by commercial software developers and powers everything from web cams to industrial control systems.
Simply put, the code is used to log user activity. However, attackers can use the exploit to take over critical systems without a password or inject malware directly on infiltrated computers. Already close to half of corporate networks have experienced an attempted attack using this exploit, making efforts to address the vulnerability a top priority for companies around the world.
At Storable, we take any security threat seriously and take all actions necessary to keep our clients safe. In the spirit of transparency, this post summarizes the results of our investigation to date and recommended steps for customers.
Immediate response
On Friday, December 10, 2021, the Storable cyber security team became aware of a critical vulnerability in the Apache Log4j2 java library (CVE-2021-44228). We immediately initiated our incident response process to determine our usage of this library and its impact across Storable, our products and our infrastructure.
Facility management software
Storable’s family of facility management software products includes Sitelink, storEDGE and Easy Storage Solutions. None of these FMS solutions are written in Java nor do they utilize the affected Log4j2 java library. We identified one (1) third-party tool used internally in support of our FMS software that was affected by the Log4j2 vulnerability. The vulnerability has been addressed.
Marketplace
We identified two (2) third-party software products used internally in support of the marketplace website that were affected by the Log4j2 vulnerability. The vulnerability has been addressed in both of these products.
Websites
None of Storable’s websites products are impacted by the Log4j2 vulnerability.
Insurance
None of Storable’s insurance products are impacted by the Log4j2 vulnerability.
Payments
None of Storable’s payment processing products are impacted by the Log4j2 vulnerability.
All hands on deck
Storable’s cyber security team continues to investigate our exposure to this vulnerability and we will provide further updates if any new risk to our users or our products is identified. We also monitor our IT environment 24x7x365 for threat activity so that we can respond quickly to any identified malicious activity. At this time, we are not aware of any vulnerabilities in our IT environment related to the CVE-2021-44228. Storable customers should feel confident using our products knowing that we are taking appropriate measures to address this widespread vulnerability.

Dominate Your Market: The Self-Storage Customer Experience Playbook
A new phase of growth and transformation in the self-storage industry is just around the corner. Keep Reading

City Storage Scales Their Portfolio with Storable’s Dynamic Solutions
With ambitious growth plans, including 2–3 new facilities scheduled annually, City Storage recognized the need for a scalable, integrated technology solution to manage operations seamlessly across multiple states. Their answer? Storable. Keep Reading

Lock-It-Up Self Storage Modernizes Operations and Reduces Costs with storEDGE
Lock It Up Self Storage, an Ohio-based company with 17 locations, has been a trusted name in their local market for over 30 years. In their commitment to provide best-in-class service, Lock It Up recognized the need to modernize their operations to meet evolving customer expectations. Keep Reading