In Neo4j AuraDB the issue known as CVE-2021-44228 has been mitigated. Aura deployed a configuration fix on Friday 10th December that was applied to all existing Aura Databases. All newly created Databases will also have the configuration fix.
Our effort to review and monitor the situation with our security team is ongoing, however, at present we have not found any signs of intrusion or exploitation of this vulnerability.
As a precautionary measure, it is best practice to ensure you change database passwords regularly, especially if you had not previously changed from the default ones generated at creation.
Please contact our support team (https://aura.support.neo4j.com/hc/en-us
) if you would like to discuss anything further in the meantime.
For the vulnerability and impact assessment on Neo4j , see https://neo4j.com/security/log4j/