DXM System Status
Welcome to the DXM Health Status Board. Below you will find status information for each of our DXM services.

Content Management

CMS Platform
Access API

Dynamic Content

Content API
Search Service (G2)
Realtime Indexing

Personalization (WCO)

Content Delivery
Editor User Interface


Redirect Service
Fed Auth

WCO is currently experiencing issues.  This appears to be impacting both snippet delivery as well as the ability to update snippets from the UI.  A case has been opened with AWS to assist in restoring this service as quickly as possible.   Update: 11th Aug, 3:36pm MDT Snippets should be returning now. Engineering is still are working separately through some UI/Edit issues with WCO which they are making progress on as well. You may still seem timeouts but we expect that to be cleaned up shortly.   Update 11th Aug, 5:37pm MDT Remaining issues are related to DNS propagation issues.  We expect it may take longer than expected to fully propagate and restore WCO to normal functionality. Most issues appear to be impacting the UI and not with rendering snippets at this time.   Update 12th Aug, 3:35am MDT Services are operational again, though there may be still be some DNS locations that are slow to propagate.

Following last night’s release, a potential issue was discovered impacted filename/url for non-templated assets (uploads). In an effort to ensure customers will not experience this issue we will be running a rolling update at 5PM MDT today. This will not impact web sites or CMS availability. Update: 08/11/2022 7:21 PM MDT The change that introduced the bug has been successfully patched.  Behavior for non-templated assets using ../filenames/filename.aspx and url.aspx is once again running correctly.    

June 6, 2022 @ 11:45am MT - Update June 6, 2022 @11:50 AM MT Reports of CMS Issue At 11:45 am MT we began receiving reports of an outage for some clients. We have restarted services and those reports have been cleared up. We continue to monitor the services at this time.   

April 7th @ 1:05pm MT - Updated April 10th @4:00 pm MT Reports of Outage  Crownpeak is currently experiencing an issue with DNS that has resulted in the primary DNS entries for AWS being overwritten with default DNS server entries for Network Solutions DNS servers. This issue has been corrected; however it will take some time for the corrected entries to be fully propagated.  Due to this issue, you may have not been able to access the CMS as well as issues with SearchG2 queries. Non-production websites using 401 auth would also be impacted.  We have also identified that any sites point to our redirect service using redirect.crownpeak.net may have also been impacted.  Using IPs or using a cname of redirect.crownpeak.com would not have been impacted. As of 3:00 pm MT on April 10th, we are seeing DNS has fully propagated.  We do not expect users to experience any more issues accessing the applications noted.  

Spring4Shell Zero Day Vulnerability - 04.01.2022 12:00 pm MST Zero-Day Exploit in Spring Framework | Spring4Shell Crownpeak is actively monitoring the Spring4Shell zero-day CVE-2022-22965 vulnerability.  Please see CVE-2022-22963 and CVE-2022-22965. Our operations team has performed a thorough review of internal systems and support applications to determine if Crownpeak systems contain any exposure to the vulnerability.  These two vulnerabilities have been discovered almost at the same time and thus tend to get mixed up in the news although they have different attack vectors. At this time, no exploits have been identified while we continue to perform our investigation.  We are actively monitoring and managing the issue and have a team working on identifying potential risks in our software components and services. This article will be updated regularly to provide information about how the vulnerability affects Crownpeak and its ecosystem as well as details on how we handle the issue and what you can do to secure your systems.  Be aware that this vulnerability affects many applications as it's an issue in a framework widely used. The information contained in this article is thus... View full report

Log4j Zero Day Vulnerability Update – 12.14.2021 5:00 pm MST Crownpeak is actively monitoring the Log4j2 Zero Day Vulnerability disclosedon December 9, 2021 (CVE-2021-44228). Log4j2 affects the Apache Log4j 2 project and any systems which have deployed the library into an application. Our operations team performed a comprehensive review of internal systems and support applications to update or patch any affected systems. Updates on the review results have been posted to this thread. We continue to actively monitor the situation. The majority of Crownpeak’s products were not affected by the Log4j2 Zero Day Vulnerability, as they are not written in Java, or do not use the Log4j library.  The small subset of Crownpeak’s product components which leverage the Log4j library were affected have been identified and patched to eliminate the risk of exploit. Specific product details are listed below.  Crownpeak will be continuing to monitor our systems as well as third party components related to this situation closely and report any additional updates.   DXM – Hybrid Headless CMS  No exposure in the Windows hosting environmentThe core Java install on standard Linux hosting environments was... View full report