DBMS Connector for ABBYY Timeline Log4j vulnerability and fix

On December 10, 2021, a zero-day vulnerability was identified in the Apache Log4j logging software (CVE-2021-44228). The identified vulnerability allows remote code execution by unauthenticated threat actors. The severity of the vulnerability has been deemed critical.

The ABBYY Timeline Connector for DBMS doesn’t come with log4j but can use one installed on the same system. To mitigate the vulnerability please upgrade log4j to the latest version without the vulnerability. Please consult the Apache website here: https://logging.apache.org/log4j/2.x/security.html.

Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.