Is the ABBYY FlexiCapture product affected by the CVE-2021-44228 vulnerability which was identified in the Apache Log4j logging software?
ABBYY has performed a full review – including source code and production environments – and has determined that the FlexiCapture Cloud and on-premise products are NOT affected by this vulnerability with the exception of the ABBYY FlexiCapture connector for Pega.
While the overall ABBYY FlexiCapture core product is not affected, the FlexiCapture connector for Pega was affected by the vulnerabilities.
ABBYY has released a patch for the ABBYY FlexiCapture connector for Pega and completely removed the Apache Log4j component to address these and possible future vulnerabilities.
Please download the patch here:
#1378/30, Build 22.214.171.124
Please refer to Release notes for information on how to install the update.