Hi all,An impact assessment has taken place on the IFS Maintenix tech stack to determine required mitigation actions to secure your on prem systems. Please note only versions 8.3 and 8.3-SP1 are affected by this issue. We will be releasing software updates on all supported streams to upgrade log4j2 to version 2.15.0.2021-12-14 Update: We anticipate software updates to be delivered by Friday 2021-12-17.2021-12-14 Update: Updates will upgrade to Apache’s log4j 2.16.0.2121-12-17 Update: Apache has released a new CVE-2021-45046 to indicate that the below recommended mitigation techniques are not sufficient to contain all possible vectors. The new recommendation is to install log4j 2.16.0 which completely removes the ability to perform a JndiLookup, there is an alternate mitigation technique to manually remove the class file from the jar if an upgrade to 2.16.0 is not possible. Please refer to Apache’s security article on this topic. ALL >= 8.3 IFS MAINTENIX INSTALLATIONS: The alternate
Already have an account? Login
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
Sorry, our virus scanner detected that this file isn't safe to download.
