Blog

Apache Log4j Java Vulnerability (CVE-2021-4104, CVE-2021-45046, CVE-2021-44228)

Dec 22 2021

A critical vulnerability in Apache Log4j 2 impacting versions from 2.0-beta9 to 2.14.1 has been publicly disclosed (CVE-2021-4104, CVE-2021-45046, CVE-2021-44228).

SubscriberCRM does not use the Apache Log4j library. SubscriberCRM does include 3rd party products or plugins, and these too have been found not to use the Apache Log4j library. Notable 3rd party products or plugins include:

Crystal Reports
This is used to create specific reports from SubscriberCRM. They have confirmed they do not use the Apache Log4j library - https://answers.sap.com/questions/13545419/log4j-security-vulnerability-with-sap-crystal-repo.html.

InstallShield
This is used to install SubscriberCRM. They have confirmed they do not use the Apache Log4j library - https://community.flexera.com/t5/Revenera-Company-News/Security-Advisory-Log4j-Java-Vulnerability-CVE-2021-44228/ba-p/216905.

Adept Tools
This is used for our Sage 50 integration. They have confirmed they do not use Apache Log4j library.

SubscriberCRM should not be affected by this vulnerability.

We would always recommend keeping SubscriberCRM up to date, and so please update to the latest version if it's not already. More information about updating SubscriberCRM can be found here.

Latest Posts

New Update Released v2.19.1.0
23/04/2024 15:22 | Elliott (SubscriberCRM)
New Update Released v2.19.0.0
17/04/2024 11:35 | Elliott (SubscriberCRM)
New Update Released v2.18.0.0
30/01/2024 15:40 | Elliott (SubscriberCRM)
New Update Released v2.17.0.0
14/07/2023 12:26 | Elliott (SubscriberCRM)
New Update Released v2.16.1.0
16/03/2023 12:39 | Elliott (SubscriberCRM)
New Update Released v2.16.0.0
13/03/2023 11:42 | Elliott (SubscriberCRM)
New Update Released v2.15.0.0
13/09/2022 15:46 | Elliott (SubscriberCRM)
Apache Log4j Java Vulnerability (CVE-2021-4104, CVE-2021-45046, CVE-2021-44228)
22/12/2021 10:32 | Elliott (SubscriberCRM)
New Update Released v2.14.0.0
18/05/2021 11:37 | Elliott (SubscriberCRM)
New Update Released v2.13.0.0
29/03/2021 10:41 | Elliott (SubscriberCRM)

Categories