December 13, 2021 from Teodora Zaneva

A serious security vulnerability in the Java logging framework Log4j 2 is ringing alarm bells among IT experts.

We do not use Log4j 2 in any of our products, with the exception of our CMIS Server (with core of tia®). Nevertheless, we decided to create a Security Advisory to support our customers in dealing with the vulnerability in the best possible way.

We will actively contact customers who are already working with our CMIS Server or core of tia® in order to deactivate the security vulnerability together with them. In addition, a new version will be available shortly in which the affected version has been replaced.