Many of our users will have seen recent news about ongoing problems with the Zero-Day attack which exploits vulnerabilities in the Apache Log4j library - CVE-2021-44228
The identified vulnerability is with the log4j-core jar file core jar file which is not used by Digital.ai Agility.
We also do not ship the log4j-core dependency with the Java SDK API Client. However, customers using the SDK may have pulled it in from the nexus maven repository themselves, and if so, should review their Log4j version and update accordingly as soon as possible.
To view Log4J notices for other Digital.ai products, please see Log4J Vulnerability to Zero Day Exploit and Digital.ai.
Please sign in to leave a comment.