IMPORTANT: Information on security vulnerability in log4j-Library
IMPORTANT: Information on security vulnerability in log4j-Library
UPDATE 16.12.2021 - A new patch addressing the CVE-2021-44228 and most recently reported CVE-2021-45046 vulnerability in Log4j library has been prepared for eMMA and is ready for download. (Please refer to the latest version of this patch.)
UPDATE 15.12.2021 - A patch addressing the CVE-2021-44228 vulnerability in Log4j library has been prepared for eMMA and is ready for download. (Please refer to the latest version of this patch.)
Since Friday, Dec. 10, 2021, it is known that the critical zero-day vulnerability in log4j version 2.0-beta9 to 2.14.1 endangers numerous servers and apps. On Saturday, the German Federal Office for Security (BSI) declared the highest warning level for this vulnerability.
If there are any further developments or findings regarding the security vulnerability in connection with our eMMA software solution, we will inform you on this page.
If you have any further questions, please do not hesitate to contact us at the following email address: emma.support.qdas@hexagon.com
Other products from the Q-DAS Statistics portfolio (e.g. qs-STAT, solara.MP, O-QIS, M-QIS, RTM, PLV, etc.) as well as IMC are NOT affected by this security vulnerability.
Thank you for your understanding
Your Hexagon Team