December 13, 2021 – Advisory: Vulnerability in Apache Log4j2 Library Affecting InterSystems Products

InterSystems is currently investigating the impact of a security vulnerability related to Apache Log4j2.

The vulnerability — impacting at least Apache Log4j2 (versions 2.0 to 2.14.1) — was recently announced by Apache and is reported in the United States National Vulnerability Database (NVD) as CVE-2021-44228 with the highest severity rating, 10.0.

Please see this page for more details about the vulnerability and updates on whether InterSystems Products are affected.