[Log4j Advisory] ADSelfService Plus 6119 released to remove Log4j dependency

[Log4j Advisory] ADSelfService Plus 6119 released to remove Log4j dependency


Hello Everyone,

We would like to inform you that ADSelfService Plus build 6119 has been released to remove Log4j dependency.

Issue fixed:
  • Log4j dependency in ADSelfService Plus has been removed to ensure security.
Is ADSelfService Plus affected by Log4j CVE-2021-44228 vulnerability?
CVE-2021-44228 refers to a critical RCE vulnerability found in Apache Log4j versions 2.0_beta9 through 2.12.1 and 2.13.0 through 2.15.0. For more details, refer to https://logging.apache.org/log4j/2.x/security.html.           
ADSelfService Plus used an older version of Log4j. Hence, the product is not susceptible to this particular vulnerability.

What issue does build 6119 fix?
Even though the version of Log4j used in ADSelfService Plus is not affected by this particular vulnerability (CVE-2021-44228), we have entirely removed Log4j dependency in ADSelfService Plus to ensure security.

What action should I take?
We highly recommend ADSelfService Plus customers to update to build 6119.

How to update?
You can update to the latest build using the service pack. Instructions on how to install the service pack are also given on the page.



New to ADSelfService Plus?
Download the fully functional 30-day free trial now

            Related Products