Summary

Appeon is aware of the recently disclosed security vulnerability CVE-2021-44228 relating to the Apache Log4j Java logging framework. The vulnerability makes some protocols unsafe and can allow remote code execution.

Appeon has promptly launched an investigation. This Security Bulletin summarizes the results of our investigation to date.

Appeon products affected?

  • PowerBuilder

    PowerBuilder is affected. For more information, see PowerBuilder Security Bulletin.

  • PowerServer

    PowerServer is affected. For more information, see PowerServer Security Bulletin.

  • InfoMaker

    InfoMaker does not use Log4j, therefore it is not affected.

  • SnapDevelop

    SnapDevelop does not use Log4j, therefore it is not affected.

  • .NET DataStore

    .NET DataStore does not use Log4j, therefore it is not affected.

  • PowerScript Migrator

    PowerScript Migrator does not use Log4j, therefore it is not affected.

Questions?

If any questions regarding this security bulletin, please open a support ticket on the Appeon Website:/standardsupport/newbug.