Infor – Critical Notification Announcement
Date Posted: 12-17-2021
[UPDATE] Security vulnerabilities related to Apache Log4j2, CVE-2021-44228 and CVE-2021-45046
Issued: December 16, 2021
In addition to the critical security vulnerability related to Apache Log4j2, described in CVE-2021-44228, a second vulnerability, CVE-2021-45046 was introduced. Infor continues to provide general and solution-specific information related to both Apache Log4j vulnerabilities and to develop updates and patches where appropriate to help mitigate these issues.
Please see master Knowledge Base (KB) article 2229037 for:
- General Apache Log4j information
- Solution-specific status updates and links to information.
Use the ‘Sign up’ feature in the KB header to receive notification when new information is available and to be updated on this issue.
Thank you for your continued patience and support.
The purpose of Critical Notifications is to inform you of urgent changes that have been implemented via a solution or workaround or to provide an explanation of actions you may need to take. Critical Notifications only pertain to the release(s) indicated in this document. These notices are not normally backward or forward compatible. The alert notice will remain in effect until that release has been retired or an end-date has been specified. Any questions regarding this Critical Notification should be directed to Infor Support.