fbpx Skip to content

Update on Apache Log4j2 Vulnerability

December 10, 2021
Security Advisory

A vulnerability within the Apache Log4j2 tool was identified on Friday, December 10, 2021: CVE-2021-4428. Log4j is a logging framework created by Apache and used widely across the internet. Many services across different industries are potentially vulnerable.

Our engineering teams are conducting a complete assessment, and to-date have found no evidence of any compromise on any insightsoftware servers. Regardless, we have remediated all open, public-facing systems where there was a vulnerable version of this tool being used.

insightsoftware Products:

insightsoftware can confirm that the following products and services are not vulnerable to the Apache Log4j vulnerability:

  • ArcPlan (LongviewAnalytics)
  • Atlas
  • BizInsight
  • Bizview
  • Calumo
  • Certent CDM
  • Certent DM
  • CXO
  • Event 1
  • Exago
  • Hubble
  • IDL
  • Intellicast
  • Izenda
  • Jet Analytics
  • Jet Reports
  • Logi Composer
  • Longview Tax and Close
  • Magnitude Angles for Oracle (Noetix)
  • Magnitude Agility (SaaS version)
  • Magnitude Angles Cloud
  • Magnitude Kalido (SaaS version)
  • Mekko Graphics
  • Spreadsheet Server
  • Tidemark
  • ViaReport Consol
  • ViaReport Lease
  • Wands for Oracle
  • Wands for SAP

The following on-premises products that are used within customers’ networks but not open to general Internet traffic, may have a vulnerable version of Apache log4j if the customer is not restricting application usage to authenticated users within its network. insightsoftware has provided a configuration workaround to remediate the issue on the product support pages:

  • Konsis
  • Logi Info
  • Logi Report
  • Logi Info
  • Magnitude Agility.
  • Magnitude Angles for SAP
  • Magnitude Noetix Analytics
  • Magnitude Angles Hub
  • Magnitude Kalido
  • Magnitude Simba (DynamoDB, MongoDB, DataStacks, Neo4j, Spark, Hive, Impala)
  • Magnitude SourceConnect Harmonization

insightsoftware continues to monitor this developing situation. Please check back here for updates.