KB Article #181965
Impact and resolution of CVE-2021-44228 (Log4Shell) in Axway Cloud Amplify Application Integration
Context
A 0-day vulnerability in the popular Java logging library, log4j, was published on GitHub along with a POC that shows the possibility of Remote Code Execution (RCE) if log4j logs an attacker-controlled string value, CVE-2021-44228.
Axway is aware of Log4j CVE-2021-44228 and is evaluating its impact on all Axway products. As conclusions and recommendations are available we will be publishing them in the dedicated Alert on support.axway.com: https://support.axway.com/news/1331/lang/en
The current article intends to provide recommendations and technical clarifications with regards to the impact of CVE-2021-44228 in Axway Cloud Amplify Application Integration.
Impacted Products
Axway Cloud Amplify Application Integration does not use log4j and is not affected by this vulnerability.