555-555-5555
mymail@mailservice.com
Apache Log4j allows insecure JNDI lookups that could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the vulnerable Java application using Log4j. CISA has published Apache Log4j Vulnerability Guidance and provides a Software List. See this article for more technical details.
We can confirm that our Platopus platform does not make use of Java and so is unaffected by the Log4j security vulnerability.
Claris have confirmed that some versions of the FileMaker Server platform (v16.x and v17.x) do make use of Log4j. It is recommended that users upgrade to a currently supported version of FileMaker if they have not yet done so. See the Claris Log4j Q&A for full details.
Contact us to book in your FREE consulting session to provide an overview of how to go about upgrading to the Claris FileMaker 19.4 platform or alternatively take a look at our blog post outlining some of the upgrade considerations here.
All Rights Reserved | DataTherapy Limited