Support requests submitted on the web or by email are answered the next business day. For emergency assistance, please call our 24-hour support line at +1 888.977.1618.
Apache Log4j Vulnerability (CVE-2021-44228)

Our products do not suffer the reported vulnerability, because we do not use JVM, which is a key component of the vulnerability. Vulnerable files under this CVE do not exist on DSP or ADFR servers (unless of course they are part of other installed software, unrelated to Semperis). Please be aware that your server may contain .JAR archive files related to SQL Express or other software, which are not indicative of the presence of Java, or the vulnerability.

You can run a PowerShell script from the link below to check for vulnerable software installed on your DSP/ADFR (or any) server, which will confirm the absence of the vulnerable files:

Very kind regards,
Jim Doggett CISO – Semperis