Impact of the Log4Shell vulnerability on our products
The German Federal Office for Information Security (BSI) warns of a critical vulnerability Log4Shell (CVE-2021-44228) in the widely used Java library Log4j - and has upgraded its existing cyber security warning to warning level red since 12/11/2021. In this context, additional vulnerabilities were published on 12/10/2021 (CVE-2021-45046) and 12/18/2021 (CVE-2021-45105).
TA Triumph-Adler takes these security vulnerabilities very seriously and is carefully checking the extent to which our own offerings or partner products distributed by us are affected.
Affected products: Information sources & contact options (as of 01/18/2022)
- enaio®, yuuvis® RAD and yuuvis® Momentum | enaio®, yuuvis® RAD and yuuvis® Momentum | Release Warning on the critical Zero Day Exploit in Log4j (optimal-systems.com)
- Kofax Autostore | Kofax products and Apache Log4j2 vulnerability information
- TASIM server. 1.1.2001 | Affected by CVE-2021-44228. A countermeasure version has been released. Please contact our support team at email@example.com.
- Licence server for TASIM and TA Capture Manager | Affected by CVE-2021-44228. Update applied on 12/17/2021.
The following products are NOT affected by the vulnerabilities (as of 01/18/2022)
- All TA and UTAX MFP and printer as well as drivers and utilities
- TA Cockpit®/ UTAX smart
- TA Fax-Server powered by IPTAM
- TA/UTAX Zeitblick
- aQrate / MyQ
- AFI applications
- Cadosys Produkte
- Forms4Work, Mercury
- PlanetPress Suite
- Scan2 OCR powered by ABBYY, ABBYY FineReader, ABBYY FineReader Server
- TAKWA Form Server Version 1.2.14
We are currently evaluating further solutions and will successively publish more information here. In case of doubt, please feel free to contact our service support at firstname.lastname@example.org.