log4j vulnerability fixed in new Commander Connect
The Java security gap called log4j is currently threatening many systems. The log4j library was also by default part of our Commander Connect up to version 4.10, but was non-functional. Therefore, we estimate the danger for our customers to be very low.
Nevertheless, it is theoretically possible that attackers can cause damage with access to your Commander Connect installation and some effort.
For this reason, we have completely removed the log4j library in the newly released version 4.11 of Commander Connect to eliminate even the last risk. We recommend you update to the new version as soon as possible. Customers who have purchased our Software Care Plan (SCP) can update immediately via the deister Dashboard.
If you have not yet signed up for a Software Care Plan but would also like easy and fast access to the latest updates, please contact your deister electronic representative. Alternatively, you can also reach us easily via our contact form.