Hyland Connect

Hyland conducted an initial review of Alfresco internally developed products and determined there is no impact by the CVE-2021-44228 related to Apache Log4j.

Update: 2021-12-15

There are two OEM products developed by OEM partners that are affected by the CVE-2021-44228 related to Apache Log4j. More information is available below:

• Simflofly, also known as “Alfresco Federation Services”: https://docs.simflofy.com/administration/log4j-vulnerability
• Ephesoft, also known as “Alfresco Capture”: https://ephesoft.com/docs/products/transact/announcements/product-announcements/log4j-vulnerability/

Correlated links:

• https://community.hyland.com/connect/hyland-research-and-development/security-advisories/CVE-2021-44...