Support: Apache Log4j Vulnerability

We are aware of the security advisories regarding the Apache Log4j Vulnerabilities announced between December 9th, 2021 and December 27th, 2021. More information can be found here: https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability

We have determined that there is a very low risk to PrizmDoc Viewer customers using PrizmDoc Viewer version 13.5 or newer.  However, out of an abundance of caution, we strongly recommend that customers update their installation of PrizmDoc Viewer to version 13.19.0.9615 or later which has the latest version of Log4j.

Although the impacted version of Log4j is shipped with our product, it is mitigated because we do not write user-supplied data to our logs therefore an RCE attack is almost impossible.

If you are running a PrizmDoc Viewer/Server prior to 13.5 (November 2018) you should upgrade immediately to the most recent version. Version upgrades in 13.x are backwards compatible and do not require code changes to support the backend upgrade. If you have concerns, please contact Accusoft support https://my.accusoft.com/ or support@accusoft.com

To download the most current version of PrizmDoc Viewer please visit: https://www.accusoft.com/products/prizmdoc-suite/prizmdoc-viewer-trial/ and look for  13.19.0.9615 or newer preview build.

In accordance with our security vulnerability policy, the official PrizmDoc Viewer version 13.19 with an updated version of Log4j  is planned to release on January 25, 2022.

Additional information on our security policy can be found here: https://www.accusoft.com/company/legal/support-policy/

If you have additional questions please contact support@accusoft.com.

Your Accusoft Team

Get Started Today

Let us get your application up and running quickly. With enablement services, you can expect us to help you create a proof of concept and dig into  your production plan. We tailor our plan to help your organization’s specific needs. Contact us for more details.