Statement regarding the LOG4j security vulnerability
On Friday, December 10th, 2021 a major security vulnerability was discovered in Apache’s Log4j software library, also known as “Log4Shell.”
Log4j is very broadly used in a variety of consumer and enterprise services, websites, and applications—as well as in operational technology products—to log security and performance information. An unauthenticated remote actor could exploit this vulnerability to take control of an affected system.
ARIS Solutions has conducted an audit of our internal systems and an audit of our key technology partners. At this time we have confirmed that all the systems used by ARIS are either not affected, or have been upgraded to versions that resolve this vulnerability.