Following the December 10, 2021 announcement of the critical Log4j2 security vulnerability (CVE-2021-44228), Appian determined that impacted versions of Log4j2 were being used in the Appian platform. Appian has taken the following actions in response:
Appian Selenium API (Application Programing Interface)
Cucumber for Appian
FitNesse for Appian
Appian contacted plugin authors for Appian Community supported plugins, encouraging them to review their plugins for this vulnerability and publish updates if they are affected. As all AppMarket plugins are open-source, Appian customers also have the ability to inspect and update independently (and can publish their updates back to the AppMarket)
Appian customers’ support contacts have been notified of the availability of these hotfixes.
This article applies to all supported versions of Appian.
Last Reviewed: April 14, 2022
© 2022 Appian. All rights reserved.