Log4j 1.x Vulnerability & Resolution – Update


Subscribe to our blog


Dear Valued Customer,

We would like to give you a quick update regarding OpenLM components and the recently discovered log4j vulnerabilities.

All OpenLM components are now updated and moved from using Log4j to using Logback.

The components affected are the OpenLM Broker, OpenLM Application Manager and OpenLM Report Scheduler.

It is strongly advised to upgrade to the recent release of these components.

Please also take under advisement that there are still files within the installation folders of the OpenLM components that could create a false alarm. These files being the lo4j-api-2.14.1.jar and log4j-to-slf4j-2.14.1.jar. These files are not vulnerable to the recent issues.

If you have further questions, please kindly contact us at support@openlm.com

Thank you,


Branislav Potoček

VP Support & Services

Title image: Pixabay

Skip to content