You can find our official statement regarding the log4j vulnerability "CVE-2021-44228" here: https://go.docuware.com/log4jen
For on-premises systems, one of the possible recommendations is to set an environment variable on the DocuWare server. Below you will find a step-by-step guide about this in more detail.
Question:
How do I set the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS=true ?
Answer:
Please refer to the following guide to set the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS=true;
Please refer to the following guide to set the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS=true;
1. Right-click on the start icon in Windows and select "System."
2. Click on "System Info" at the bottom of the page.
3. Within the new window that populates, select "Advanced system settings," on the left-hand side of the page.
4. From the Advanced tab, click on "Environment Variables"
5. Click "New" in the System variables section towards the bottom of the page.
6. Set the name of the variable to "LOG4J_FORMAT_MSG_NO_LOOKUPS" and its value to "true"
7. Once completed, select OK
KBA is applicable to On-premise Organizations ONLY.
