Question:
Is DocuWare impacted by CVE-2025-68161?
CVE-2025-68161 pertains to Apache Log4j Core versions 2.0-beta9 through 2.25.2.
Answer:
Per manufacure design, the Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate. Therefore, it could be possible that it may allow a man-in-the-middle attacker to intercept or redirect log traffic if the attacker has already obtained access to the network in which the fulltext service operates.
DocuWare Versions 7.7 and higher utilize Log4j 2.17.2. Best practices is to protect the Fulltext service with a firewall, only allowing DocuWare and its services to have access to the Fulltext service. Please work with your network administrator.
For more information on which ports DocuWare and Fulltext use, please see: KBA-34951
KBA is applicable to on-premise systems ONLY!
Views:
This article is valid for DocuWare versions: 7.7, 7.8, 7.9, 7.10, 7.11, 7.12, 7.13, CVE-2025-68161, Is DocuWare affected by CVE-2025-68161