Hello,
Our company’s Cyber Security department has made us aware of a critical vulnerability, catalogued as CVE-2021-44228.
In brief, this vulnerability allows a hacker to execute arbitrary code via applications that are based on Apache Log4j2 2.0-beta9 through 2.12.1 and 2.13.0 through 2.15.0 JNDI.
Please refer to this link for details on this threat: https://nvd.nist.gov/vuln/detail/CVE-2021-44228
We currently use the following software from your company: COPASI
Could you please answer the following questions related to this software and the CVE-2021-44228 vulnerability?
i. Is the version of Apache Log4j2 2.0-beta9 through 2.12.1 or 2.13.0 through 2.15.0 JNDI?
We appreciate your response back on this as quickly as possible.