Skip to main content
Kofax

Kofax products and Apache Log4j2 vulnerability information

Article # 3037081 - Page views: 20890

Products not listed on this page have been evaluated and are not vulnerable.

Kofax is aware of the recently disclosed Apache Log4j2 vulnerabilities (CVE-2021-44228, CVE2021-45046, CVE2021-45105). The following Kofax products are using the potentially vulnerable Log4j2 version Kofax is in the process of evaluating the usage of log4j2 in the above products and will create patches wherever it is needed, as a priority.

Affected Kofax Products Remediation Status Kofax Community Product Discussion URL
Bookmark your product's post for any future updates
Robotic Process Automation (RPA) 10.7-11.2 Patches are available. See  Kofax RPA CVE-2021-44228 log4j Security Exploit Information article.

Robotic Process Automation Release Announcements

Kofax Communication Manager (KCM) 5.3-5.5 Patches are available. See log4j vulnerability in Kofax Communications Manager article. Communications Manager Release Announcements
Device Web Service (DWS) 10.2
The DWS is used with AutoStore, Equitrac and Output Manager when deploying embedded clients, including the Kofax Unified Client.
See ControlSuite and the Log4j vulnerability CVE-2021-44228 for more information. ControlSuite Release Announcements
Device Web Service (DWS) 5.11 See ControlSuite and the Log4j vulnerability CVE-2021-44228 for more information. ControlSuite Release Announcements
eCopy ShareScan 6.x Until the ShareScan patches are ready, follow the steps in the ShareScan and Log4j vulnerability (CVE-2021-44228) - Kofax article. MFD and Productivity Release Announcements
Invoice Portal Potential vulnerability remediated ReadSoft Release Announcements
Supplier Portal Potential vulnerability remediated ReadSoft Release Announcements
AP Essentials (formerly ReadSoft Online) AP - Essentials (formerly ReadSoft Online) does not have native dependencies to Log4j. One third party component has been identified to utilize Log4j. Kofax has patched and updated according to suppliers recommendations. ReadSoft Release Announcements
Exder Potential vulnerability remediated ReadSoft Release Announcements
Device Registration Service (DRS) 7.13.0.3 See ControlSuite and the Log4j vulnerability CVE-2021-44228 for more information. ControlSuite Release Announcements

Monitor the indicated Community post for any future updates.

Kofax Technical Support

 

 

Article # 3037081
  • Was this article helpful?