A vulnerability impacting Apache Log4j 2 versions 2.0 to 2.14.1 was disclosed on GitHub on 9 December 2021 and registered as CVE-2021-44228 with the highest severity rating. Log4j is an open-source, Java-based logging utility widely used by enterprise applications and cloud services. By utilizing this vulnerability, a remote attacker could take control of the affected system. More details of this and additional vulnerabilities (CVE-21210-4104, CVE-2021-45046, CVE-2020-45105) for Log4j can be found here: https://logging.apache.org/log4j/2.x/security.html
We are aware of these vulnerabilities and have completed verification that we do not utilize the log4j library in SOLO Server or in our licensing clients, and therefore SoftwareKey and SOLO Server accounts are not impacted by these vulnerabilities.