technology and project consulting

Update on M2 Solutions & Log4J Vulnerabilty

Overview of the log4j situation and M2 Solutions

20/12/2021
Tableau

We would like to give you a status and overview of the log4j situation and M2 Solutions.

Affected by the logging software breach are Java applications that - as the name suggests - have implemented the logging component Log4j. This is the Tableau Toolbox, which includes the Form Builder and Mail Tool. The Tableau Toolbox has been shipping the latest version of log4j, i.e. 2.17, since release 1.32.1. With this, we can say that any security risk related to CVE-2021-44228, CVE-2021-45105, and CVE-2021-45046 has been removed.

The other M2 Solutions do not implement log4j or are not java-based, these include in particular:

  • Tableau Portal

  • Data Catalog Tool

  • Housekeeping Tool

We can therefore report that none of our products are affected by log4j.

However, please take the necessary precautions for your Tableau installations, more information can be found here: Apache Log4j2 vulnerability (Log4shell) | Tableau Software.

M2 is always up to date with the latest developments and we try to be aware of all security vulnerabilities and new developments in the technical scene as soon as possible in order to release security patches or hotfixes if needed.

If you have any questions on the subject, we are always happy to help.

Your M2 Team

Phone: +49 (0)30 20 89 87 010

info@m2dot.com  ·  M2@Facebook  ·  M2@Twitter  ·  M2@LinkedIn  ·  M2@Instagram