Update pa SaaS environment: Successful implementation of measures to bypass Log4j vulnerability

Update Status 12/23/2021; 12 o'clock:
The proimporter is now available again for our SaaS customers in release 21.10.2.

Status 12/18/2021:
The measures communicated by the manufacturers to avert the Log4j security vulnerability were successfully implemented on the pa SaaS environment. The recommended patches for the P6 EPPM components of version R19.12 incl. associated applications were applied.

In addition, the complete system environment was checked and the underlying hardware and applications were provided with the security patches provided by the manufacturers.

Note: The following applications are temporarily deactivated due to security measures:

• Interface connections via API and web services
• external tools (e.g. proimporter) with connecting to P6 via API and web services.

Please do not hesitate to contact us if you have any questions. We will keep you up to date in our News & Blog.

Note: For an overview of possible affected vendors, click here:

• log4shell/README.md at main · NCSC-NL/log4shell · GitHub
• https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592