Merative ™ Social Program Management and Apache Log4j update



Flashes (Alerts)





Merative Social Program Management uses the Apache Log4j libraries, for which a publicly known vulnerability exists.





For more information about the publicly known vulnerability in relation to Apache Log4j libraries, see the update on the Apache Log4j CVE-2021-44228 vulnerability.


All Merative Social Program Management versions before V8 are not impacted by the CVE-2021-44228 vulnerability, which is specific to Apache Log4j 2.x. Apache Log4j 2.x is used in Social Program Management V8, for which an interim fix will be issued soon.


We encourage all clients to continue with their plans to move to Merative Social Program Management V8 as soon as possible.


Document Information


More support for:
Merative Social Program Management



Software version:
8.0.0, 8.0.1



Operating system(s):
Linux, Windows



Modified date:
15 December 2021