A note from Axure on the Log4j zero day vulnerability

Hello all!

As many of you are aware, it was recently discovered that a widely used Java library called Log4j has been found to have a flaw that poses a severe security risk to applications. Any device that’s exposed to the internet is at risk if it’s running Apache Log4J, versions 2.0 to 2.14.1.

Axure does not utilize the Apache Log4j library in current or previous versions of our software products. No further action is required to address the Log4j Zero-day vulnerability as it pertains to Axure RP or Cloud as we have not been impacted.

Please feel free to email support@axure.com with any questions!