Log4j vulnerability
Urgent action required on your Avantra server and Agents

Key actions required

You must immediately upgrade the Avantra server and agents. The latest patches contain the latest log4j version 2.17 which fixes all the security vulnerabilities below:

  • Avantra server (master and UI)
  • Avantra agents
    • 21.11.3 and above (requires server version 21.11.2+ and SAP transports 20.11.7+) - download link
    • 20.11.12 and above (requires server version 20.11.11+ and SAP transports 20.11.7+) - download link
    • 20.11.703 (requires server version 20.11.7+ and SAP transports 20.11.2 - 20.11.7) - download link
    • 20.5.9 (requires server version 20.5.6+) - to be released on Tuesday, December 21 2021

We have released patches for all updates the log4j team has issued. Here are the latest security related solution documents that customers need to read:

We advise customers to upgrade to the latest available version of Avantra to ensure the protection against CVE exploits from previous versions of the Log4j component.

If you need to speak with Customer Support, please log a ticket in the Support Hub.

Avantra takes the security of our software and our customers very seriously - it is our top priority. We encourage you to get proactive updates as we post them by subscribing to the security section of our forum.

Avantra CEO, John Appleby, has also released a blog post on the matter.

Action required
Upgrade Avantra server and agent now ยป