The remote code execution vulnerability Log4j (CVE-2021-44228).
Erply currently has two services where Log4j is used:
- cloud.erply.com service
- EPSI (used with Berlin POS)
Our operations team has confirmed that cloud.erply.com is not vulnerable.
Integrations team has confirmed that EPSI uses an earlier version of Log4j, so EPSI is not vulnerable either.