Does log4shell affect Wolfram products?
Most Wolfram products and systems are either not affected by the log4shell (CVE-2021-44228) zero-day vulnerability in the Java library log4j in versions 2.x with x<=14 or it has been fully addressed in them.
Only Wolfram Enterprise Private Cloud (EPC) and Wolfram Application Server (WAS) were affected by log4shell. This vulnerability has been fully addressed in EPC Version 1.60.2 and WAS Version 1.1.2.
All product fixes also address log4j vulnerability CVE-2021-45046.
For further details on individual Wolfram products or systems, please consult the following sections.
Wolfram-hosted systems and products
All Wolfram-hosted systems and products such as Wolfram|Alpha or Wolfram Cloud were either not affected or these log4j vulnerabilities have been fully addressed in them.
Customer-hosted non-Wolfram Language products
No non-Wolfram Language Wolfram products, such as System Modeler or Wolfram’s license manager MathLM, have been affected by either log4j vulnerability.
All customer-hosted Wolfram Language products
(except Enterprise Private Cloud and Application Server)
In all 13.0.1 versions of Wolfram Language products, log4j libraries have either been removed or updated to their fixed version. Current Wolfram products such as Mathematica, Wolfram|Alpha Notebook Edition, Wolfram Desktop, Wolfram Engine, Wolfram Finance Platform, Wolfram Player, gridMathematica Server or webMathematica are therefore not affected by either log4j vulnerability.
Customer-hosted Enterprise Private Cloud and Application Server
Enterprise Private Cloud and Application Server were affected by log4shell. A workaround to mitigate the issue has been communicated to all affected customers. It has been fully addressed in EPC Version 1.60.2 and WAS Version 1.1.2.
Whether you have a question about billing, activation or something more technical, we are ready to help you.
1-800-WOLFRAM (+1-217-398-0700 for international callers)
8am–5pm US Central Time
- Product registration or activation
- Pre-sales information and ordering
- Help with installation and first launch
Advanced Technical Support (for eligible customers)
8am–5pm US Central Time
8:30–10am & 11am–5pm US Central Time
- Priority technical support
- Product assistance from Wolfram experts
- Help with Wolfram Language programming
- Advanced installation support