TEAMS-RDS 12.1.5 and 12.5.5 shipped with versions of Log4J indicted by CVE-2021-44228. CVE is 10/10. Best to upgrade as soon as possible.
TEAMS-RDS 12.1.5 and 12.5.5 mitigate CVE-2021-44228 by dropping Log4J as a dependency. TEAMS-RDS will now delegate all logging to Tomcat which utilizes the JDK’s Logging facilities.
Login to the Customer Portal to download the latest TEAMS-RDS 220.127.116.112 and 18.104.22.1689 releases.
Contact support for help patching TEAMS-RDS if upgrading to the latest release is not feasible.
NOTE: TEAMATE 12.1.5 and 12.5.5 are not affected by CVE-2021-44228. Log4J was dropped as a dependency to improve the startup performance of TEAMATE.