erwin Data Modeler service Update – 15/12/2021

erwin DM Update

As you may be aware, a zero-day vulnerability with Apache Log4j, cve-2021-44228, was recently identified, affecting applications which use Log4j, including erwin Data Modeler and related applications. erwin DM update is now available.

Key information relevant to your erwin Data Modeler product(s) can be found below:

erwin Web Portal

Status – New build for 2020 R1 released.

Workaround – Install new build.

Detailed guidance – https://support.quest.com/erwin-data-modeler/kb/336020/java-log4j-vulnerability-alert-mitigation-for-erwin-web-portal

erwin Data Modeler – May affect Metaintegration Bridges if present.

Status – Under investigation by MITI

Workaround – Remove potentially at-risk files if present.

Details guidance – https://support.quest.com/erwin-data-modeler/kb/336021/log4j-vulnerability-alert-mitigation-for-erwin-data-modeler

erwin Mart Server – erwin Data Modeler update

Status – New builds under development for currently supported versions.

Workaround – remove Log4J2.XML from install folder\erwin\Mart Server r9\MartUpgrade\lib if present.

Detailed guidance – https://support.quest.com/erwin-data-modeler/kb/336019/java-log4j-vulnerability-alert-mitigation-for-erwin-mart

To view additional information and Quest’s official statement, please follow this link: https://support.quest.com/essentials/log4j-vulnerability-update

To get an erwin Data Modeler free trial, click here