It may have come to your attention that a security vulnerability in Log4J was identified late last week. Log4J is a third party logging library published by the Apache Software Foundation and used in a wide variety of applications. The Apache Software Foundation has released a new version of Log4J that patches the vulnerability. For full details on the vulnerability, please see https://logging.apache.org/log4j/2.x/security.html.
CPI has investigated the issue and identified all applications potentially impacted by the vulnerability. At this time, all impacted applications have been patched with the updated version of log4J or have been configured to disable the compromised function. There are no risks to any of your production systems as a result of this vulnerability.