For version 19.17 and higher, we are not attackable with the main exploit via LDAP because we ship the latest Java bug fixes with this version. In addition, only the XMPP server is affected and not e.g. the web server. So a handcrafted attack would have to be done directly with our protocols.
This means that the attacks currently circulating on the Internet all fail currently.
Recommended action for on-site systems: We currently see no urgent need to take the systems offline. A corresponding bugfix release will be available during the afternoon.
Recommended action for cloud users: No user action is required here. Our systems have been monitored since the weekend. The security vulnerabilities will be completely closed with an update tonight.
We will inform all on-site customers as soon as the bug fix is available.
please use for support requests our mypascom Portal and open a new support Ticket. In our system you are registered as Portal admin with your email address. if you have forgotten your mypascom Portal password, simply restore it.