Security_Statement

CVE-2021-4428 – Java log4j: mRay not affected

You may have already heard about the security vulnerability in the Java library log4j (see. BSI). After checking the facts, we can inform you that this vulnerability does not pose a threat to your mRay installation. Java is only used on the server side of mRay and only if an HL7 interface is configured as a plugin. This interface is usually set up in connection with our photo documentation or report generation. The log4j version we use there is not affected by the security vulnerability. According to BSI, all log4j versions >=2.0 and =<2.14.1 are affected. Nevertheless, we will update to the latest log4j version with a future update. We will inform you about this separately. So currently there are no further measures to be taken. If you have any further questions, please do not hesitate to contact us.

See: Message from the Federal Office for Information Security (BSI) 

You can find an overview of our safety statements at: www.mbits.info/security-statements

Newsletter

Would you like to receive regular information about new products, mRay updates and clear tutorial videos on new features? Subscribe to our quarterly newsletter.

This might also be interesting for you

EN

Vielen Dank für Ihre Anmeldung

In Kürze erhalten Sie eine E-Mail, mit der Sie das Abonnement unseres Newsletters bestätigen können.