CVE-2021-4428 – Java log4j: mRay not affected

You may have already heard about the security vulnerability in the Java library log4j (see. BSI). After checking the facts, we can inform you that this vulnerability does not pose a threat to your mRay installation. Java is only used on the server side of mRay and only if an HL7 interface is configured as a plugin. This interface is usually set up in connection with our photo documentation or report generation. The log4j version we use there is not affected by the security vulnerability. According to BSI, all log4j versions >=2.0 and =<2.14.1 are affected. Nevertheless, we will update to the latest log4j version with a future update. We will inform you about this separately. So currently there are no further measures to be taken. If you have any further questions, please do not hesitate to contact us.

See: Message from the Federal Office for Information Security (BSI) 

You can find an overview of our safety statements at: www.mbits.info/security-statements

BOLETÍN DE NOTICIAS

¿Le gustaría recibir información periódica sobre productos nuevos, actualizaciones de mRay y vídeos tutoriales de sus nuevas funciones? Suscríbase a nuestro boletín trimestral.

ES

Vielen Dank für Ihre Anmeldung

In Kürze erhalten Sie eine E-Mail, mit der Sie das Abonnement unseres Newsletters bestätigen können.