CVE-2021-44228
Menu

CVE-2021-44228

Apache Log4j (CVE-2021-44228) – Apache Software Library Vulnerability

KMHA is aware of the vulnerability CVE-2021-44228 that affects Apache Log4j* software library. If exploited, this vulnerability allows remote code execution on vulnerable systems. Information on the CVE-2021-44228 can be found here: https://www.cisa.gov/uscert/ncas/current-activity/2021/12/13/cisa-creates-webpage-apache-log4j-vulnerability-cve-2021-44228

KMHA is actively assessing products that may utilize Apache Log4j to determine possible impact. Additional information will be available upon completion of analysis and testing. Our preliminary investigation has identified that most products are not impacted. We ask customers to please follow up with any 3rd party software, vendors or integrators in their environment, to determine if those products are affected or not.

Note: This is a global issue, and we ask that each customer also evaluate their exposure with all 3rd party software products in their environment, Customers should follow the appropriate guidance measures and technical bulletins published.

Please Contact the Call Center 1 (800) 945-0456 to inquire about this vulnerability and any impact to your Konica Minolta System.

* This vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. NIST National Vulnerability Database ****

Download the Technical Brief

 

©2014 Konica Minolta Healthcare Americas, Inc.