Apache Software Foundation has announced the discovery of the vulnerabilities named Log4j (Log4j – Apache Log4j Security Vulnerabilities, https://nvd.nist.gov/vuln/detail/CVE-2021-44228 and NVD - CVE-2021-4104 (nist.gov))
Radiometer Medical has evaluated whether these vulnerabilities have an impact on our products:
It is our assessment that these vulnerabilities have no impact on all versions of the above devices. For this reason, we will not issue separate patches to the software used by Radiometer equipment.
This message constitutes an information service and is provided without guarantees and warranties of any kind, expressed or implied. Radiometer excludes any liability for actions or omissions performed based on this information.
Technical Product manager
*Please note that Radiometer have investigated the Mirth versions recommended by Radiometer for use with AQURE, and not found these to be affected by the vulnerabilities reported. We recommend users of AQURE with Mirth installed to investigate that the versions they are using are the ones recommended by Radiometer, and if not take appropriate actions