Information on Log4J vulnerability and Smart Speech
Smart Speech CVE-2021-44228 - Log4j Q&A
Overview
The following contains questions regarding the Apache Log4J vulnerability - CVE-2021-44228 as it relates to Smart Speech. Please contact Spok Support for any additional questions your organization may have.
Q: What version of Log4j is Smart Speech using?
A: Smart Speech is using an embedded version of Nuance that is using Log4j 1.x
Q: Is that version impacted by CVE-2021-44228?
A: No, CVE-2021-44228 only impacts Log4j version 2.
Q: What is Spok’s plan to move to the latest patched version of Log4j?
A: The path for resolution is to migrate to Care Connect Speech 3.3 or later.
Q: What do I need to do to upgrade?
A: The migration to Care Connect Speech would be considered a major upgrade and would need to be coordinated through your Spok Sales representative.
For additional information regarding Spok’s Response to CVE-2021-44228 – Log4j vulnerability, please visit the following: https://knowledge.spok.com/General_S...CVE-2021-44228
Related Defects:
N/A