Information on Log4J vulnerability and Mirth
Mirth CVE-2021-44228 - Log4j Q&A
Overview
The following contains questions regarding the Apache Log4J vulnerability - CVE-2021-44228 as it relates to Mirth. Please contact Spok Support for any additional questions your organization may have.
Q: What version of Log4j is Mirth using?
A: Mirth is currently using Log4j 1.2.16
Q: Is that Log4j version impacted by CVE-2021-44228?
A: No, CVE-2021-44228 only impacts Log4j version 2.
Q: Will Spok update Mirth to the latest secure version of Log4j?
A: Mirth is an open-source third-party product. Spok is monitoring the open-source community development and exploring methods to contribute to resolution. Once a newer version is available, Spok will test that version in order to determine an upgrade path for impacted customers.
Related Defects:
N/A