Statement for error in modul Log4J in LabImage

By in , ,

According to the assessment of the German Bundesamts für Informationssicherheit (BSI), the Java library Log4J contains critical errors that can lead to a serious threat in the area of IT security. This mainly affects server systems in which the module is used as part of the architecture. According to the BSI, only online systems can be affected. In the versions 2.0-beta9 up to and including 2.14.1 it is possible to execute remote code. Kapelan also uses the Log4J module for handling actions in 21 CFR Part 11 mode. Since the LabImage systems cannot be accessed online or via the web interface or an earlier version (less than 2.0) is used, LabImage is not affected by the error. A user must also be authenticated against the database in order to send log entries. An active reaction is therefore not required.