Epiphany is currently monitoring the recently published announcement of vulnerabilities affecting Log4j Java-based logging library. The Log4j library is developed by the Apache Foundation and is widely used by both enterprise applications and cloud services for logging purposes. The vulnerabilities have been classified as critical.
For a more detailed description of these vulnerabilities, it is recommended customers view the information provided by Apache.
RESPONSE
Please note that the Apache Log4j vulnerabilities are not Epiphany-specific vulnerabilities. As part of the company’s product security policy and protocols, Epiphany’s team continues to evaluate Epiphany’s Java-based products and solutions for potential impacts from these reported vulnerabilities and evaluating further possible actions as needed.
IMPACTED PRODUCTS
At the time of the publication of this update, all Epiphany products are either not impacted, patched, or mitigations have been applied. Epiphany will continue to monitor all available information and we will provide an update to this bulletin if necessary. For questions regarding cybersecurity of any Epiphany product contact: productsecurity@baxter.com
For information on Baxter or Hillrom products, please see: Responsible Disclosures
