Log4j notice!

14 December, 2021

This announcement contains important information about your VidiView Server installation. The intended audience for this letter is technical personal in charge of system management and maintenance.

At this time, you may be aware of the found vulnerability in the commonly used Java library log4j. The vulnerability is also commonly referred to as CVE-2021-44228. Please read more about this at https://nvd.nist.gov/vuln/detail/CVE-2021-44228

From a development perspective the log4j library exists in a .net-encapsulated form (embedded into a .dll). The functionality within the VidiView Server using this library is related to Dicom export and import and we have used our best efforts to try and investigate the inner workings of this library in relation to our application. We have not been able to expose any kind of vulnerability in our use case. Hence – no need to any action on the account of VidiView.

No other part of the VidiView products contain the log4j library.

Downlod the full brief


  View archive

Reach us

We love when people get in touch! We love to talk about what we do and we are happy to share our insight in medical image management with anyone willing to listen smile

Distributed Medical AB
Ideon Science Park
Scheelevägen 19A
223 70 Lund
Sweden

+46 755 55 1200

info@distributedmedical.com

VidiView Enterprise Imaging is a CE-approved medical device product developed in Sweden in accordance with the European Medical Device Directive, EU MDD 93/42/EEG, later transformed into 2007/47EG and MDR 2017/745. VidiView is a registered trademark.

© Distributed Medical 2019-2024

Legal disclaimer | Privacy policy | Cookie policy