Is Auditbase affected by the Log4J 2 vulnerability CVE?
Auditbase is not affected by the Log4J 2 vulnerability CVE-2021-44228.
Auditbase is not affected by the highly publicised Log4J 2 vulnerability CVE-2021-44228 described here https://www.ncsc.gov.uk/news/apache-log4j-vulnerability. Log4J 2 is an Apache logging service requiring Java. Auditbase itself does not use Java components.
Auditdata distribute Lyniate Rhapsody for HL7 integrations and Crystal Reports XI Developer Edition for Crystal Report editing. These products contain an older version of Log4j 1.2 which is not subject to the vulnerability. Log4j 1.2 whilst dated, is a proven and successful design. Core components and features used by Rhapsody and Crystal Reports XI Developer Edition have no high-rated vulnerabilities.
There is a related vulnerability in Log4J 1.2 (currently labelled CVE-2021-4104) used in Rhapsody which is present in its JMSAppender. Rhapsody is not impacted by this as the JMSAppender is not used by Rhapsody, nor is it possible for users to enable it as Rhapsody does not include the necessary libraries. From a security standpoint, there is only one other Critical/High-rated vulnerability against log4J 1.2; this is CVE-2019-17571 affecting the SocketServer class, which Rhapsody does not use and is hence not impacted by. Crystal Reports XI Developer Edition also does not include JMSAppender or SocketServer components or functionality so is not subject to any known vulnerabilities
Related Articles
Auditbase 6.6.0 Release Note
We are committed to providing great care to our customers and therefore the changes implemented in the latest version of Auditbase (6.6.0) are based on your valued feedback. We made two changes based on high-priority areas, these are: 1. Complete ...What's new in Auditbase
Auditbase 6.6.0 Auditbase 6.5.0 Auditbase 6.4.0 Auditbase 6.3.0 Auditbase 6.2.0 Auditbase 6.1.0 Auditbase 6.0.3 Auditbase 6.0.2 Auditbase 6.0.1 Auditbase 6.0.0 Auditbase 5.4.6 Auditbase 5.4.5 Auditbase 5.4.4 Auditbase 5.4.3 Auditbase 5.4.2 Auditbase ...What are the Auditbase Keyboard Shortcuts?
Short cut Function F1 Help F2 Log Off F3 Client Search F9 Make Timetable [Booking] F10 Quick Battery Issue Ctrl+F3 Client Quick Search Ctrl+F9 Schedule Timetable [Booking] Shift+Ctrl+A Audiogram Shift+Ctrl+B Booking Shift+Ctrl+C Client Information ...How do I change the number of resources shown in the Booking Module?
Auditbase will default to 5 visible resources in the Booking Module until a change is made in the Administration settings. To change this setting Auditbase Administration should be opened and then User and Workstation options -> Workstation settings ...How do I download and install Crystal Reports in Auditbase?
+44 (0) 333 444 4212 www.auditdata.com support@auditdata.com Generic guide for downloading and installing Crystal Reports in Auditbase. Installing and saving the new reports to Auditbase To install your new Crystal reports the first task is to make a ...