16 Dec 2021
A global vulnerability has been identified with Log4j, a java-based logging utility that is used by many systems and products worldwide, including a number of Telstra Health’s digital solutions.
We responded immediately when we became aware of this issue to identify and remediate any potential impact to our solutions and the customers we support.
We have ascertained that Telstra Health UK products and services are not impacted by the Log4j vulnerability.
What is CVE-2021-44228 also calledLog4Shell/Log4j?
A global vulnerability has been identified with Log4j, a java-based logging utility that is not used by Telstra Health UK’s digital solutions.
We responded immediately when we became aware of this issue to identify and remediate any potential impact to our solutions and the customers we support.
What systems are affected?
Systems and services impacted include those that use the Java logging library, Apache log4j between versions 2.0-beta9 and 2.14.1.
How to update or mitigate against the vulnerability?
The Apache Foundation has issued log4j version 2.15.0, which is not vulnerable to Log4Shell by default.
Has Telstra Health UK been impacted by CVE-2021-44228 Log4Shell/Log4j?
Like most companies around the world, Telstra Health has been reviewing its systems since we were made aware of the vulnerability and we will continue to do so. We are also working with our suppliers and partners to ensure co-ordination and management of any mitigation, should it be required on their services.
Please do not hesitate to be in contact with our support team or your Telstra Health UK consultant if you require further information.
Get the latest insights and updates from Telstra Health UK.
View now