Cytiva Security Advisory for Apache CVE-2021-44228
Security Advisory | Critical | Created: December 17, 2021 | Modified: April 7, 2022
Products covered by this advisory
Cytiva products containing software
Description of problem
Cytiva is closely monitoring the recent vulnerability disclosure by Apache Software Foundation on November 26, 2021 - CVE-2021-44228 and https://logging.apache.org/log4j/2.x/security.html
Cytiva has mobilized its Product Privacy and Security Team and development organizations to investigate the issue and immediately mitigate potential risks. Cytiva has conducted assessments of our Cytiva products containing software.
The below list contains Cytiva products affected by the vulnerability or are still under investigation.
| Cytiva product name | Affected | Mitigation / Patch status |
| Biacore 8K | Affected | See mitigation instructions |
| Biacore Insight | Affected | See mitigation instructions |
| OptiRun Connect | Affected | Mitigated / Patched |
| PDCentral | Affected | Mitigated / Patched |
| XDR50-2000 | Affected | See mitigation instructions |
What Cytiva customers should do
Customers are recommended to monitor this web page for the latest updates to the above product list. Cytiva will continue to monitor for and respond to new information related to this vulnerability.
What Cytiva is doing
Cytiva is notifying customers and channel partners about this potential security issue. Cytiva will periodically update this page as new information becomes available.
Obtaining support on this issue
If you require technical assistance with this issue, please contact Cytiva Support.
Disclaimer
This document is provided and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information on the document is at your own risk. Cytiva reserves the right to change or update this document at any time.