We are posting this communication to provide an update on the security vulnerability that has been discovered in version 2.8.2 of the Apache Log4j as documented in the United States National Vulnerability Database: https://nvd.nist.gov/vuln/detail/CVE-2021-44228.
This post is related to Agilent Atomic Spectroscopy Software products only.
The Apache Log4j vulnerability does NOT affect the following products:
- ICP-MS MassHunter 4.x or 5.x
- ICP Go 1.x
- ICP Expert 7.x
- ICP Expert II
- MP Expert 1.x
- SpectrAA 5.x
- Software Database Administrator (SDA) and Software Configuration Manager (SCM) for 21CFR Part 11 compliance.
Thank you for selecting Agilent products for your laboratory. For questions, contact your local Agilent support representative or Customer Contact Center (go to https://www.agilent.com/en/contact-us/page).
20Dec2021 17:06 PST: Initial version