Investigation of Log4j Vulnerability with BaseSpace Sequence Hub (BSSH) Cloud
On December 10, 2021, Illumina was made aware of a vulnerability in the Apache Log4j software suite (CVE-2021-44228, CVE-2021-45046, and CVE-2021-44832). This software component is a Java-based logging utility and part of the Apache Logging Services Foundation products. After we became aware of the issue, we launched an investigation to identify potentially affected products and assess risk. The BSSH suite was affected and has since been patched.
Note: This includes all modules within the BSSH suite, including Cohort Analyzer/Cohort Engine/Variant Interpreter.
Illumina takes data privacy and security issues very seriously, and we hope this information helps alleviate any concerns about this vulnerability. If you have any questions, contact Illumina Technical Support.
For any feedback or questions regarding this article (Illumina Knowledge Article #6337), contact Illumina Technical Support [email protected].