We understand your concern regarding a vulnerability of the Apache Log4j 2 and Log4j 1, an open-source Apache logging library. This vulnerability was first identified in December of 2021.

We are happy to assure you that none of our DSI software products is affected by this vulnerability. None of them are leveraging either the Apache Log4j 2 or Log4j 1 library.

This applies to the following software products:

• FinePointe
• NeuroScore
• Ponemah

For more information on the Apache Log4j 2 and Log4j 1 vulnerability issue, please see the link below.

https://nvd.nist.gov/vuln/search/results?form_type=Advanced&results_type=overview&search_type=all&cpe_vendor=cpe%3A%2f%3Aapache&cpe_product=cpe%3A%2f%3Aapache%3Alog4net&cpe_version=cpe%3A%2f%3Aapache%3Alog4net%3A1.2.13.0