How Phlexglobal has responded to Log4j vulnerability

Posted by Tom Underhill | Dec 17, 2021 7:11:59 PM

At Phlexglobal, as we are made aware of new potential security vulnerabilities we rapidly assess the risk and take appropriate action in line with our SOPs regarding vulnerability management.  

On December 9th 2021 a vulnerability in a Java based package log4j was made public and has since had widespread news coverage. This vulnerability allows an attacker to execute code on a remote server. Because of the widespread use of Java and Log4j, this is considered a serious and potentially impactful vulnerability. As such, Phlexglobal has rated this as a High risk and taken immediate action.


Phlexglobal’s core products, PhlexTMF and PhlexRIM are both protected by Cloudflare WAF, which provided an immediate response to the issue to protect customers. More details on this can be found at 

In addition, Phlexglobal has run a full perimeter scan using AppCheck security scanning platform. AppCheck provided targeted templates to scan for this vulnerability, more details can be found at This scan did not find any vulnerabilities across the Phlexglobal network.


We are currently reviewing all our critical suppliers and assessing their responses to this situation and ensuring that these meet the standards that we demand. We are cross referencing against a public list of open vulnerabilities that we are following which can be found at  We also continue to rely on our internal tooling, including Darktrace and Azure Sentinel, to identify any suspicious network behaviour. 


Topics: TMF, RIM / IDMP

Entering the Post-Paper Realism: The Principles of Cyber Ethics

The Shoulds and Shouldn’ts of Electronic Systems and Data in Clinical Trials Intro

Read More

Overcoming TMF misfiles and metadata errors to reduce inspection risk

Trial master file misfiles are a common occurrence, with as many as one in every 10 documents being misfiled.  

Read More

TMF Management in Clinical Trials Blog 2: The Path to Metric Nirvana

Good morning, good afternoon, good evening (I like to cover every possibility because who knows when you are reading ...

Read More

TMF Management in Clinical Trials Blog 1: The Simple Process

And we are back with another season of blogs guys, I know you missed my ramblings after the Clinical Trials and TMF 101 ...

Read More

Clinical Trials & the TMF 101 - Blog 4: The TMF Trinity

Introduction We have been on a journey you and me, we started off by understanding the purpose of a clinical trial and ...

Read More

Subscribe To Our Blog!

Digital Brain Header Large Brain Right

It's time to raise your standard 

Contact Us