![]() Official patches to upgrade the Log4j packages and mitigate the vulnerability in all usage scenarios are planned to be available no later than Monday, December 13, 2021.Ĭore Splunk Cloud is not impacted by CVE-2021-44228. Customers may follow the guidance in the "Removing Log4j from Splunk Enterprise" section below to remove these packages out of an abundance of caution. Windows versions of Splunk Enterprise do not include Log4j. If these features are not used, there is no active attack vector related to CVE-2021-44228.Īll recent non-Windows versions of Splunk Enterprise include Log4j for these features. However, if Data Fabric Search (DFS) and Splunk Analytics for Hadoop (Hunk) product features are used, there is an impact because these product features leverage Log4j. Summary of Impact for Splunk Enterprise and Splunk CloudĬore Splunk Enterprise functionality does not use Log4j and is therefore not impacted. Current customers can file support tickets through standard channels for specific guidance. Please return to this posting for the most up to date information. These products are tracked separately across On Prem and Cloud products. The below tables contain our most up-to-date guidance on our products. Splunk is currently reviewing our supported products for impact and evaluating options for remediation and/or or mitigation. Log4j 2 is a commonly used open source third party Java logging library used in software applications and services. ![]() If exploited, this vulnerability allows adversaries to potentially take full control of the impacted system. The vulnerability is also known as Log4Shell or LogJam by security researchers. This vulnerability is designated by Mitre as CVE-2021-44228 with the highest severity rating of 10.0. A critical remote code execution vulnerability impacting at least Apache Log4j 2 (versions 2.0 to 2.14.1) was recently announced by Apache.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |