DerKamil 1 Posted December 13, 2021 Share Posted December 13, 2021 Hello, an question: How is it with ESET Secure Authentication and Log4J Problem - i see, that elasticsearch, which is an part of ESA Server uses the log4j-slf4j-impl-2.1.1, log4j-core-2.11.1, log4j-api-2.11.1 from 11/2019 Is ESET Secure Authentication affected of it? Many Thanks for replying. Link to comment Share on other sites More sharing options...
ESET Moderators Peter Randziak 1,084 Posted December 14, 2021 ESET Moderators Share Posted December 14, 2021 Hello @DerKamil, I recommend to check https://support.eset.com/en/kb8190-vulnerability-log4j2-in-the-reporting-engine-elasticsearch-of-eset-secure-authentication The KB article covers Vulnerability log4j2 in the Reporting Engine (Elasticsearch) of ESET Secure Authentication Peter IggyPop 1 Link to comment Share on other sites More sharing options...
ESET Staff IggyPop 19 Posted December 14, 2021 ESET Staff Share Posted December 14, 2021 (edited) On 12/13/2021 at 11:38 AM, DerKamil said: e, that elasticsearch, which is an part of ESA Server uses the log4j-slf4j-impl-2.1.1, log4j-core-2.11.1, log4j-api-2.11.1 from 11/2019 Is ESET Secure Authentication affected of it? Hey Kamil, As Peter has mentioned please visit the page where it is all covered with a recommendation from the Development Team. However, meanwhile we are preparing a hotfix for this vulnerability and it should be available this week. Thanks, Iggy Edited December 14, 2021 by IggyPop Peter Randziak 1 Link to comment Share on other sites More sharing options...
DerKamil 1 Posted December 14, 2021 Author Share Posted December 14, 2021 Hello, many thanks for your reply. Yesterday the point with Elasticsearch was not in this List. But today is it. I will do the workaround for my site now. Peter Randziak 1 Link to comment Share on other sites More sharing options...
Recommended Posts