DerKamil 1 Posted December 13, 2021 Posted December 13, 2021 Hello, an question: How is it with ESET Secure Authentication and Log4J Problem - i see, that elasticsearch, which is an part of ESA Server uses the log4j-slf4j-impl-2.1.1, log4j-core-2.11.1, log4j-api-2.11.1 from 11/2019 Is ESET Secure Authentication affected of it? Many Thanks for replying.
ESET Moderators Peter Randziak 1,183 Posted December 14, 2021 ESET Moderators Posted December 14, 2021 Hello @DerKamil, I recommend to check https://support.eset.com/en/kb8190-vulnerability-log4j2-in-the-reporting-engine-elasticsearch-of-eset-secure-authentication The KB article covers Vulnerability log4j2 in the Reporting Engine (Elasticsearch) of ESET Secure Authentication Peter IggyPop 1
ESET Staff IggyPop 22 Posted December 14, 2021 ESET Staff Posted December 14, 2021 (edited) On 12/13/2021 at 11:38 AM, DerKamil said: e, that elasticsearch, which is an part of ESA Server uses the log4j-slf4j-impl-2.1.1, log4j-core-2.11.1, log4j-api-2.11.1 from 11/2019 Is ESET Secure Authentication affected of it? Hey Kamil, As Peter has mentioned please visit the page where it is all covered with a recommendation from the Development Team. However, meanwhile we are preparing a hotfix for this vulnerability and it should be available this week. Thanks, Iggy Edited December 14, 2021 by IggyPop Peter Randziak 1
DerKamil 1 Posted December 14, 2021 Author Posted December 14, 2021 Hello, many thanks for your reply. Yesterday the point with Elasticsearch was not in this List. But today is it. I will do the workaround for my site now. Peter Randziak 1
Recommended Posts