We have receive vulnerabilities affecting elasticksearch servers :
151209 (4) - OpenJDK 7 <= 7u281 / 8 <= 8u272 / 11.0.0 <= 11.0.9 / 13.0.0 <= 13.0.5 / 15.0.0 <= 15.0.1
The solution proposed by security team is to upgrade the OpenJDK version greater than 7u281 / 8u272 / 11.0.9 / 13.0.5 / 15.0.1 .
Is there any patch to use or we need to upgrade the ELK cluster .
The best practice is to use these bundled JDK, which is newer than all these JDKs in all supported versions. See these docs for more information:
In fact our versions of ELK are : 7kibana_version: '7.15.1'
Onan other post , it is suggested toupgrade to 7.17.8 , but the version you shared is 8.6
The guidance for 7.15 is no different:
7.15.1 is bundled with JDK 17 so as long as you're following the best practice in the manual you don't need to do anything.
But we have security vulnerabilities which need to upgrade the ELK version , but we dont know which version we have to migrate to in order to fix those vulnerabilities , 7.17 or 8.6 .
You seem to have opened two threads on very similar topics, which is very confusing. Next time, just use one thread.
This thread is asking about JDK versions that are much older than anything bundled with Elasticsearch, so you don't need to worry about this aspect. Your other thread is asking something different. The official answer about the Log4J vulnerabilities announced at the end of 2021 is here.
Yes I opened two ticket because I think the solution maybe diffrent since for some vulnerabilities affect the elasticsearch and logstash , but for the other it affect all the cluster including kibana servers.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.