Hi everyone, Your advice would be very much appreciated! Is Elasticsearch version 6.8.22 or Elastic 7.16.2 considered vulnerable? Do we need to perform any manual mitigation? Also, having the Elasticsearch version 6.5.3 + applying the flag enough? Or do we need to take additional steps? I am awa…

Bitbucket and Elastic security question!

warkolm (Mark Walkom) February 11, 2022, 8:17am 5

Topic		Replies	Views
Log4j CVE-2021-44832 (released 28th dec) - is ES vulnerable? Elasticsearch	10	6644	February 7, 2022
Does Log4j vulnerability (CVE-2021-44228) is impacted for ES v7.5.2? Elasticsearch	2	1269	January 17, 2022
CVE-2021-45105 for ELK 7.10.2 Elasticsearch	4	2842	January 17, 2022
How do I Mitigate LOG4J CVE on Elasticsearch 7.4.0? Elasticsearch	3	613	January 4, 2023
Log4j vulnerability threat impact on Elasticsearch and Logstash versions below 5 Elasticsearch	2	1245	January 16, 2022