Hi Pertaining to 44228, we have deleted the vulnerable class as per ELK suggestion. For this new 45105, do we need to take any action ? I read default Elasticsearch, logstash, Kibana 7.10.2 are not vulnerable. Is that fine?

CVE-2021-45105 for ELK 7.10.2

warkolm (Mark Walkom) December 20, 2021, 3:46am 2

Welcome to our community!

Please see Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31 for the full details.

1 Like

Elasticsearch is a trademark of Elasticsearch BV, registered in the U.S. and in other countries
Trademarks
Terms
Privacy
Brand
Code of Conduct

Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.