Hi Team, In the wake of recent log4j vulnerability, we have update our production stack to version 7.16.3. Post upgrade, under /usr/share/Elasticsearch/lib/ the log4j-core is of version 2.17.1. However in /etc/elasticsearc/lib/ the log4j-core and log4j-api jars are still of version 2.11.1. This …

Elasticsearch 7.16.3 Log4j Vulnerability log4j-core-2.11.1.jar still persists

system (system) Closed March 1, 2022, 10:02pm 3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Secure log4j for elasticsearch Elasticsearch	2	2047	January 11, 2022
Log4j on Elasticsearch 7.9.2 Elasticsearch	9	3587	February 14, 2022
Regarding log4j vulnerability Elasticsearch docker	5	6516	February 2, 2022
Fix log4j ：upgrade ES version OR replace log4j.jar to 2.17.2 Elasticsearch	6	2059	May 19, 2022
Log4Shell comprehensive fix for Elastic Search Elasticsearch	2	1191	January 17, 2022