Secure log4j for elasticsearch

Hello,

We have a server with logstash and Elasticsearch installed on it, I updated these two items to 7.16.1.
When I search for files that say "* log4j *", there are always items mentioning version 2.11.1 of log4j :

/usr/share/Elasticsearch/modules/x-pack-core/log4j-1.2-api-2.11.1.jar
/usr/share/Elasticsearch/modules/x-pack-identity-provider/log4j-slf4j-impl-2.11.1.jar
/usr/share/Elasticsearch/modules/x-pack-security/log4j-slf4j-impl-2.11.1.jar
/usr/share/Elasticsearch/modules/vector-tile/log4j-slf4j-impl-2.11.1.jar
/usr/share/Elasticsearch/modules/repository-url/log4j-1.2-api-2.11.1.jar
/usr/share/Elasticsearch/lib/log4j-api-2.11.1.jar

Can you tell me if this is normal and if not how to fix it ?

Thanks for your help

I found my answer in this topic Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.