Secure log4j for elasticsearch

beci · December 13, 2021, 3:33pm

Hello,

We have a server with logstash and Elasticsearch installed on it, I updated these two items to 7.16.1.
When I search for files that say "* log4j *", there are always items mentioning version 2.11.1 of log4j :

/usr/share/Elasticsearch/modules/x-pack-core/log4j-1.2-api-2.11.1.jar
/usr/share/Elasticsearch/modules/x-pack-identity-provider/log4j-slf4j-impl-2.11.1.jar
/usr/share/Elasticsearch/modules/x-pack-security/log4j-slf4j-impl-2.11.1.jar
/usr/share/Elasticsearch/modules/vector-tile/log4j-slf4j-impl-2.11.1.jar
/usr/share/Elasticsearch/modules/repository-url/log4j-1.2-api-2.11.1.jar
/usr/share/Elasticsearch/lib/log4j-api-2.11.1.jar

Can you tell me if this is normal and if not how to fix it ?

Thanks for your help

beci · December 14, 2021, 10:47am

I found my answer in this topic Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31

system · January 11, 2022, 10:47am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Elasticsearch 7.16.3 Log4j Vulnerability log4j-core-2.11.1.jar still persists Elasticsearch	2	2809	March 1, 2022
Replace Log4j from 2.11.0 to 2.15.0 Logstash	10	3074	February 3, 2022
Log4j on Elasticsearch 7.9.2 Elasticsearch	9	3351	February 14, 2022
Does Log4j vulnerability (CVE-2021-44228) is impacted for ES v7.5.2? Elasticsearch	2	1269	January 17, 2022
Log4j vulnerability threat impact on Elasticsearch and Logstash versions below 5 Elasticsearch	2	1245	January 16, 2022

Secure log4j for elasticsearch

Related topics