Hi, I am currently using Elasticsearch and Logstash oss version 7.8.0.
The log4j-core and lo4j-api version in Elasticsearch is 2.11.1 and in Logstash it is 2.12.1.
Can i upgrade the log4j jar files (v.2.17.0) in my existing Elasticsearch and Logstash (7.8.0) to solve this vulnerability and without impacting the functioning of ELK.
Or it is necessary to upgrade to ELK v7.16.2 to solve it.