Security

Summary

We are aware of the vulnerability, referred to as "Log4Shell".

Seascape Flex uses Elasticsearch OSS version 7.16.3 (or newer), which is NOT affected by the Apache Log4j vulnerability ().

More information

A high severity vulnerability () impacting multiple versions of the Apache Log4j 2 utility was disclosed publicly via the project’s GitHub on December 9, 2021. The vulnerability impacts Apache Log4j 2 versions 2.0 to 2.14.1.

Elasticsearch, Logstash 7.16.3 and 6.8.23 are released, which upgrade log4j to 2.17.1. By default, Elasticsearch and Logstash have no known vulnerabilities to CVE-2021-44832.

PreviousEnabling HTTPS on Seascape Flex server NextAdding new databases to Flex

Last updated 3 years ago

Was this helpful?