Security
Last updated
Was this helpful?
Last updated
Was this helpful?
We are aware of the vulnerability, referred to as "Log4Shell".
Seascape Flex uses Elasticsearch OSS version 7.16.3 (or newer), which is NOT affected by the Apache Log4j vulnerability ().
A high severity vulnerability () impacting multiple versions of the Apache Log4j 2 utility was disclosed publicly via the project’s GitHub on December 9, 2021. The vulnerability impacts Apache Log4j 2 versions 2.0 to 2.14.1.
Elasticsearch, Logstash 7.16.3 and 6.8.23 are released, which upgrade log4j to 2.17.1. By default, Elasticsearch and Logstash have no known vulnerabilities to CVE-2021-44832.