Please help me to find the following Addon's and A...

harishalipaka · ‎12-13-2021

Hi Splunkers 🙂 ,

The vulnerability was disclosed by the Apache Log4j project on Thursday, December 9, 2021. If exploited, it could potentially allow a remote attacker to execute code on the server if the system logs an attacker-controlled string value on an affected endpoint.

Can you please help me to these below Addon's & Apps are impacted or Not --

Splunk Add-on for Microsoft SCOM

Okta Identity Cloud Add-on for Splunk

Lookup Editor

Number Display Viz

Splunk Dashboard Examples

Tanium App

Splunk Enterprise Dashboards Beta

Python for Scientific Computing

Solarwinds Add on for splunk

Tanium Technology Add on

100_genpact_splunkcloud

Splunk DB Connect

Tanium App

Microsoft windows DHCP Add on for splunk

Website Monitoring

rest_ta

These are not listed in below links :-

Splunk Security Advisory for Apache Log4j (CVE-2021-44228) | Splunk

https://www.splunk.com/en_us/blog/security/log-jammin-log4j-2-rce.html

Thanks
Harish

richgalloway · ‎12-14-2021

Splunk DB Connect is confirmed as not affected. See https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228...

Many of the others are not Splunk apps so Splunk will not (likely) post guidance on them. You should contact the app vendors for answers.

You could also look in the app's bin directory for references to log4j. If you don't see any then the app should be safe.

---
If this reply helps you, Karma would be appreciated.

Please help me to find the following Addon's and Apps are impacted with log4j or Not ?

other

Enterprise Security Content Update (ESCU) | New Releases

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

Index This | What are the 12 Days of Splunk-mas?