cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
abhi04d
Engager
Member since: ‎12-23-2021
‎08-30-2022
Community Statistics
Posts 1
Solutions 0
Karma Given 5
Karma Received 0
Member Since ‎12-23-2021
Activity Feed
Topics I've Started
View All

Regarding Log4j

by in Security
‎12-23-2021 01:22 AM
‎12-23-2021 01:22 AM
Hello everyone,  So according to the Splunk blog: Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046) | Splunk it says that the affected versions are: "All supported non-Windows versions of 8.1.x and 8.2.x only if DFS is used. "  I'm using Splunk Enterprise Search Head & Indexer with version 7.3.1 and I can see various log4j-1.2.17.jar files under location "/bin/jars/vendors/spark/2.3.0/lib/", "/etc/apps/splunk_app_db_connect/bin/lib/", /etc/apps/splunk_archiver/java-bin/jars/vendors/spark/ and etc.  Also, I am attaching the result I received from a search query to determine if DFS is enabled on my Splunk servers. Should I be concerned about this vulnerability?  Also to remediate, do I just need to replace this log4j-1.2.17.jar with the latest files directly in the respective directories or do I need to make any changes in the conf files as well?  Any help will be appreciated.  Thank you!   ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎08-30-2022 05:50 AM
Karma given to