Notice on Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
Apache Log4j2 has a remote code execution vulnerability (CVE-2021-44228). This notice describes the impact of the vulnerability and its fix.
Vulnerability Impact
Apache Log4j2 has a remote code execution vulnerability (CVE-2021-44228). When Apache Log4j2 processes user input during log processing, attackers can construct special requests to trigger remote code execution. The POC has been disclosed and the risk is high. For details, see Apache Log4j2 Remote Code Execution Vulnerability (CVE-2021-44228 and CVE-2021-45046).
Elasticsearch uses the Log4j framework to record logs and uses Java security manager, so it is not affected by this remote code execution vulnerability. Attackers can exploit the information leakage vulnerability in Log4j to obtain environment variables and some environment data through DNS, but cannot access data in Elasticsearch clusters, so there is no risk of data leakage.
Vulnerability Fix
CSS has installed a patch package for existing clusters to fix this vulnerability. If the cluster has not been restarted since March 30, 2022, restart it to make the patch take effect.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
