We have identified a high application-related Log4j vulnerability during a recent scan of our Linux servers. Notably, the Nagios Syslog application (version 2.0.8) is hosted on the same affected server.
Before we proceed with updating the application from version 1.2.17 to the latest release, we would like to confirm:
Will this upgrade have any impact on the Syslog application, particularly in terms of compatibility or logging behavior?
Does the latest version address or mitigate any known Log4j vulnerabilities?
Your input will be crucial in helping us plan the upgrade while ensuring system stability and security.
Looking forward to your guidance.
Path : /usr/local/nagioslogserver/elasticsearch/lib/log4j-1.2.17.jar
Installed version : 1.2.17
Security End of Life : August 4, 2015
Time since Security End of Life (Est.) : >= 10 years
High application-related Log4j vulnerability
-
C4_Network
- Posts: 4
- Joined: Mon Nov 27, 2023 11:51 am
-
C4_Network
- Posts: 4
- Joined: Mon Nov 27, 2023 11:51 am
Re: High application-related Log4j vulnerability
Hello Team,
Please share update if we update the jar file from current version 1.2.17.jar to the latest version, is there any impact on syslog application ?
Kindly confirm .
Thanks
Sachin
Please share update if we update the jar file from current version 1.2.17.jar to the latest version, is there any impact on syslog application ?
Kindly confirm .
Thanks
Sachin
-
DoubleDoubleA
- Posts: 286
- Joined: Thu Feb 09, 2017 5:07 pm
Re: High application-related Log4j vulnerability
Hi Sachin,
Thanks for your posts. The support team tells me you have also opened a ticket with them. They will be your best resource on this issue.
Aaron
Thanks for your posts. The support team tells me you have also opened a ticket with them. They will be your best resource on this issue.
Aaron