Hi Team,
Need your expert advice on current on going log4j vulnerability. We are using below Nagios products in our environment and these are standalone application & not integrated with any 3rd party Java based application. In order to protect current Nagios environment from log4j vulnerability.
Request you to please advice next plan of action/mitigation steps.
Nagios XI 5.8.7
Nagios Network Analyzer 2.4.3
Nagios Log Server 2.1.9
Nagios Fusion 4.1.9
Warm Regards,
QP User
Log4j Remediation
-
benjaminsmith
- Posts: 5324
- Joined: Wed Aug 22, 2018 4:39 pm
- Location: saint paul
Re: Log4j Remediation
Hi QP User,
Thanks for checking in with us on this.
We have an official update on this vulnerability on our website. Nagios Log Server does use log4j but it uses an older version that is not impacted - 1.2.17.jar.
https://www.nagios.com/news/2021/12/upd ... erability/
The other products do not, however, we recommend reaching out to your admins/security teams to make sure your systems are not impacted by other applications or integrations.
Let us know if you have any questions or comments.
--Benjamin
Thanks for checking in with us on this.
We have an official update on this vulnerability on our website. Nagios Log Server does use log4j but it uses an older version that is not impacted - 1.2.17.jar.
https://www.nagios.com/news/2021/12/upd ... erability/
The other products do not, however, we recommend reaching out to your admins/security teams to make sure your systems are not impacted by other applications or integrations.
Let us know if you have any questions or comments.
--Benjamin
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Be sure to check out our Knowledgebase for helpful articles and solutions!
Be sure to check out our Knowledgebase for helpful articles and solutions!