Forum Discussion

3 years ago

LogicMonitor collectors running vulnerable version of Log4j are affected by "Log4shell" CVE-2021-44228 vulnerability?

LogicMonitor collectors running vulnerable version of Log4j are affected by "Log4shell" CVE-2021-44228 vulnerability? If no, can you please explain how?

Mike_Rodrigues
3 years ago
Hey everyone, here's an official communication you can pass on to customers, clients, stakeholders, etc. about what's going on with LM and the Log4shell vulnerability:

https://www.logicmonitor.com/support/log4shell-security-vulnerability-cve-2021-44228

It goes over the details and how to confirm that your collectors are safe. We will update this document as things progress.

DanB

Advisor

3 years ago

Is there something that LM will release more official that we can share with our clients. I've been asked many times today if we can delete these files or uninstall LM Collectors b/c these boxes are still turning up as still 'venerable' by this vulnerability scans.

Forum Discussion

LogicMonitor collectors running vulnerable version of Log4j are affected by "Log4shell" CVE-2021-44228 vulnerability?

Related Content

Finding VMware's most recent vulnerability

Log4J security alert, is there any customers need to do?

Question/help ; Datasource to parse servers exposed to the log4j vulnerability ?

Finding Cisco IOS XE CVE-2023-20198 With ConfigSources

Re: Rapid7 integration with LogicMonitor

Recent Discussions

Change roles without email notification?

ConfigSource for Linux Files.

Module Toolbox AppliesTo IDE

Non-Admin Collector install

UIv4 - Report Permission Bug