Forum Discussion

4 years ago

Solved

LogicMonitor collectors running vulnerable version of Log4j are affected by "Log4shell" CVE-2021-44228 vulnerability?

LogicMonitor collectors running vulnerable version of Log4j are affected by "Log4shell" CVE-2021-44228 vulnerability? If no, can you please explain how?

Mike_Rodrigues
4 years ago
Hey everyone, here's an official communication you can pass on to customers, clients, stakeholders, etc. about what's going on with LM and the Log4shell vulnerability:

https://www.logicmonitor.com/support/log4shell-security-vulnerability-cve-2021-44228

It goes over the details and how to confirm that your collectors are safe. We will update this document as things progress.

Mosh

Professor

4 years ago

Thanks @Michael Rodrigues.

We would much prefer that LogicMonitor updates the log4J libs in the collectors to 2.16 minimum as there are also vulnerabilities in 2.15.

Forum Discussion

LogicMonitor collectors running vulnerable version of Log4j are affected by "Log4shell" CVE-2021-44228 vulnerability?

Related Content

Finding VMware's most recent vulnerability

Log4J security alert, is there any customers need to do?

Question/help ; Datasource to parse servers exposed to the log4j vulnerability ?

Finding Cisco IOS XE CVE-2023-20198 With ConfigSources

Re: Rapid7 integration with LogicMonitor

Recent Discussions

Do widget expressions support if/then value substitution?

Anyone else keep missing chats because there's no Audible Notification any more?

Unclear GD Collector 37.000 Release

Windows Least Privilege and polling (WinServer)

Very basic question