The latest zero-day Apache log4j vulnerability has surprised the online community with how pervasive this issue is in many systems and software packages. It allows hackers to run commands on any server that is running this vulnerable software.
Here at LexiConn, we have patched all vulnerable applications like SOLR and Tomcat, or have verified the versions in use are not vulnerable to this issue.
For our Magento clients, Elasticsearch is not susceptible to the remote code execution vulnerability, so there are no issues related to the use of Elasticsearch. We will be updating all Elasticsearch v 6/7 installs to the newly released versions just to be sure there are no future issues.
If you have any questions about this vulnerability, please reach out to us.
Tweet The latest zero-day Apache log4j vulnerability has surprised the online community with how pervasive this issue is in many systems and software packages. It allows hackers to run commands on any server that is running this vulnerable software. Here at LexiConn, we have patched all vulnerable applications like SOLR and Tomcat, or have verified
Related posts:
POODLE SSLv3 Vulnerability – A Recap
Heartbleed – All LexiConn Servers Patched
Magento SQL Injection Vulnerability Update