question Cloudera response to CVE-2021-4104 in Community Announcements https://community.cloudera.com/t5/Community-Announcements/Cloudera-response-to-CVE-2021-4104/m-p/332287#M68 <P><SPAN style="font-weight: 400;">Cloudera is aware of </SPAN><A href="https://nvd.nist.gov/vuln/detail/CVE-2021-4104" target="_blank" rel="noopener"><SPAN style="font-weight: 400;">CVE-2021-4104</SPAN></A><SPAN style="font-weight: 400;">, which affects the Apache Log4j 1.x JMSAppender. This flaw only affects software that is explicitly configured to use the JMSAppender, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSAppender. Cloudera does not use JMSAppender in its products and it is not used by default in log4j properties. Cloudera customers do not need to take any action to address CVE-2021-4104. If you have further questions, please contact Cloudera Support through our </SPAN><A href="https://my.cloudera.com/" target="_blank" rel="noopener"><SPAN style="font-weight: 400;">My Cloudera</SPAN></A><SPAN style="font-weight: 400;"> Support portal.</SPAN></P> <P>&nbsp;</P> <P><SPAN style="font-weight: 400;">Because Cloudera Manager and Ambari allow authenticated users with privileged access to modify cluster configuration to insert custom logging configuration, customers are advised to review the logging configuration for their clusters to ensure that they do not contain references to the JMSAppender. To find these settings, look for the following based on the cluster management tool in use:</SPAN></P> <UL> <LI style="font-weight: 400;" aria-level="1"><SPAN style="font-weight: 400;">Cloudera Manager: "{SERVICE_NAME} Logging Advanced Configuration Snippet (Safety Valve)"</SPAN></LI> <LI style="font-weight: 400;" aria-level="1"><SPAN style="font-weight: 400;">Ambari: “Advanced{SERVICE_NAME}-log4j”</SPAN></LI> </UL> Wed, 15 Dec 2021 22:44:48 GMT cjervis 2021-12-15T22:44:48Z Cloudera response to CVE-2021-4104 https://community.cloudera.com/t5/Community-Announcements/Cloudera-response-to-CVE-2021-4104/m-p/332287#M68 <P><SPAN style="font-weight: 400;">Cloudera is aware of </SPAN><A href="https://nvd.nist.gov/vuln/detail/CVE-2021-4104" target="_blank" rel="noopener"><SPAN style="font-weight: 400;">CVE-2021-4104</SPAN></A><SPAN style="font-weight: 400;">, which affects the Apache Log4j 1.x JMSAppender. This flaw only affects software that is explicitly configured to use the JMSAppender, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSAppender. Cloudera does not use JMSAppender in its products and it is not used by default in log4j properties. Cloudera customers do not need to take any action to address CVE-2021-4104. If you have further questions, please contact Cloudera Support through our </SPAN><A href="https://my.cloudera.com/" target="_blank" rel="noopener"><SPAN style="font-weight: 400;">My Cloudera</SPAN></A><SPAN style="font-weight: 400;"> Support portal.</SPAN></P> <P>&nbsp;</P> <P><SPAN style="font-weight: 400;">Because Cloudera Manager and Ambari allow authenticated users with privileged access to modify cluster configuration to insert custom logging configuration, customers are advised to review the logging configuration for their clusters to ensure that they do not contain references to the JMSAppender. To find these settings, look for the following based on the cluster management tool in use:</SPAN></P> <UL> <LI style="font-weight: 400;" aria-level="1"><SPAN style="font-weight: 400;">Cloudera Manager: "{SERVICE_NAME} Logging Advanced Configuration Snippet (Safety Valve)"</SPAN></LI> <LI style="font-weight: 400;" aria-level="1"><SPAN style="font-weight: 400;">Ambari: “Advanced{SERVICE_NAME}-log4j”</SPAN></LI> </UL> Wed, 15 Dec 2021 22:44:48 GMT https://community.cloudera.com/t5/Community-Announcements/Cloudera-response-to-CVE-2021-4104/m-p/332287#M68 cjervis 2021-12-15T22:44:48Z