Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

Log4j2 vulnerability

Labels:
avatar
author-rank naveennn
New Contributor

Created ‎01-13-2022 12:06 AM

Dears,

Currently we are using Apache kafka 2.13-2.6.0 Version in our production and Currently (log4j-1.2.17) is installed on the server.

After a recent security scan, our vendor suggested upgrading to Log4j version 2.16.0 or higher since 1.x is an Unsupported Version(end of life) and a CVE-2021-4104 vulnerability.

Could you please suggest and provide the guidance to upgrade the log4j version at the earliest.

863 Views
0 Kudos
1 REPLY 1

avatar
author-rank VidyaSargur author-rank
Community Manager

Created ‎01-13-2022 02:41 AM

Hi @naveennn, Please read the relevant Support Announcement here: Cloudera response to CVE-2021-4104 which also has information on what steps to take. 


Regards,

Vidya Sargur,
Community Manager

Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.
Learn more about the Cloudera Community:
842 Views
0 Kudos
Announcements
Product Announcements
[ANNOUNCE] Cloudera on Public Cloud Runtime 7.2.18 is GA!
What's New @ Cloudera
Cloudera Operational Database (COD) supports enhancements to...
Community Announcements
March 2024 Community Highlights
Community Announcements
Celebrating 100,000 Members: A Journey of Growth and Connect...
Product Announcements
[ANNOUNCE] New Cloudera JDBC Connector for Apache Hive 2.6.2...
View More Announcements