I am using Search guard community edition version - Security team has flagged the log4j in the search guard

amalk12 · May 19, 2023, 8:18am

If you think it is a bug report or you have a technical issue, please answer the following questions. For general questions, you can delete these questions.

Elasticsearch version: 7.17.3

Server OS version: Windows 2019

Kibana version (if relevant): 7.17.3

Browser version (if relevant):

Browser OS version (if relevant):

Describe the issue: I am using SG Community edition and have ELK 7.17.3 Cluster. The Security team has flagged the log4j in search guard… is there any fix for it

Steps to reproduce:
1.
2.
3.

Expected behavior:

Provide configuration:
elasticsearch/config/elasticsearch.yml
elasticsearch/plugins/search-guard-7/sgconfig/sg_config.yml
kibana/config/kibana.yml (if relevant)

Provide logs:
Elasticsearch
Kibana (if relevant)

Screenshots (if relevant):

Errors in browser console (if relevant):

Additional data:

pablo · May 19, 2023, 3:49pm

@amalk12 What are the exact versions of your ElasticSearch and Kibana Search Guard plugins?

amalk12 · May 22, 2023, 1:48am

SG Version is 53.1.0 . The log4j has been found currently in the SG TLS Tool

nils · May 22, 2023, 7:56am

We just released a new version of the tlstool with new versions of log4j. See here:

https://maven.search-guard.com/search-guard-tlstool/com/floragunn/search-guard-tlstool/1.9.1/

Note: As the tlstool only runs on trusted data, the log4j vulnerabilities are not really applicable to the tlstool.

amalk12 · June 2, 2023, 4:32am

thanks for your reply