You probably already have heard of the critical Log4J2 vulnerability which was disclosed a couple of days ago. Search Guard solely depends on the Log4j2 component shipped by Elasticsearch. Thus, the vulnerability is only fixable by updating Elasticsearch or by applying the mitigations recommended b…

Update on the Log4J2 RCE Vulnerability - CVE-2021-44228

jkressin December 14, 2021, 8:03pm 2

Topic		Replies	Views
Search Guard for Elasticsearch 6.8.21 CVE-2021-44228 Search Guard	1	777	January 4, 2022
Log4Shell: Search Guard for Elasticsearch 6.8.22 released Announcements	1	843	January 3, 2022
Log4Shell: Search Guard for Elasticsearch 7.16.1 released Announcements	1	987	December 28, 2021
Log4Shell: Search Guard for Elasticsearch 7.16.2 released Announcements	1	963	January 3, 2022
Log4Shell: Search Guard for Elasticsearch 6.8.21 released Announcements	1	601	December 29, 2021