Intermapper log4j4/25/2023 ![]() (Updated December 28, 2021)Organizations are urged to upgrade to Log4j 2.17.1 (Java 8), 2.12.4 (Java 7) and 2.3.2 (Java 6), and review and monitor the Apache Log4j Security Vulnerabilities webpage for updates and mitigation guidance. If an asset cannot be patched or mitigated, consider removing it from the network. If a product cannot be updated, you should apply the temporary mitigation measures from the list at Mitigating Log4Shell and Other Log4j-Related Vulnerabilities. Note: while certain mitigation measures, such as removing the vulnerable class, can prevent exploitation, tracking each asset’s mitigation status adds administrative overhead so patching is preferred.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |