Which ArcSight products are vulnerable to the CVE?
What is the Patch Release Program or Mitigation for the topic?
Cybersecurity
DevOps Cloud
IT Operations Cloud
Which ArcSight products are vulnerable to the CVE?
What is the Patch Release Program or Mitigation for the topic?
Is Arcmc affected by this cve? According to the link https://fossa.com/blog/log4j-log4shell-zero-day-vulnerability-impact-fixes/amp/
It mentions to upgrade log4j version to 2.15. I checked 8.2 connector and can see it uses version 2.13.
I have added the property as mentioned in the link above to the agent.wrapper.conf. Not sure if it is right location.. Any ideas.
Dlog4j2.formatMsgNoLookups=true