Which ArcSight products are vulnerable to the CVE?
What is the Patch Release Program or Mitigation for the topic?
Cybersecurity
DevOps Cloud
IT Operations Cloud
Which ArcSight products are vulnerable to the CVE?
What is the Patch Release Program or Mitigation for the topic?
Still waiting on support RE Smartconn 8.2 ( the lib exisits)
ArcMc seems ok for us but we need to know on the Smartconn. Support are not covering themselves in Glory with this . I woudl expect MF to have a boiler plate response by now and know what was at risk
The Statement that I got from support is below[1] However read second part of the truth [2]
[1]:
1) Pre-ESM 7.5: not impacted
ESM 7.5 and above impacted
2) SC pre-8.2: not impacted
8.2 and above: impacted
3) Logger pre-7.2: not impacted
7.2 and above: impacted
4) ArcMc is not impacted as it ships log4j 1.x but connectors running on arcmc appliances would be impacted if at v8.2+
[2]:
the above Statement must be taken with a grain of salt and a proper understanding on how you read things. I am not saying that the versions are affrected or not - think yourself when you read this:
“Please note that Log4j 1.x has reached end of life and is no longer supported. Vulnerabilities reported after August 2015 against Log4j 1.x were not checked and will not be fixed. Users should upgrade to Log4j 2 to obtain security fixes.“
https://logging.apache.org/log4j/2.x/security.html
And just check for log4j in your installations. Everything not listed in 1-4) might still use log4j 1.x and might be vulnerable as well.
Enjoy
A.