Statement from Stamus Networks regarding the recent Log4j 2 vulnerability
On December 10, 2021, NIST published a Common Vulnerabilities and Exposure (CVE) alert identifying a new zero day in the Java logging library Apache Log4j which can result in full server takeover. This critical alert - CVE-2021-44228 - applies to Java applications that use this library.
You may read more in these online resources:
Stamus Networks does not use this library in any of its proprietary software systems. However it is used by several components of the ELK stack (Elasticsearch, Logstash and Kibana) which are embedded in our Stamus ND, Stamus NDR, and Stamus Probe Management systems.
The developers of the ELK stack, Elastic, have determined that Logstash and Elasticsearch do indeed contain this vulnerability, and they have identified a fix.
Our research team has reviewed the available literature, evaluated our software architecture, and consulted with our software partners, including Elastic.
We have concluded that there is very little risk of an exploit in the components we know to be vulnerable, Logstash and Elasticsearch. However, out of an abundance of caution we developed a patch for Stamus ND/NDR that fixes the vulnerability in the currently embedded version of Logstash (6.8.10) and Elasticsearch (6.8.10).
And we have notified our customers of its availability.
If you have any questions please feel free to contact us: support@stamus-networks.com
ABOUT STAMUS NETWORKS ™
Stamus Networks believes in a world where defenders are heroes, and a future where those they protect remain safe. As organizations face threats from well-funded adversaries, we relentlessly pursue solutions that make the defender’s job easier and more impactful. The global leader in Suricata-based network security solutions, Stamus Networks helps enterprise security teams know more, respond sooner and mitigate their risk with insights gathered from cloud and on-premise network activity. Our Stamus Security Platform combines the best of intrusion detection (IDS), network security monitoring (NSM), and network detection and response (NDR) systems into a single solution that exposes serious and imminent threats to critical assets and empowers rapid response.
© 2014-2024 Stamus Networks, Inc. All rights Reserved.