A vulnerability with the Java Log4j extension was announced this weekend.
Log4j is a Java-based logging audit framework used by blësk for the Event Log Manager (ELM) application.
This critical flaw (Level 10 on a scale of 10), affects the majority of large companies offering web solutions and/or having a web infrastructure or being accessible through the web are affected.
The vulnerability number is CVE-2021-44228.
There are also alternatives to mitigate the behavior of the vulnerability on blësk that follows.
1 – In CLI with the superuser “root”, edit the file /etc/logstash/log4j2.properties
2 – Add to the end of this file the following line: log4j2.formatMsgNoLookups = true
3 – Restart the service with the following command: /etc/init.d/logstash restart
Feel free to contact blësk support if you have any questions.