DataSunrise Security is sponsoring RSA Conference 2022, please visit our booth in San Francisco

New Zero-Day Vulnerability in Log4j

New Zero-Day Vulnerability in Log4j

DataSunrise is aware of the recent disclosure of security issue related to the open-source Apache Log4j (CVE-2021-44228). DataSunrise team is actively monitoring this issue, even though DataSunrise product has not been affected.

Hereby we confirm that the DataSunrise software was not affected by this security incident. The version of Log4j that is included in DataSunrise has not been impacted by this security issue.

The previous version of DataSunrise included the HDFS library that contains the Log4j library. This module is used ONLY for Static Masking on Hive and Impala. All other functionalities do not use this library.

This exploit affects Log4j versions 2.0-2.14.1. The library of Log4j from HDFS that was included in previous version of DataSunrise is of an earlier version, 1.2. So you do not need to take any actions using our product.

We encourage you to check all your environments that contain Log4j and update it to the latest version that is available here: logging.apache.org/log4j/2.x/download.html.

If you need any additional details or help, please contact DataSunrise Support.

Next

New Capabilities for Amazon S3 Sensitive Data Discovery

New Capabilities for Amazon S3 Sensitive Data Discovery

Learn More

Need Our Support Team Help?

Our experts will be glad to answer your questions.

General information:
[email protected]
Customer Service and Technical Support:
support.datasunrise.com
Partnership and Alliance Inquiries:
[email protected]