Hello
I was looking to patch LogInsight following the article https://kb.vmware.com/s/article/87089 and noted it was only for v8.2-8.6.
We are running a legacy version (v4.7) which we cannot immediately upgrade. Does anyone know if the log4j vulnerability is an issue for this older version of LI?
Thanks in advance
Hello.
According to to updated KB you are linking to 4.X, 8.0 and 8.1 are not affected by log4j CVE-2021-44228 and CVE-2021-45046.
https://kb.vmware.com/s/article/87089 Updated today with the above information
Thanks for the clarification. I can now see that update which explicitly states the older versions are not affected.
Thanks again
