Elasticsearch7 Update  

By Christoph Stoettner | 6/8/22 3:56 AM | Infrastructure - Connections | Added by Roberto Boccadoro

CVE-2021-44228 was a very serious problem end of 2021, and we are still finding new occurrences, or security teams scan servers and find vulnerable log4j files. Don’t get me wrong most of these occurrences are not vulnerable any more, because the JVM is hardened like in the Elasticsearch 7 containers, or they use of the JVM parameter -Dlog4j2.formatMsgNoLookups=true.