Is EventSentry affected by the Log4Shell Log4j RCE CVE-2021-44228 vulnerability?

Article ID: 461
Category: Web Reports
Applies to: all versions
Updated: 2022-01-21

EventSentry is not affected by the Log4Shell.

See below for a list of all EventSentry components:

EventSentry Agent: Does not use Log4j, not vulnerable
EventSentry Heartbeat Agent: Does not use Log4j, not vulnerable
EventSentry Network Services: Does not use Log4j, not vulnerable
EventSentry Web Reports: Uses Log4j, however does not use affected versions
Built-In PostgreSQL Database: Does not use Log4j, not vulnerable

CVE-2021-44228 affects Log4j between versions 2.0-beta-9 and 2.14.1.

EventSentry is also not affected and does not meet the critieria outlined in the following vulnerabilities reported for log4j:

CVE-2021-4104
CVE-2021-44228
CVE-2021-44832
CVE-2021-45046
CVE-2021-45105

If you installed EventSentry 4.2.3.136 between December 18th and December 31st, your vulnerability scanners may detect that files from Log4j version 2.17.0 exist in your web reports folder. These files are not loaded or executed by EventSentry and cannot be actively exploited via the EventSentry Web Reports, but it is a good idea to download and install the January 1st updated version of the 4.2.3.136 web reports installer [ FROM HERE ] so that you can have Log4j version 2.17.1 or newer.