We have released an update to Risk Intelligence to address the recent Apache Log4j vulnerability. We have evaluated risk within Risk Intelligence and have deployed patches for any vulnerable components as of 3:00 am EST on December 15, 2021.
Please note that no Risk Intelligence agent updates are required.
- Addressed Log4j vulnerability (CVE-2021-44228)
- Fixed intermittent issue where scans crashed after large number of errors trying to read files
More detail can be found in our original post.