ACTION NEEDED: IdentityIQ and File Access Manager Log4j Remote Code Execution Vulnerability
0 0 2,340
Dec 13, 2021 09:48 AM
This vulnerability can and should be immediately mitigated by introducing a JVM system property to the application server environment that is hosting IdentityIQ.
Detailed information on action needed can be located here: https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-log4j-Remote-Code-Execution-Vulnerabil...
File Access Manager
This vulnerability can and should be immediately mitigated by updating the log4j library in the Elasticsearch instance that is part of the File Access Manager deployment as documented in the content for the CVE referenced above.
Detailed information on action needed can be located here: https://community.sailpoint.com/t5/File-Access-Manager-Blog/File-Access-Manager-log4j-Remote-Code-Ex...