ACTION NEEDED: IdentityIQ and File Access Manager Log4j Remote Code Execution Vulnerability

lorrin_minton
Community Manager
Community Manager
0 0 1,641

IdentityIQ

This vulnerability can and should be immediately mitigated by introducing a JVM system property to the application server environment that is hosting IdentityIQ.

Detailed information on action needed can be located here: https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-log4j-Remote-Code-Execution-Vulnerabil...

 

File Access Manager

This vulnerability can and should be immediately mitigated by updating the log4j library in the Elasticsearch instance that is part of the File Access Manager deployment as documented in the content for the CVE referenced above.

Detailed information on action needed can be located here: https://community.sailpoint.com/t5/File-Access-Manager-Blog/File-Access-Manager-log4j-Remote-Code-Ex...