cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

IdentityNow Log4j RCE Vulnerability Update: Patched version of CCG now available

lorrin_minton
Community Manager
Community Manager
3 0 4,179

SailPoint has reproduced the recently-identified log4j critical vulnerability (CVE-2021-44228) in IdentityNow and has since released a patch to address this vulnerability. A new version of the Cloud Connector Gateway (CCG) has been also released to address this issue. Customers using CCG version 654 or later are no longer vulnerable and have no further action to take. The CCG version is visible to customer admins in the IdentityNow UI.

Customers should expect contact from SailPoint Support to assist with vulnerability mitigation.