Impacted products: IdentityNow, IdentityIQ, File Access Manager, and IdentityAI
These security fixes have been superseded by updates to Log4j 2.17.1 for the following products:
IdentityIQ and File Access Manager customers can refer to latest IdentityIQ and File Access Manager blog posts for instructions on how to deploy the latest releases. IdentityIQ harvester is still being upgraded, and we expect the upgrade to be deployed later today (Friday, December 17, Central Time). We will issue further communications once the updated IdentityIQ harvester has been deployed.
IdentityNow and IdentityAI have also upgraded to Log4J 2.16.0 and Cloud Connector Gateway (CCG) version 658 has been automatically deployed. For customers who have not received the automatic CCG update, SailPoint customer service is reaching out in order to upgrade those instances. The CCG version is visible to customer admins in the IdentityNow UI.