Expedition Release Notes
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Hi all,   Expedition, up to version 1.2.3, was making use of Log4j. This package has captured attention in the latest days related to the vulnerability CVE-2021-44228 that would allow code execution on the affected machines with a risk 10 of 10. The vulnerability could be exploited making use of the lookup mechanissm that was introduced in version 2.   Expedition, via its modules for Spark, used Log4j version 1.2.17 which does not include the lookup mechanism and therefore is exempt to the issue. Expedition only used Log4j to write executing log information with predefined messages in the code (to provide information about the execution state) and some parquet data samples when set in Debug mode.   Currently, the Apache Spark team is working on including Log4j 2.16.0 into the core modules of the project. Not because version 1.2.17 is vulnerable to the current threats, but because that version, even useful, got already lots of improvements and it is time to get it upgraded.   Due to the simplicity of the logic used in Log4j and to reduce any concerns on Expedition users, we have decided to stop using Log4j and wait until Apache Spark team includes a newer version into the solution.   We take security very seriously, and also we care a lot about the user experience when using the tool and when not using it. So, now you can sit back and rest, knowing that, if Expedition 1.2.3 was not vulnerable before using Log4j 1.2.17, it is for sure not vulnerable on Expedition 1.2.4.2, when Log4j has been removed.   The Expedition Team
View full article
  • 123 Posts
  • 277 Subscriptions
Customer Advisories

Your security posture is important to us. If you’re a Palo Alto Networks customer, be sure to login to see the latest critical announcements and updates in our Customer Advisories area.

Learn how to subscribe to and receive email notifications here.

Listen to PANCast

PANCast is a Palo Alto Networks podcast that provides actionable insights to customers, helping you maximize your investment while improving your cybersecurity posture.

Labels
Top Contributors