Forum Discussion

4 years ago

Apache Log4j Detection for Windows - Manifest / Properties...

Apache Log4j Detection for Windows - Manifest / Properties Detection Update Summary: In the light of resource requirements to scan entire file systems along with inspecting each Java archive file ...

Java

Target

james_hodge

Connect Contributor

4 years ago

Is this plugin part of the "Log4Shell Vulnerability Ecosystem" policy and if we have existing scans configured which use it will they automatically get updated to reflect this change, or do I have to manually change something please?

gbetz
4 years ago
Hello @James H, this plugin is part of the "Log4Shell Vulnerability Ecosystem" and "Log4Shell" policies. The plugin will still run but the inspection of Java archive files for manifest and properties file will not run unless the following non-default settings are set:
‘Perform thorough tests’ setting must be enabled
‘Override normal accuracy’ setting must be set to ‘Show potential false alarms’

Forum Discussion

Apache Log4j Detection for Windows - Manifest / Properties...

Recent Discussions

New Plugin Family: UnionTech Local Security Checks

Fudo Security API v2 Compatibility

Improved Printer Fingerprinting

Include/Exclude Path and Tenable Utils Unzip added to Log4j Detection

Nutanix Prism v4 API Compatibility

Americas

Europe

Asia / Australia