New Log4Shell (CVE-2021-44228) probe for Jenkins Health Advisor plugin by CloudBees

16 views
Skip to first unread message

Arnaud Héritier

unread,
Dec 14, 2021, 11:23:51 AM12/14/21
to Jenkins Users
Hi community,

If you are using the Jenkins Health Advisor plugin by CloudBees ( https://plugins.jenkins.io/cloudbees-jenkins-advisor/ ) we just added a probe to detect when the Controller JVM has a log4j artifact impacted by #Log4Shell (CVE-2021-44228) in its open file descriptors.

If you see it reporting a problem not listed under https://issues.jenkins.io/issues/?jql=labels%20%3D%20CVE-2021-44228 please report it.

Thanks


--
Arnaud Héritier
Twitter/GitHub/... : aheritier

Mark Waite

unread,
Dec 14, 2021, 1:14:17 PM12/14/21
to Jenkins Users
On Tuesday, December 14, 2021 at 9:23:51 AM UTC-7 Arnaud Héritier wrote:
Hi community,

If you are using the Jenkins Health Advisor plugin by CloudBees ( https://plugins.jenkins.io/cloudbees-jenkins-advisor/ ) we just added a probe to detect when the Controller JVM has a log4j artifact impacted by #Log4Shell (CVE-2021-44228) in its open file descriptors.

If you see it reporting a problem not listed under https://issues.jenkins.io/issues/?jql=labels%20%3D%20CVE-2021-44228 please report it.


I'm a very happy user of the Jenkins Health Advisor.  Highly recommended as a way to get email advice from Jenkins experts.  See https://www.youtube.com/watch?v=p_suN31OIAg for a video introduction to Health Advisor.
Reply all
Reply to author
Forward
0 new messages