Hi,
Dose the Apache Log4j vulnerability is a part of xi, NCPA, NRPE and NSClient?
How can I verify it?
In case of one of the products is using the Log4j vulnerability there is a patch or work around?
Log4j vulnerability in xi and agents
-
lmiltchev
- Former Nagios Staff
- Posts: 13589
- Joined: Mon May 23, 2011 12:15 pm
Re: Log4j vulnerability in xi and agents
Be sure to check out our Knowledgebase for helpful articles and solutions!
-
elade
- Posts: 144
- Joined: Wed Mar 28, 2018 6:23 am
Re: Log4j vulnerability in xi and agents
Hi lmiltchev,
What about Fusion and the nagios agent NCPA?
What about Fusion and the nagios agent NCPA?
-
lmiltchev
- Former Nagios Staff
- Posts: 13589
- Joined: Mon May 23, 2011 12:15 pm
Re: Log4j vulnerability in xi and agents
Nagios Fusion does not appear to be using vulnerable versions of the products as identified in the MITRE notification. NCPA does not use log4j. NCPA is written in Python, but Log4j is a Java library. NRPE is not affected, either. NSClient++ is NOT one of our products. You can probably find out more information about it on their website.
We recommend using our agent (NCPA) over NRPE and/or NSClient++ as it is actively developed/maintained.
Let me know if you have any further questions. Thank you!
We recommend using our agent (NCPA) over NRPE and/or NSClient++ as it is actively developed/maintained.
Let me know if you have any further questions. Thank you!
Be sure to check out our Knowledgebase for helpful articles and solutions!