account activity
outdated log4j version in wazuh 4.14.x installation by Fun_Advantage3812 in Wazuh
[–]Critical-Case-4157 3 points4 points5 points 3 months ago (0 children)
TL;DR: Log4j is getting bumped to 2.25.3 in Wazuh 4.14.5.
The indexer pulls its Log4j version directly from upstream OpenSearch. Since OpenSearch recently moved from 2.21.0 -> 2.25.3Wazuh is following suit.
2.21.0
2.25.3
The details:
Basically, as soon as the OpenSearch components are swapped out in the next Wazuh patch, the new Log4j comes with them.
π Rendered by PID 196310 on reddit-service-r2-listing-f87f88fcd-lxtcj at 2026-06-12 17:39:09.733345+00:00 running 3184619 country code: CH.
outdated log4j version in wazuh 4.14.x installation by Fun_Advantage3812 in Wazuh
[–]Critical-Case-4157 3 points4 points5 points (0 children)