Blog Post

Product and Website News
1 MIN READ

Sisense Log4j Statement

Allison_Able's avatar
Allison_Able
Data Integration
12-14-2021

Sisense is aware of the recently disclosed Apache Log4j vulnerability (CVE-2021-44228). We are actively working to patch any Sisense customers that are affected by this vulnerability. Click the attachment below for continuous updates on recommended guidance for both Linux & Windows OS.

Updated 06-15-2023
Version 16.0
community news
Allison_Able's avatar
Data Integration
When I am not community building, you can find me hanging out with my sweet pup, traveling the world with my husband, or exploring a local trail.
View Profile
Product and Website News
News about Sisense releases and the Sisense Community website

22 Comments

Show More
  • Patrick_Drew's avatar
    Patrick_Drew
    Data Storage
    12-20-2021

    Anonymous 

    1. The Windows patch script doesn't scan C:\ProgramData\Sisense, which has jars with a dependency on the JndiLookup class, can you please let me know why?

    Version 7.1

    C:\ProgramData\Sisense\DataConnectors\GoogleSheets\Sisense.GoogleSheets.JVM.1.0.16423.96.0.0\com.sisense.connectors.GoogleSpreadsheetsConnector.jar

    Version W20.21.4.10058

    C:\ProgramData\Sisense\DataConnectors\Athena\Sisense.Athena.JVM.1.0.16423.20.21.4.10001.0.0\com.sisense.connectors.Athena.jar
    C:\ProgramData\Sisense\DataConnectors\GenericJDBC\Sisense.GenericJDBC.JVM.1.0.16423.20.21.4.10001.0.0\com.sisense.connectors.GenericJDBC.jar
    C:\ProgramData\Sisense\DataConnectors\GoogleAds\Sisense.GoogleAds.JVM.1.0.16423.10001.0.0\com.sisense.connectors.GoogleAds.jar
    C:\ProgramData\Sisense\DataConnectors\GoogleAnalytics\Sisense.GoogleAnalytics.JVM.1.0.16423.10001.0.0\com.sisense.connectors.GoogleAnalytics.jar
    C:\ProgramData\Sisense\DataConnectors\GoogleBigQuery\Sisense.Google BigQuery.JVM.1.0.16423.20.21.4.10003.0.0\com.sisense.connectors.GoogleBigQuery.jar
    C:\ProgramData\Sisense\DataConnectors\GoogleSheets\Sisense.GoogleSheets.JVM.1.0.16423.20.21.4.10001.0.0\com.sisense.connectors.GoogleSpreadsheetsConnector.jar
    C:\ProgramData\Sisense\DataConnectors\MemSql\Sisense.MemSQL.JVM.1.0.16423.20.21.4.10001.0.0\com.sisense.connectors.Memsql.jar
    C:\ProgramData\Sisense\DataConnectors\MongoDB\Sisense.MongoDB.JVM.1.0.16423.20.21.4.10003.0.0\com.sisense.connectors.Mongodb.jar
    C:\ProgramData\Sisense\DataConnectors\MsSql\Sisense.MsSql.JVM.1.0.16423.10002.0.0\com.sisense.connectors.MsSql.jar
    C:\ProgramData\Sisense\DataConnectors\Mysql\Sisense.MySQL.JVM.1.0.16423.20.21.4.10001.0.0\com.sisense.connectors.MySql.jar
    C:\ProgramData\Sisense\DataConnectors\Oracle\Sisense.Oracle.JVM.1.0.16423.20.21.4.10001.0.0\com.sisense.connectors.OracleJdbc.jar
    C:\ProgramData\Sisense\DataConnectors\Postgresql\Sisense.Postgresql.JVM.1.0.16423.20.21.4.10001.0.0\com.sisense.connectors.Postgresql.jar
    C:\ProgramData\Sisense\DataConnectors\Redshift\Sisense.Redshift.JVM.1.0.16423.20.21.4.10001.0.0\com.sisense.connectors.Redshift.jar
    C:\ProgramData\Sisense\DataConnectors\Salesforce\Sisense.Salesforce.JVM.1.0.16423.20.21.4.10001.0.0\com.sisense.connectors.Salesforce.jar
    C:\ProgramData\Sisense\DataConnectors\Snowflake\Sisense.Snowflake.JVM.1.0.16423.20.21.4.10001.0.0\com.sisense.connectors.Snowflake.jar


    2. Sisense has dependencies on Log4J 1 via Zookeeper and Logstash, which is end of life also has a CVE. What steps is Sisense taking to mitigate this vulnerability?

  • Anonymous's avatar
    Anonymous
    01-04-2022

    Patrick_Drew 

    Happy New Year and apologies for missing your comment. The latest Windows patch revision from 12/23 should address scanning for those directories. If you rerun the revised patch and have any issues please let our Support Team know. 

    For the Log4j 1 dependancies I'll inquire with our team internally for a definitive answer and share here as soon as I can. 

     

     

Related Content

Related Content

CASE WHEN Statements

Overview CASE WHEN statements provide great flexibility when dealing with buckets of results or when you need to find a way to filter out certain results. You can think of these almost as IF-THEN...
intapiuserCDT
3.9KViews
0likes
0Comments

Filters In Case When Statements

I came across an interesting use case with a customer where they had a name and ID column on a dataset:  Select a filter value for name, and not id -> show results for name Select a filter v...
intapiuserCDT
2.8KViews
0likes
0Comments