Skip to main content
Mitratech Success Center

Client Support Center

Need help? Click a product group below to select your application and get access to knowledge articles, webinars, training content, and release notes or to contact our support team.

Authorized users - log in to create a ticket, view tickets status and check your success plan details.


INSZoom Log4j Vulnerability Remediation

INSZoom Log4j Remediation



INSZoom: The core INSZoom application is not affected by the Log4J vulnerabilities, CVE-2021-45046 and CVE-2021-44228.


Cisco DUO: Cisco DUO usage in Hosted INSZoom is consumed via api to Cisco’s DUO Cloud. Log4J Information on Duo Security cloud offering is located here

Elasticsearch: Elasticsearch 6 and 7 are not susceptible to remote code execution with this vulnerability due to the use of the Java Security Manager.



However, it is best practice to completely remove the vulnerable class wherever possible to remediate Log4J JNDI vulnerabilities as there have been other vulnerabilities in Log4J since CVE-2021-44228.

To remove the Log4J JNDI lookup class in ElasticSearch:

·         Navigate to the in-use Elasticsearch directory <ELASTICSEARCH DIRECTORY>elasticsearch-*\lib

·         Locate the log4j-core*.jar file

·         Make a backup of the log4j-core*.jar file and store it in a secure location.

·         Stop all ElasticSearch Services.

·         Open the log4j-core*.lib file with a ZIP archive utility such as 7-zip.

·         Navigate inside the log4j-core*.jar file and delete the JndiLookup.class located in org/apache/logging/log4j/core/lookup/JndiLookup.class

·         Close the archive reader

·         Open the log4j-core*.jar file with a ZIP archive reader such as 7zip or Winzip and validate that the Jndilookup.class is removed from the jar file.

·         After confirming that the vulnerable class is removed, Start all ElasticSearch Services

·         Repeat this process on all ElasticSearch nodes



  • Was this article helpful?