Spring Framework Vulnerability: CVE-2022-22965

NXLog is aware of the "Spring4Shell" vulnerability that was reported by VMWare last week and the resulting CVE-2022-22965. This vulnerability is a Remote Code Execution (RCE) type vulnerabiltiy impacting Spring Framework while running Apache Tomcat as the servlet container while running on Java version 9 and higher.

NXLog Manager 5.6 Hot-fix 5.6.5633

This hot-fix corrects two bugs as well as replaces Log4j with Logback in order to handle security concerns and address compliance issues.
The Logback implementation also gives us better performance than the existing Log4j 1.2 while giving us additional features to compete with Log4j2.

Configuration changes


  • left in place on upgrade to 5.6.5621

Existing Log4j configuration example:

Aggregating macOS logs for SIEM systems; Deploying and managing NXLog with Ansible; NXLog Community Edition support for Raijin Database; Deploying and managing NXLog with Puppet

Aggregating macOS logs for SIEM systems

In recent years, for a number of reasons, Macs have become viable alternatives to PCs in many large corporations. Whether your Mac users are working on spreadsheets in accounting or they belong to creative teams developing software or marketing content, your digital assets are valuable and need to be monitored to detect any potential security threats.