Spring Framework Vulnerability: CVE-2022-22965

NXLog is aware of the "Spring4Shell" vulnerability that was reported by VMWare last week and the resulting CVE-2022-22965. This vulnerability is a Remote Code Execution (RCE) type vulnerabiltiy impacting Spring Framework while running Apache Tomcat as the servlet container while running on Java version 9 and higher.

NXLog Manager 5.6 Hot-fix 5.6.5633

This hot-fix corrects two bugs as well as replaces Log4j with Logback in order to handle security concerns and address compliance issues.
The Logback implementation also gives us better performance than the existing Log4j 1.2 while giving us additional features to compete with Log4j2.


Configuration changes

log4j.xml

  • left in place on upgrade to 5.6.5621

Existing Log4j configuration example:

Aggregating macOS logs for SIEM systems; Deploying and managing NXLog with Ansible; NXLog Community Edition support for Raijin Database; Deploying and managing NXLog with Puppet

Aggregating macOS logs for SIEM systems

In recent years, for a number of reasons, Macs have become viable alternatives to PCs in many large corporations. Whether your Mac users are working on spreadsheets in accounting or they belong to creative teams developing software or marketing content, your digital assets are valuable and need to be monitored to detect any potential security threats.

NXLog Manager version 5.6 Release Announcement

We are happy to report, that the release of NXLog Manager v5.6 is now available.

The new 5.6 version mainly focuses on performance, stability and bug fixes.

  • Updated heap settings (performance related)
  • Additional changes to agent communications
  • Docker image updates
  • New logging level

Please see the release notes for important information

If you have feedback, would like to see additional improvements, reach out to us.

Pages