Amazon OpenSearch


Vendor Data Vendor Patch Exists
Community Data Vulnerable

Vendor Resources

Resource Link
Apache Log4j2 Security Bulletin (CVE-2021-44228) (amazon.com) https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
(R20211203-P2) https://aws.amazon.com/security/security-bulletins/AWS-2021-006/

Community Resources

Resource Link
source https://aws.amazon.com/security/security-bulletins/AWS-2021-006/

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix
NCSC-NL Update released, customers need to update their clusters to the fixed release

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated vendorPatchExists. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityVulnerable. Updated vendorPatchExists. Updated vendor link Apache Log4j2 Security Bulletin (CVE-2021-44228) (amazon.com). Updated vendor link (R20211203-P2).