'Elasticsearch&Logstash Log4j Vulnerabilities

We have log4j vulnerabilities for Elasticsearch and Logstash in the following paths:

Path : /usr/share/Elasticsearch/lib/log4j-core-2.11.1.jar Path : /usr/share/logstash/logstash-core/lib/jars/log4j-core-2.14.0.jar

Is there a workaround to fix the vulnerabilities? Otherwise, Is the only solution to upgrade the application version?

Logstash and Elasticsearch version: 7.13

Could you help me to solve the problem?

Thanks



Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source