CIS Products | Log4j Vulnerability

Most of the CIS products like CSAT PRO, CAT Prov Assessor v4, CAT Pro Assessor v4 Service, CAT Lite, CAT Pro Assessor v3 Full have been impacted by Log4j Vulnerability. Rest of the products like Hosted CSAT, CAT Pro Dashboard and workbench have not been impacted by this. CIS has released updated versions of all these affected products where the Log4j version has been upgraded to 2.15.0 (But the 2.16.0 version is the most recent one which takes care of other vulnerabilities)

CIS ProductVersionStatusPatched?
CIS CSAT ProAllVulnerable  Patched
CIS-CAT Pro Assessor v4AllVulnerable  Patched
CIS-CAT Pro Assessor v4 ServiceAllVulnerable  Patched
CIS-CAT LiteAllVulnerable  Patched
CIS-CAT Pro Assessor v3 Full and DissolvableAllVulnerable  Patched
CIS-Hosted CSATAllNot VulnerableNot Needed
CIS-CAT Pro DashboardAllNot VulnerableNot Needed
CIS WorkBenchAllNot VulnerableNot Needed

CSAT Pro< 1.7.1Vulnerablesource
CIS-CAT Pro Assessor v4< 4.13.0Vulnerablesource
CIS-CAT Pro Assessor Service v4< 1.13.0Vulnerablesource
CIS-CAT Pro Assessor v3< 3.0.77Vulnerablesource
CIS-CAT Pro DashboardAllNot vulnsource
Scroll to Top