The log4j Vulnerabilities: What You Need to Know About Data and Analytics Software, and Steps You Should Start Taking Now to Protect Your Business

In case you haven’t heard about the widespread log4j vulnerabilities, most experts are calling this the biggest exposure(s) in the history of the internet. According to Jen Easterly, director of Cybersecurity and Infrastructure Security Agency (CISA), “This vulnerability, which is being widely exploited by a growing set of threat actors, presents an urgent challenge to network defenders given its broad use.”

The data and analytics ecosystem is certainly also affected. If the vulnerabilities are not addressed, hackers could tap into computer servers, applications, and devices—accessing an organization’s data and analytics. Two things you can immediately do include:

1. If you are self-hosting any affected software (see list below), we recommend removing any internet-facing applications and immediately remediating the situation.
2. If you use any affected cloud/SaaS/multitenant software that does not automatically use the most current version, we recommend contacting the vendor immediately to update to the newest remediated version.

How These logj4 Vulnerabilities Affect Data and Analytics Tools’ Exposure

As of Jan. 14, 2022, here’s a summary of Analytics8’s understanding of data and analytics tools’ exposure.

Note: Custom configurations or custom builds – especially those involving custom logging – may introduce vulnerabilities. The lists below assume default configurations.

Cloud / SaaS / Multitenant

Vulnerable:

• Non-supported versions of Looker (i.e. NOT versions 21.0, 21.6, 21.12, 21.16, 21.18, or 21.20)

Vulnerable, remediation identified but not yet fully implemented:

• None known

No longer vulnerable:

• Salesforce
  • Sales Cloud
  • Service Cloud
  • B2C Commerce Cloud
  • Force.com
  • Data.com
  • Community Cloud
  • Mulesoft Cloud
  • Datorama
  • Pardot
  • Einstein
• Slack
• Looker 21.0, 21.6, 21.12, 21.16, 21.18, 21.20
• Tableau Online

Never Vulnerable / Not Affected:

• Snowflake
• dbt Cloud
• Microsoft Power BI
• Fivetran

Unknown:

• Birst

On-Prem / Self-hosted

Vulnerable with no known remediation:

• Birst self-hosted

Vulnerable with remediation available:

• Self-hosted versions of Looker
• Tableau family of products
• Qlik
  • GeoAnalytics
  • GeoAnalytics Plus
  • Compose for Data Lakes version 6.6
  • Compose for Data Warehouses versions 6.6, 6.6.1, 7.0
  • Compose versions 2021.2, 2021.5, 2021.8
  • Enterprise Manager versions 6.6, 7.0, 2021.5, 2021.11
  • Replicate versions 6.6, 7.0, 2021.5, 2021.11
  • Qlik Catalog – May 2021 release and onward
• Mulesoft self-hosted
• Matillion family of products
• SAP Business Objects family of products

Never Vulnerable / Not Affected:

• dbt self-hosted
• Microsoft Power BI – all products
• Qlik – all products NOT listed above
• UniverseBridge
• QlikMaps

If anything reported is in error, please let us know! As we learn more, we will keep this post updated.