Not sure if this was previously mentioned but the BFI 10.0.7 has the remediation for CVE-2021-44228: BigFix Inventory has a remediation for Log4j Vulnerability CVE 2021-44228
In addition for detecting the Log4j vulnerability in other products the BFI development team has created a separate post for custom template signatures:
How to use BigFix Inventory to discover applications that may be affected by Log4j vulnerability (CVE-2021-44228) as well as other potential vulnerabilities
Java-based applications that use Log4J 2.x library version earlier than 2.15 may be affected by CVE-2021-44228. BigFix Inventory helps you to discover if the affected versions of Log4J are deployed on your environment. It also helps you to identify which applications use the affected version of Log4J. However, there are other known Log4j vu…
1 Like