Critical flaw found in Fluent Bit cloud services monitoring component
- by nlqip
Tenable reported the issue to the project’s maintainers on April 30, and they responded by developing a patched version of the technology, Fluent Bit 3.0.4, released May 21.
Fluent Bit’s developers urged technology providers to update “immediately to keep your systems stable and secure” in a statement on their website.
Vulnerabilities in cloud-based systems are normally patched promptly and without user intervention. CSOonline approached hyperscaler cloud providers for comment, with one responding that it had not been impacted by the issue and criticising Tenable’s research as somewhat sensationalised.
Other technology providers that make use of the log monitoring tool have the vulnerability in hand.
CrowdStrike, for example, said it had updated to the patched version of Fluent Bit within its environment, and there was no direct impact to customers running the patched version of Fluent Bit.
However, it warned, “Customers using the LogScale Kubernetes Logging package should redeploy and update to the patched version of Fluent Bit immediately. We further recommend that customers running their own instances of Fluent Bit verify their versions and apply the necessary updates to mitigate any potential risks.”
Source link
lol
Tenable reported the issue to the project’s maintainers on April 30, and they responded by developing a patched version of the technology, Fluent Bit 3.0.4, released May 21. Fluent Bit’s developers urged technology providers to update “immediately to keep your systems stable and secure” in a statement on their website. Vulnerabilities in cloud-based systems are…
Recent Posts
- Arm To Seek Retrial In Qualcomm Case After Mixed Verdict
- Jury Sides With Qualcomm Over Arm In Case Related To Snapdragon X PC Chips
- Equinix Makes Dell AI Factory With Nvidia Available Through Partners
- AMD’s EPYC CPU Boss Seeks To Push Into SMB, Midmarket With Partners
- Fortinet Releases Security Updates for FortiManager | CISA