CVE-2021-45105 & CVE-2021-44832 remediation for CSA

Learn more about the CVE-2021-45105 and CVE-2021-44832 remediation for Flink and SQL Stream Builder in Cloudera Streaming Analytics (CSA).

Cloudera released maintenance versions for CSA on CDP Private Cloud Base to address CVE-2021-45105 and CVE-2021-44832 identified as critical vulnerability issues for Log4j2.

Cloudera encourages users to upgrade to the following CSA versions to avoid any possibility of exploitation:

CVE-2021-45105: CSA 1.5.3 or higher version
CVE-2021-44832: CSA 1.6.1

For more information about the impacts of CVE-2021-45105, see the TSB 2021-547: Critical vulnerability in log4j2 CVE-2021-45105 Knowledge Base article.