Chat now with support
Chat with Support
Self Service Tools
Knowledge Base
My Account
Notifications & Alerts
Product Support
Software Downloads
Technical Documentation
User Forums
Video Tutorials
RSS Feed
Support Essentials
Awards and Testimonials
License Agreement
Support Guide

One Identity Safeguard for Privileged Sessions Product Notification

Critical Alerts
Critical Notification

Safeguard for Privileged Sessions


Safeguard for Privileged Sessions may be affected by the recent Apache Log4j 0-day vulnerability(CVE-2021-44228).

How does this affect me?

When Safeguard for Privileged Analytics is enabled, Safeguard for Privileged Sessions is potentially vulnerable to exploitation of the log4j vulnerability. Given the way log4j is used within the product, the likelihood of exploitability is low, but we are sending this notice and recommend taking protective action out of an abundance of caution. If Privileged Analytics is NOT enabled, you are not at risk.

Workaround/ Resolution

The immediate workaround to remove any threat of the log4j vulnerability is to disable Safeguard Analytics functionality. This is the only component of Safeguard for Privileged Session that is impacted. Please refer to KB Article 336007 which provides instructions on how to disable this add-in.


In an effort to further protect our customers, we will be developing a hotfix which will be available for all supported versions of Safeguard for Privileged Sessions by 12/17/21 which will eliminate the vulnerability entirely allowing full usage of the Safeguard Analytics functions. We apologize for the inconvenience this issue may have caused and we are working quickly correct it.