Log4j is an open-source, Java-based logging framework commonly used by enterprise applications and cloud services. A remote code execution vulnerability (CVE-2021-44228) is affecting Log4j versions 2.0-beta9 to 2.14.1. By submitting a specially craft request to a vulnerable system, depending on how the system is configured, an attacker could instruct that system to download and subsequently execute a malicious payload.
It is advised that users pay close attention to the official product support information made available and also in their cloud provider support information center for the valid mitigation information.
For users who built their business platform with opensource tools, please refer to the support information of those tools to understand the necessary packages and overall mitigation measures that may be known.
For users who deploys NGFW/WAF with Threat Prevention Module, search for CVE within their modules and enable the signature set to provide for immediate mitigation measures.
| Products | Products |
|---|---|
|
Apache Struts |
Apache Solr
|
|
Apache Druid |
Apache Flink |
|
Apache Dubbo |
Flume
|
|
ElasticSearch |
Logstash |
|
Kafka |
|
For users who are still unsure which products are vulnerable, click here to follow the process to manage the incident.
For more information about the presented vulnerabilities, please refer to the following articles.
If you require further information or a consultation, please reach out to our team of Cybersecurity Solutions Experts.
21 Dec 2021 | Original articles from National Institute of Standards and Technology (NIST)
Copyright © 2023 JOS (SG) Pte. Ltd. All rights reserved.
