LOG4J Vulnerabilities
IN A NUTSHELL

LOG4J Vulnerabilities

Divya Singh Divya Singh

Divya Singh

Assistant Vice President and Senior IT Audit Officer – Specialized IT

发布日期: 2021年12月30日
+ 关注

1. What is Log4j?

Apache Log4j is a widely used java library used in many commercial and open-source software products as a java logging framework.

Vulnerabilities

  • CVE-2021-44228(RCE)
  • CVE-2021-45046(RCE)
  • CVE-2021-45105(DoS)

Note:- more than 28 Million the number of times the Log4j library has been downloaded in the past 4 months.

2. Make sure your..

  • WAF and IPSs block Log4j related requests.
  • Firewalls block outbound traffic related to Log4j.
  • IDS trigger alerts on Log4j related requests.

3. Why is patching challenging ?

You may encounter applications with the Log4j vulnerbilities after months

  • Identifying the affected assets is hard
  • External scans have limited coverage only
  • Patching may not be possible for #rd party dependencies

4. LOG4j 2021 Timeline

  • Nov 24th - Alibaba cloud security team reported the Apache Log4j RCE vulnerability to Apache.
  • Dec 1st - First use of the vulnerability (will be identified on Dec 10th)
  • Dec 10th - Public disclosure of the first Log4j vulnerability as CVE-2021-44228.
  • Dec 14th - A new RCE vulnerability (CVE-2021-45046) found in the latest (patched) Log4j version 2.15.0
  • Dec 18th - A new RCE vulnerability (CVE-2021-45105) found in the latest (patched) Log4j version 2.16.0


要查看或添加评论,请登录

更多精彩文章

社区洞察

其他会员也浏览了