Search

Apache Log4j Vulnerability

Security teams have been scrambling to address a dangerous new zero-day vulnerability in Apache logging system.The CVE-2021-44228 vulnerability allows unauthenticated remote code execution on any Java application running a vulnerable version of Apache’s Log4j 2


The exploit is dangerous for two reasons:

1) Log4j is used by applications and platforms found all over the internet, including Minecraft, and Apple iCloud.

2) It’s relatively easy to exploit.



How to Fix it?


1- Upgrade to log4j-2.1.50.rc2 immediately. If upgrade is not applicable or could impact other services at the moment, use the workaround below.


2- Workaround:

  • Set the JVM parameter “log4j2.formatMsgNoLookups;” to True

  • Put a Web Application Firewall or Proxy in front of the vulnerable Java app and block access to connections using the User Agent header string “jndi:ldap” and “jndi:dns”

27 views0 comments