15th December 2024

Apache Log4j Vulnerability – CVE-2021-44228

A critical vulnerability (CVE-2021-44228) has been reported to assist log4j2. The Apache Log4j vulnerability advances the most widely used log collection framework in Java. Security publications published by Apache can be used. This weakness; is used by using pieces of code over the logs it collects. The attacker sends a send request, and sending those requests to the logs takes over the server.

https://logging.apache.org/log4j/2.x/security.html

Apache Log4j vulnerability
Apache Log4j vulnerability

Affected Systems

It affects the most widely used log collection framework in Java. Products Identified to be Affected by the Log4j Vulnerability.

  • Apache Struts
  • Apache Struts2
  • Apache Tomcat
  • Apache Spark
  • Apache Solr
  • Apache Druid
  • Apache Flink
  • ElasticSearch
  • Flume
  • Apache Dubbo
  • Logstash
  • Kafka
  • IBM Qradar SIEM
  • VMWare
  • NetApp

Solution and CVE/CWE

Apache has released a patch called Log4j 2.16.0 for the vulnerability. CVE shared that Log4j 2.16.0 could fix the vulnerability by removing support for message search patterns and disabling JNDI functionality by default. It is stated that the problem can be mitigated in previous versions by removing the JndiLookup class construct. In order not to be affected by cyberattacks, it is highly recommended to update to the latest version of Apache log4j 2 (2.16.0) for all vulnerable systems. For example, any software you use within your organization, such as your organization’s website, dealer portal, Document Management System, Electronic Document Management System, Personnel Attendance Tracking System, may use this component. As a result, your organization will be affected by this vulnerability. Since this vulnerability has a risk level of 10 over 10, it is possible to completely take over the system in which the relevant software is located. You can download and update Log4j 2.16.0 patches from the link below.

LEARN MORE  What is McAfee ePO? McAfee ePO 5.10 Installation

https://logging.apache.org/log4j/2.x/download.html

CVE/CWE: CVE-2021-44228

Note: Those with a CVSS 3.1 score of 7.0-8.9 out of 10 are considered “high”, and those with 9.0-10.0 are considered “critical” vulnerabilities.

Reference:

https://logging.apache.org/log4j/2.x/security.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228

 

Leave a Reply

Your email address will not be published. Required fields are marked *