Threat Alert Icon

THREAT ALERTS

LOG4J ZERO-DAY VULNERABILITY

Last Updated: Jun 23, 2022, 12:58:10 PM EST

Vulnerability found in the Java Library, Log4j could lead to a breach.

December 9th, a vulnerability with the Log4J Java Library was published, along with proof-of-concept exploit code. It has since been given the designation CVE-2021-44228, and is nicknamed "Log4Shell"

The vulnerability affects unpatched versions of the Log4j from 2.0-beta9 to 2.15.

"Apache Log4j 2 JNDI features are used in configuration, log messages and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints," nvd.nist.gov states.

According to nvd.nist.gov, a hacker can gain control of those log messages or log parameters to then execute a code loaded from LDAP servers when message lookup substitution is enabled. Older versions (>2.10) can mitigate this by setting the system property "log4j2.formatMsgNoLookups" to "True", or by removing the JndiLookup class from the classpath.

Related Articles & Resources:

Detection of Log4Shell (CVE-2021-44228) using QRadar (ibm.com)

An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog

Log4j2 Vulnerability: How to Mitigate CVE-2021-44228 | CrowdStrike

Companies Respond to Log4Shell Vulnerability as Attacks Rise | SecurityWeek.Com

The Log4j security flaw could impact the entire internet. Here's what you should know - CNN

"Log4Shell": The Latest News, Updates, & Prevention Tips | CrowdStrike

Share This Posting