This is especially true for software you are running on internet-facing systems but should not be limited to such systems due to the lateral attack threat posed by the severity of this vulnerability. Seek mitigation countermeasures or patches from either open -source software project maintainers or commercial software manufacturers for all affected systems. Review your software supply chain and software bill of materials. Then, either immediately upgrade these deployments to Log4j version 2.17.1 (Updated recommendation January 6th 2021 as 2.17 has now been reported by Apache as susceptible to a Denial of Service attack) and deploy the configuration mitigations recommended by Apache, more details in this article. Conduct an extensive infrastructure and software application audit to identify all systems that implement the Apache Log4j2 logging framework.We also recommend the following course of action: Ways to Mitigate the Risk to Your Infrastructureīitdefender strongly advises its customers to take immediate action and deploy all existing patches and mitigations recommended in industry vendor advisories. It is important to note this vulnerability is easy to exploit and applications using the affected Log4j2 versions are subject to an extensive attack surface. Likely, this vulnerability will linger in computing infrastructures for an extensive period of time due to the widespread use of the Log4j2 logging framework. The CVE-2021-44228 vulnerability has been assigned the highest possible risk score (CVSS 10) due to its exploitation impact (ability to remotely execute code on targeted hosts). ( CVE-2021-44228, the focus of this post was fixed by 2.15, however, CVE-2021-45046 required a fix made in 2.16 and CVE-2021-45105 a fix made in 2.17.)īitdefender is already seeing and monitoring several malicious actors running active exploitation campaigns. The vulnerability together with two other subsequent vulnerabilities affect versions 2.0 through 2.17.0 version 2.17.1 is not vulnerable. On December 9, 2021, Apache disclosed CVE-2021-44228, a remote code execution vulnerability – assigned with a severity of 10 (the highest possible risk score) – affecting Apache Log4j2, a Java-based logging framework widely used in commercial and open-source software products.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |