Log4j: the vulnerability that everyone talks about

log4j

Surely you have already read something or seen something on social networks. log4j It is not a vulnerability itself, but is the name of an open source library developed in Java (it has also been written in other languages ​​such as Ruby, C, C ++, Python, etc.) by the Apache Software Foundation. Thanks to it, software developers can implement transaction log messages at runtime at various levels of importance.

La vulnerability CVE-2021-44228 that was recently released affects Apache Log4j 2.x. The vulnerability has been called Log4Shell or LogJam, and it was discovered on December 9 by a cybersecurity engineer who calls himself p0rz9 networking. This expert also published a repository on Github about this security hole.

This vulnerability of Log4j allows to exploit an incorrect input validation to LDAP, allowing remote code execution (RCE), and compromising the server (confidentiality, data integrity and system availability). In addition, the problem or importance of this vulnerability lies in the number of applications and servers that use it, including business software and cloud services such as Apple iCloud, Steam, or popular video games such as Minecraft: Java Edition, Twitter, Cloudflare, Tencent , ElasticSearch, Redis, Elastic Logstash, and a long etc.

Given the ease of operation and the critical systems that use it, many cybercriminals are likely to exploit it to spread their ransomware. While others try to come up with solutions, like Florian Roth of Nextron Systems, who has shared some YARA rules to detect attempts to exploit the Log4j vulnerability.

Apache Foundation has also been quick to fix it, releasing a patch for this vulnerability. Therefore, it is vital Importance that you update to Log4j version 2.15.0 now., if you have an affected server or system. For more information on how to do it, you can visit this download link and with information about it.


Be the first to comment

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.