Mumazuva ekupedzisira pamambure pave nekutaura kwakawanda pamusoro pekusagadzikana kweLog4j umo mavector akasiyana-siyana ekurwisa akawanikwa uye mabasa akasiyana siyana akasefa zvakare kuitira kushandisa kusazvibata.
Hukuru hwenyaya iyi ndeyekuti iyi ndiyo yakakurumbira sisitimu yekuronga registry muJava application., iyo inobvumira kodhi kodhi kuti iitwe kana kukosha kwakanyatso kurongwa kuchinyorwa kune registry mufomati "{jndi: URL}". Kurwiswa kwacho kunogona kuitwa paJava maapplication ayo anogadzika kukosha anotorwa kubva kune ekunze masosi, semuenzaniso nekuratidza zvinonetsa maitiro mumhosho meseji.
Uye ndizvo izvozvo munhu anorwisa anoita chikumbiro cheHTTP pane inotangwa system, iyo inoburitsa logi uchishandisa Log4j 2 Iyo inoshandisa JNDI kuita chikumbiro kune inorwisa-inodzorwa saiti. Kusagadzikana kunobva kwakonzeresa maitiro akashandiswa kuti asvike pasaiti uye oita mubhadharo. Mukurwiswa kwakawanda kwakacherechedzwa, iyo parameter iri yeanorwisa iDNS yekunyoresa sisitimu, inoitirwa kunyoresa chikumbiro pasaiti kuona masisitimu ari munjodzi.
Sezvo mumwe wedu Isaac akatogovana:
Kusagadzikana uku kweLog4j kunobvumira kushandisa zvisirizvo kuisirwa kweiyo LDAP, zvichibvumira. kurekodha kuuraya (RCE), uye kukanganisa sevha (kuvanzika, kutendeseka kwedata uye kuwanikwa kwehurongwa). Pamusoro pezvo, dambudziko kana kukosha kwekusagadzikana uku kuri muhuwandu hwezvishandiso uye maseva anoishandisa, kusanganisira bhizinesi software uye makore masevhisi akadai seApple iCloud, Steam, kana yakakurumbira mitambo yemavhidhiyo seMinecraft: Java Edition, Twitter, Cloudflare, Tencent, ElasticSearch, Redis, Elastic Logstash, uye yakareba etc.
Kutaura pamusoro penyaya iyi, munguva pfupi yapfuura iyo Apache Software Foundation yakaburitswa kuburikidza chinyorwa pfupiso yemapurojekiti anogadzirisa kusagadzikana kwakanyanya muLog4j 2 iyo inobvumira kupokana kodhi kumhanya pane sevha.
Aya mapurojekiti anotevera eApache akanganiswa: Archiva, Druid, EventMesh, Flink, Fortress, Geode, Hive, JMeter, Jena, JSPWiki, OFBiz, Ozone, SkyWalking, Solr, Struts, TrafficControl, uye Calcite Avatica. Kusagadzikana kwakanganisawo zvigadzirwa zveGitHub, zvinosanganisira GitHub.com, GitHub Enterprise Cloud, uye GitHub Enterprise Server.
Mumazuva achangopfuura kwave kune kuwedzera kukuru chechiitiko chine chekuita nekushandiswa kwekusagadzikana. Semuyenzaniso, Check Point yakapinda yakatenderedza zana kuedza kuedza paminiti pamaseva ayo ekunyepedzera mukati pamusoro payo, uye Sophos akazivisa kuwanikwa kweiyo itsva cryptocurrency migodhi botnet, yakaumbwa kubva kumasisitimu ane husina kuvharwa muLog4j 2.
Nezve ruzivo rwakaburitswa nezve dambudziko:
- Kusagadzikana kwakasimbiswa mumifananidzo yakawanda yeDocker, kusanganisira couchbase, elasticsearch, flink, solr, dutu remifananidzo, nezvimwe.
- Kusagadzikana kuripo muMongoDB Atlas Search chigadzirwa.
- Dambudziko rinoonekwa mune akasiyana zvigadzirwa zveCisco, zvinosanganisira Cisco Webex Meetings Server, Cisco CX Cloud Agent, Cisco.
- Yepamberi Webhu Yekuchengetedza Kuzivisa, Cisco Firepower Kutyisidzira Kudzivirira (FTD), Cisco Identity Services Engine (ISE), Cisco CloudCenter, Cisco DNA Center, Cisco. BroadWorks, nezvimwewo.
- Dambudziko riripo muIBM WebSphere Application Server uye mune zvinotevera Red Hat zvigadzirwa: OpenShift, OpenShift Logging, OpenStack Platform, Integration Camel, CodeReady Studio, Data Grid, Fuse, uye AMQ Streams.
- Yakasimbiswa nyaya muJunos Space Network Management Platform, Northstar Controller / Planner, Paragon Insights / Pathfinder / Planner.
- Zvigadzirwa zvakawanda kubva Oracle, vmWare, Broadcom, uye Amazon zvinokanganiswawo.
Apache mapurojekiti asina kukanganiswa neiyo Log4j 2 njodzi: Apache Iceberg, Guacamole, Hadoop, Log4Net, Spark, Tomcat, ZooKeeper, uye CloudStack.
Vashandisi vemapakeji ane dambudziko vanorairwa kuti vamise nekukurumidza zvigadziriso zvakaburitswa kwavari, gadzirisai vhezheni yeLog4j 2 zvakasiyana kana kuti isa parameter Log4j2.formatMsgNoLookups kuti iite chokwadi (somuenzaniso, kuwedzera kiyi "-DLog4j2.formatMsgNoLookup = Chokwadi" pakutanga).
Kukiya iyo sisitimu iri panjodzi iyo isina mukana wakananga, zvakakurudzirwa kushandisa iyo Logout4Shell vaccine, iyo, kuburikidza nekomisheni yekurwisa, inofumura iyo Java set "log4j2.formatMsgNoLookups = chokwadi", "com.sun.jndi .rmi.object. trustURLCodebase = nhema "uye" com.sun.jndi.cosnaming.object.trustURLCodebase = nhema "kuvharidzira kumwe kuratidzwa kwekusagadzikana pamasisitimu asingadzoreki.