Log4j Zero Day Vulnerability

Log4j Zero Day Vulnerability

A new zero-day vulnerability has been discovered for the java logging library log4j, which is widely used in many applications.

This allows attackers, who exploit the zero-day vulnerability, to have full control over the systems. This vulnerability tracked in the NVD database as CVE-2021-44228 allows remote code execution. This vulnerability has not been evaluated by NIST and its CVSS score has not been disclosed yet. This vulnerability has been evaluated by NIST and its CVSS 3.1 score has been determined to be 10.0.

Affected Systems

All versions of the log4j library between 2.0.1 and 2.14.1 are affected, including many services and applications written in Java.

IoC’s

Recommended Solution(s)

It is urgently recommended to upgrade Log4j versions to log4j-2.15.0-rc1 to prevent exploitation of this vulnerability.

To avoid the effects of vulnerability; It is recommended to follow the steps prepared by our Technical team for Imperva WAF, F5 WAF and McAfee IPS.

CVE / CWE

CVE-2021-44228

Related Website(s)

• https://nvd.nist.gov/vuln/detail/CVE-2021-44228
• https://logging.apache.org/log4j/2.x/security.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228
• https://www.zdnet.com/article/security-warning-new-zero-day-in-the-log4j-java-library-is-already-being-exploited/

* Vulnerabilities with a CVSS 3.1 score between 7.0 and 8.9 are evaluated to be “high” whereas vulnerabilities with a CVSS 3.1 score between 9.0 and 10.0 are evaluated to be “critical”.