Apache Log4j - Log4Shell Vulnerability Update
e92plus
December 2021
by Neil Langridge
A vulnerability has been discovered that affects version of the Apache Log4j library, which is in use across many applications (both internal and web-facing) and so impacts many organisations. To find out more, please visit the NCSC blog at https://www.ncsc.gov.uk/news/apache-log4j-vulnerability.
At present, our vendor partners have made the following blogs/resources available to help customers using their solutions or looking to remediate:
https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability
https://www.cybereason.com/blog/cybereason-releases-vaccine-to-prevent-exploitation-of-apache-log4shell-vulnerability-cve-2021-44228
https://www.cybereason.com/blog/cybereason-solutions-are-not-impacted-by-apache-log4j-vulnerability-cve-2021-44228
https://blog.cloudflare.com/actual-cve-2021-44228-payloads-captured-in-the-wild/
https://blog.cloudflare.com/inside-the-log4j2-vulnerability-cve-2021-44228/
https://blog.cloudflare.com/log4j-cloudflare-logs-mitigation/
https://www.contrastsecurity.com/security-influencers/0-day-detection-of-log4j2-vulnerability
https://www.contrastsecurity.com/security-influencers/contrast-vs-the-log4j2-cve-a-demonstration
https://blog.checkpoint.com/2021/12/11/protecting-against-cve-2021-44228-apache-log4j2-versions-2-14-1/
https://success.trendmicro.com/solution/000289940
https://www.radware.com/security/threat-advisories-and-attack-reports/log4shell-critical-log4j-vulnerability/
https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228
https://www.vicarius.io/blog/vicarius-log4shell-what-you-need-to-know
https://blog.cymulate.com/log4shell-vulnerability
https://blog.cymulate.com/log4j-check-and-validate
https://cymulate.com/log4j-resilience-assessment?e92plus
This web-based tool can help identify server applications that may be affected by the Log4Shell (CVE-2021-44228) vulnerability:
https://log4j-tester.trendmicro.com/?linkId=144321740
https://support.forcepoint.com/s/article/Apache-log4j-Zero-Day-RCE-Vulnerability-CVE-2021-44228 (Requires login)
https://go.pingidentity.com/NjcxLU1HSi01NzAAAAGBRXWzCVWWpzXrx-3gfvE3jJAwb-FXhsMsa24Z6Tgm0gQY81mtK3WNJ2YxREI3ZKqCSEDPNM= (Requires login)
If you have any customers requesting immediate support, please contact the e92plus Technical Team on 020 8274 7000. We will also be updating this blog as the situation progresses.
At present, our vendor partners have made the following blogs/resources available to help customers using their solutions or looking to remediate:
https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability
https://www.cybereason.com/blog/cybereason-releases-vaccine-to-prevent-exploitation-of-apache-log4shell-vulnerability-cve-2021-44228
https://www.cybereason.com/blog/cybereason-solutions-are-not-impacted-by-apache-log4j-vulnerability-cve-2021-44228
https://blog.cloudflare.com/actual-cve-2021-44228-payloads-captured-in-the-wild/
https://blog.cloudflare.com/inside-the-log4j2-vulnerability-cve-2021-44228/
https://blog.cloudflare.com/log4j-cloudflare-logs-mitigation/
https://www.contrastsecurity.com/security-influencers/0-day-detection-of-log4j2-vulnerability
https://www.contrastsecurity.com/security-influencers/contrast-vs-the-log4j2-cve-a-demonstration
https://blog.checkpoint.com/2021/12/11/protecting-against-cve-2021-44228-apache-log4j2-versions-2-14-1/
https://success.trendmicro.com/solution/000289940
https://www.radware.com/security/threat-advisories-and-attack-reports/log4shell-critical-log4j-vulnerability/
https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228
https://www.vicarius.io/blog/vicarius-log4shell-what-you-need-to-know
https://blog.cymulate.com/log4shell-vulnerability
https://blog.cymulate.com/log4j-check-and-validate
https://cymulate.com/log4j-resilience-assessment?e92plus
This web-based tool can help identify server applications that may be affected by the Log4Shell (CVE-2021-44228) vulnerability:
https://log4j-tester.trendmicro.com/?linkId=144321740
https://support.forcepoint.com/s/article/Apache-log4j-Zero-Day-RCE-Vulnerability-CVE-2021-44228 (Requires login)
https://go.pingidentity.com/NjcxLU1HSi01NzAAAAGBRXWzCVWWpzXrx-3gfvE3jJAwb-FXhsMsa24Z6Tgm0gQY81mtK3WNJ2YxREI3ZKqCSEDPNM= (Requires login)
If you have any customers requesting immediate support, please contact the e92plus Technical Team on 020 8274 7000. We will also be updating this blog as the situation progresses.