What is the Apache Log4j Vulnerability?
The Log4j vulnerability allows threat actors to execute code remotely on a targeted computer.
What is Log4j?
Log4j is a Java library for logging error messages in applications.
What is Log4j used for?
Log4j is used in both consumer and enterprise services to log security and performance information. It is used in websites, applications, and operational technology products.
What versions of Apache’s Log4j are affected by the vulnerability?
Apache’s Log4j software library, versions 2.0-beta9 to 2.14.1, known as “Log4Shell” and “Logjam.”
How to protect against the Log4j vulnerability:
- Prioritize patching.
- Enumerate internet-facing endpoints that use Log4j*.
- Ensure your security operations center (SOC) is actioning alerts on these devices*.
- Install a web application firewall (WAF) with rules that automatically update so that your SOC is able to concentrate on fewer alerts*.
- Apply software updates as soon as they are available.
- If you suspect you have been affected by the Log4j vulnerability a compromise assessment will determine if threat actors have infected your enviroment.
- *Recommendations from CISA (https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance)