Cách sửa lỗi bảo mật Log4j nếu bạn không thể Update lên 2.15.0

Các nhà nghiên cứu đã phát hiện ra một lỗ hổng nghiêm trọng trong thư viện Apache Log4j, có điểm 10/10 trong CVSS. Dưới đây là bài phân tích và hướng dẫn bạn bảo vệ máy chủ.

Nhiều hãng tin tức bảo mật đã đưa tin về việc phát hiện ra lỗ hổng nghiêm trọng CVE-2021-44228 trong thư viện Apache Log4j (mức độ nghiêm trọng CVSS 10/10). Hàng triệu ứng dụng Java sử dụng thư viện này để ghi lại các thông báo lỗi. Để làm cho vấn đề tồi tệ hơn, những kẻ tấn công đã tích cực khai thác lỗ hổng này. Vì lý do này, Apache Foundation khuyến nghị tất cả các nhà phát triển cập nhật thư viện lên phiên bản 2.15.0 và nếu không được, hãy sử dụng một trong các phương pháp tại đây.

Tại sao CVE-2021-44228 lại nguy hiểm đến vậy

CVE-2021-44228, còn được đặt tên là Log4Shell hoặc LogJam, là một lỗ hổng trong lớp Remote Code Execution (RCE). Nếu những kẻ tấn công khai thác nó trên các máy chủ, chúng sẽ có thể thực thi code tùy ý và có khả năng kiểm soát toàn bộ hệ thống.

Điều khiến CVE-2021-44228 trở nên đặc biệt nguy hiểm là tính dễ bị khai thác: ngay cả một hacker thiếu kinh nghiệm cũng có thể thực hiện thành công một cuộc tấn công bằng cách sử dụng lỗ hổng này. Theo các nhà nghiên cứu, những kẻ tấn công chỉ cần buộc ứng dụng chỉ ghi một chuỗi vào nhật ký và sau đó chúng có thể tải code của chính mình lên ứng dụng nhờ chức năng thay thế tra cứu tin nhắn.

Cách bài viết hướng dẫn tấn công Proofs of Concept (PoC) thông qua CVE-2021-44228 đều đã có sẵn trên Internet. Do đó, không có gì ngạc nhiên khi các công ty an ninh mạng đã thực hiện các đợt quét mạng khổng lồ để tìm các ứng dụng dễ bị tấn công cũng như các cuộc tấn công vào honeypots.

Lỗ hổng này được phát hiện bởi Chen Zhaojun thuộc Đội bảo mật đám mây của Alibaba.

Apache Log4J là gì và tại sao thư viện này lại phổ biến như vậy?

Apache Log4j là một phần của Dự án Apache Logging. Nhìn chung, việc sử dụng thư viện này là một trong những cách dễ nhất để ghi lại lỗi và đó là lý do tại sao hầu hết các nhà phát triển Java sử dụng nó.

Nhiều công ty phần mềm lớn và dịch vụ trực tuyến sử dụng thư viện Log4j, bao gồm Amazon, Apple iCloud, Cisco, Cloudflare, ElasticSearch, Red Hat, Steam, Tesla, Twitter,… Do thư viện này quá phổ biến, nên một số nhà nghiên cứu bảo mật thông tin dự kiến ​​sẽ các cuộc tấn công vào các máy chủ dễ bị tấn công sẽ gia tăng đáng kể  trong những ngày tới.

#Log4Shell pic.twitter.com/1bKDwRQBqt

— Florian Roth (@cyb3rops) December 10, 2021

Phiên bản nào của thư viện Log4j dễ bị tấn công và cách để bạn bảo vệ Server?

Hầu như tất cả các phiên bản của Log4j đều dễ bị tấn công, bắt đầu từ 2.0-beta9 đến 2.14.1. Phương pháp bảo vệ đơn giản và hiệu quả nhất là cài đặt phiên bản mới nhất của thư viện, 2.15.0. Bạn có thể tải xuống trên trang dự án.

Nếu vì lý do nào đó mà việc cập nhật thư viện không thể thực hiện được, Apache Foundation khuyên bạn nên sử dụng một trong các phương pháp giảm thiểu sau. Trong trường hợp các phiên bản Log4J từ 2.10 đến 2.14.1, họ khuyên bạn nên đặt thuộc tính hệ thống log4j2.formatMsgNoLookups hoặc đặt biến môi trường LOG4J_FORMAT_MSG_NO_LOOKUPS thành true.

Để bảo vệ các bản phát hành trước đó của Log4j (từ 2.0-beta9 đến 2.10.0), các nhà phát triển thư viện khuyên bạn nên xóa class JndiLookup khỏi classpath: zip -q -d log4j-core – *. Jar org / apache / logging / log4j / core / lookup / JndiLookup .class.

Ngoài ra, bạn cũng nên xem những phương pháp bảo mật này để bảo vệ bản thân tốt hơn.

Danh sách các hãng bị ảnh hưởng bởi lỗ hổng Log4j

A

Akamai : https://www.akamai.com/blog/news/CVE-2021-44228-Zero-Day-Vulnerability

Apache Druid : https://github.com/apache/druid/pull/12051

Apache Flink : https://flink.apache.org/2021/12/10/log4j-cve.html

Apache Guacamole https://issues.apache.org/jira/projects/GUACAMOLE/issues/GUACAMOLE-1474?filter=allissues

Apache LOG4J : https://logging.apache.org/log4j/2.x/security.html

Apache Kafka : https://lists.apache.org/thread/lgbtvvmy68p0059yoyn9qxzosdmx4jdv

Apache Solr : https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228

Apache Struts : https://struts.apache.org/announce-2021#a20211212-2

Apero CAS : https://apereo.github.io/2021/12/11/log4j-vuln/

Apigee : https://status.apigee.com/incidents/3cgzb0q2r10p

Appdynamics : https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability

APPSHEET : https://community.appsheet.com/t/appsheet-statement-on-log4j-vulnerability-cve-2021-44228/59976

Aptible : https://status.aptible.com/incidents/gk1rh440h36s?u=zfbcrbt2lkv4

Ariba : https://connectsupport.ariba.com/sites#announcements-display&/Event/908469

Arista : https://www.arista.com/en/support/advisories-notices/security-advisories/13425-security-advisory-0070

ArrayNetworks : https://twitter.com/ArraySupport/status/1470141638571745282

Atlassian : https://confluence.atlassian.com/kb/faq-for-cve-2021-44228-1103069406.html

Automox : https://blog.automox.com/log4j-critical-vulnerability-scores-a-10

Avantra SYSLINK : https://support.avantra.com/support/solutions/articles/44002291388-cve-2021-44228-log4j-2-vulnerability

Avaya : https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609

AVM UNOFICIAl : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3993316

AWS New : https://aws.amazon.com/security/security-bulletins/AWS-2021-006/

AWS OLD: https://aws.amazon.com/security/security-bulletins/AWS-2021-005/

AZURE Datalake store java : https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310

B

BACKBLAZE : https://twitter.com/backblaze/status/1469477224277368838

BeyondTrust Bomgar : https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542

BigBlueButton : https://github.com/bigbluebutton/bigbluebutton/issues/13897#issuecomment-991652632

BitDefender : https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability

BitNami By VMware : https://docs.bitnami.com/general/security/security-2021-12-10/

BMC Software : https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability

Boomi DELL : https://community.boomi.com/s/question/0D56S00009UQkx4SAD/is-boomi-installation-moleculegateway-protected-from-cve202144228-log4j

Broadcom : https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793

Broadcom Automic Automation : https://knowledge.broadcom.com/external/article?articleId=230308

C

Camunda : https://forum.camunda.org/t/cve-2021-44228-log4j-2-exploit/31871/4

CarbonBlack : https://community.carbonblack.com/t5/Threat-Research-Docs/Log4Shell-Log4j-Remote-Code-Execution-CVE-2021-44228/ta-p/109134

Cerberus FTP : https://support.cerberusftp.com/hc/en-us/articles/4412448183571-Cerberus-is-not-affected-by-CVE-2021-44228-log4j-0-day-vulnerability

ChaserSystems : https://chasersystems.com/discrimiNAT/blog/log4shell-and-its-traces-in-a-network-egress-filter/#are-chasers-products-affected

CheckPoint : https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk176865&partition=General&product=IPS

Cisco: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd

Citrix : https://support.citrix.com/article/CTX335705

CloudFlare : https://blog.cloudflare.com/cve-2021-44228-log4j-rce-0-day-mitigation/

Cloudian HyperStore : https://cloudian-support.force.com/s/article/SECURITY-Cloudian-HyperStore-Log4j-vulnerability-CVE-2021-44228

CPanel : https://forums.cpanel.net/threads/log4j-cve-2021-44228-does-it-affect-cpanel.696249/

Code42 : https://support.code42.com/Terms_and_conditions/Code42_customer_support_resources/Code42_response_to_industry_security_incidents

CommVault https://community.commvault.com/technical-q-a-2/log4j-been-used-in-commvault-1985?postid=11745#post11745

ConcreteCMS.com : https://www.concretecms.com/about/blog/security/concrete-log4j-zero-day-exploit

Connect2id : https://connect2id.com/blog/connect2id-server-12-5-1

ConnectWise : https://www.connectwise.com/company/trust/advisories

ContrastSecurity : https://support.contrastsecurity.com/hc/en-us/articles/4412612486548

ControlUp : https://status.controlup.com/incidents/qqyvh7b1dz8k

Coralogix : https://twitter.com/Coralogix/status/1469713430659559425

CouchBase : https://forums.couchbase.com/t/ann-elasticsearch-connector-4-3-3-4-2-13-fixes-log4j-vulnerability/32402

CryptShare : https://www.cryptshare.com/en/support/cryptshare-support/#c67572

CyberArk : https://cyberark-customers.force.com/s/article/Critical-Vulnerability-CVE-2021-44228

Cybereason : https://www.cybereason.com/blog/cybereason-solutions-are-not-impacted-by-apache-log4j-vulnerability-cve-2021-44228

D

Dataminer : https://community.dataminer.services/responding-to-log4shell-vulnerability/

Datto : https://www.datto.com/blog/dattos-response-to-log4shell

Debian : https://security-tracker.debian.org/tracker/CVE-2021-44228

Dell : https://www.dell.com/support/kbdoc/fr-fr/000194372/dsn-2021-007-dell-response-to-apache-log4j-remote-code-execution-vulnerability

DELL : https://www.dell.com/support/kbdoc/en-uk/000194416/additional-information-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228

Docker : https://www.docker.com/blog/apache-log4j-2-cve-2021-44228/

Docusign : https://www.docusign.com/trust/alerts/alert-docusign-statement-on-the-log4j2-vulnerability

dCache.org : https://www.dcache.org/post/log4j-vulnerability/

DCM4CHE.org : https://github.com/dcm4che/dcm4che/issues/1050

DRAW.IO : https://twitter.com/drawio/status/1470061320066277382

DropWizard : https://twitter.com/dropwizardio/status/1469285337524580359

DynaTrace : https://community.dynatrace.com/t5/Dynatrace-Open-Q-A/Impact-of-log4j-zero-day-vulnerability/m-p/177259/highlight/true#M19282

E

Eclipse Foundation : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3992521

EHRBase : https://github.com/ehrbase/ehrbase/issues/700

Elastic : https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476

ESET : https://forum.eset.com/topic/30691-log4j-vulnerability/?do=findComment&comment=143745

ESRI : https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/

EVLLABS JGAAP : https://github.com/evllabs/JGAAP/releases/tag/v8.0.2

Extreme Networks : https://extremeportal.force.com/ExtrArticleDetail?an=000100806

F

F5 Networks : https://support.f5.com/csp/article/K19026212

F-Secure https://status.f-secure.com/incidents/sk8vmr0h34pd

Fastly : https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

ForcePoint : https://support.forcepoint.com/s/article/CVE-2021-44228-Java-log4j-vulnerability-mitigation-with-Forcepoint-Security-Manager

Forescout : https://forescout.force.com/support/s/article/Important-security-information-related-to-Apache-Log4j-utility-CVE-2021-44228

ForgeRock : https://backstage.forgerock.com/knowledge/kb/book/b21824339

Fortinet : https://www.fortiguard.com/psirt/FG-IR-21-245

FTAPI : https://docs.ftapi.com/display/RN/4.12.2

FusionAuth : https://fusionauth.io/blog/2021/12/10/log4j-fusionauth/

G

Gearset : https://docs.gearset.com/en/articles/5806813-gearset-log4j-statement-dec-2021

Genesys : https://www.genesys.com/blog/post/genesys-update-on-the-apache-log4j-vulnerability

Ghidra : https://github.com/NationalSecurityAgency/ghidra/blob/2c73c72f0ba2720c6627be4005a721a5ebd64b46/README.md#warning

GitHub : https://github.com/advisories/GHSA-jfh8-c2jp-5v3q

GoAnywhere : https://www.goanywhere.com/cve-2021-44228-goanywhere-mitigation-steps

Google Cloud Global Products coverage : https://cloud.google.com/log4j2-security-advisory

Google Cloud Armor WAF : https://cloud.google.com/blog/products/identity-security/cloud-armor-waf-rule-to-help-address-apache-log4j-vulnerability

GrayLog : https://www.graylog.org/post/graylog-update-for-log4j

GratWiFi WARNING I can’t confirm it: https://www.facebook.com/GratWiFi/posts/396447615600785

GuardedBox : https://twitter.com/GuardedBox/status/1469739834117799939

Guidewire : https://community.guidewire.com/s/article/Update-to-customers-who-have-questions-about-the-use-of-log4j-in-Guidewire-products

H

HackerOne : https://twitter.com/jobertabma/status/1469490881854013444

HCL Software : https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486

Hewlett Packard Enterprise HPE : https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us

Hitachi Vantara : https://knowledge.hitachivantara.com/Support_Information/Hitachi_Vantara_Security_Advisories/CVE-2021-44228_-_Apache_Log4j2

HostiFi : https://twitter.com/hostifi_net/status/1469511114824339464

Huawei : https://www.huawei.com/en/psirt/security-notices/huawei-sn-20211210-01-log4j2-en

I

I2P : https://geti2p.net/en/blog/post/2021/12/11/i2p-unaffected-cve-2021-44228

IBM : https://www.ibm.com/support/pages/node/6525548

Ignite Realtime : https://discourse.igniterealtime.org/t/openfire-4-6-5-released/91108

IManage : https://help.imanage.com/hc/en-us/articles/4412696236699-ADVISORY-Security-vulnerability-CVE-2021-44228-in-third-party-component-Apache-Log4j2#h_3164fa6c-4717-4aa1-b2dc-d14d4112595e

Imperva : https://www.imperva.com/blog/how-were-protecting-customers-staying-ahead-of-cve-2021-44228/

Inductive Automation : https://support.inductiveautomation.com/hc/en-us/articles/4416204541709-Regarding-CVE-2021-44228-Log4j-RCE-0-day

Informatica : https://network.informatica.com/community/informatica-network/blog/2021/12/10/log4j-vulnerability-update

Ironnet : https://www.ironnet.com/blog/ironnet-security-notifications-related-to-log4j-vulnerability

Ivanti : https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US

J

JAMF NATION : https://community.jamf.com/t5/jamf-pro/third-party-security-issue/td-p/253740

JazzSM DASH IBM : https://www.ibm.com/support/pages/node/6525552

Jenkins : https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/

JetBrains Teamcity : https://youtrack.jetbrains.com/issue/TW-74298

JFROG : https://jfrog.com/knowledge-base/general-jfrog-services-are-not-affected-by-vulnerability-cve-2021-44228/

Jitsi : https://github.com/jitsi/security-advisories/blob/4e1ab58585a8a0593efccce77d5d0e22c5338605/advisories/JSA-2021-0004.md

K

Kafka Connect CosmosDB : https://github.com/microsoft/kafka-connect-cosmosdb/blob/0f5d0c9dbf2812400bb480d1ff0672dfa6bb56f0/CHANGELOG.md

Kaseya : https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment

Keycloak : https://github.com/keycloak/keycloak/discussions/9078

KEMP : https://support.kemptechnologies.com/hc/en-us/articles/4416430695437-CVE-2021-44228-Log4j2-Exploit

Komoot Photon : https://github.com/komoot/photon/issues/620

L

Leanix : https://www.leanix.net/en/blog/log4j-vulnerability-log4shell

LucentSKY : https://twitter.com/LucentSky/status/1469358706311974914

Lightbend : https://discuss.lightbend.com/t/regarding-the-log4j2-vulnerability-cve-2021-44228/9275

LiquidFiles : https://mailchi.mp/liquidfiles/liquidfiles-log4j?e=%5BUNIQID%5D

LogRhythm CISO email I can’t confirmed : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3992599

M

Macchina io : https://twitter.com/macchina_io/status/1469611606569099269

MailCow : https://github.com/mailcow/mailcow-dockerized/issues/4375

ManageEngine Zoho : https://pitstop.manageengine.com/portal/en/community/topic/log4j-ad-manager-plus

ManageEngine Zoho : https://pitstop.manageengine.com/portal/en/community/topic/log4j-security-issue

Mattermost FocalBoard : https://forum.mattermost.org/t/log4j-vulnerability-concern/12676

McAfee : https://kc.mcafee.com/corporate/index?page=content&id=KB95091

Metabase : https://github.com/metabase/metabase/commit/8bfce98beb25e48830ac2bfd57432301c5e3ab37

Microsoft : https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/

Minecraft : https://www.minecraft.net/en-us/article/important-message–security-vulnerability-java-edition

MISP : https://twitter.com/MISPProject/status/1470051242038673412

MoogSoft : https://servicedesk.moogsoft.com/hc/en-us/articles/4412463233811?input_string=log4j+vulnerability+%7C%7C+cve-2021-44228

Mulesoft : https://help.mulesoft.com/s/article/Apache-Log4j2-vulnerability-December-2021

N

N-able : https://www.n-able.com/security-and-privacy/apache-log4j-vulnerability

NELSON : https://github.com/getnelson/nelson/blob/f4d3dd1f1d4f8dfef02487f67aefb9c60ab48bf5/project/custom.scala

NEO4J : https://community.neo4j.com/t/log4j-cve-mitigation-for-neo4j/48856

NetApp : https://security.netapp.com/advisory/ntap-20211210-0007/

Netflix : https://github.com/search?q=org%3ANetflix+CVE-2021-44228&type=commits

NextGen Healthcare Mirth : https://github.com/nextgenhealthcare/connect/discussions/4892#discussioncomment-1789526

Newrelic : https://discuss.newrelic.com/t/log4j-zero-day-vulnerability-and-the-new-relic-java-agent/170322

Nutanix : https://download.nutanix.com/alerts/Security_Advisory_0023.pdf

O

Okta : https://sec.okta.com/articles/2021/12/log4shell

Opengear : https://opengear.zendesk.com/hc/en-us/articles/4412713339419-CVE-2021-44228-aka-Log4Shell-Opengear-products-are-not-affected

OpenHab : https://github.com/openhab/openhab-distro/pull/1343

OpenNMS : https://www.opennms.com/en/blog/2021-12-10-opennms-products-affected-by-apache-log4j-vulnerability-cve-2021-44228/

OpenMRS TALK : https://talk.openmrs.org/t/urgent-security-advisory-2021-12-11-re-apache-log4j-2/35341

OpenSearch : https://discuss.opendistrocommunity.dev/t/log4j-patch-for-cve-2021-44228/7950

Oracle : https://www.oracle.com/security-alerts/alert-cve-2021-44228.html

OxygenXML : https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html

P

Palo-Alto Networks : https://security.paloaltonetworks.com/CVE-2021-44228

PaperCut : https://www.papercut.com/support/known-issues/#PO-684

Parse.ly : https://blog.parse.ly/parse-ly-log4shell/

Pega : https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability

Phenix Id : https://support.phenixid.se/uncategorized/log4j-fix/

PingIdentity : https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228

Plesk : https://support.plesk.com/hc/en-us/articles/4412182812818-CVE-2021-44228-vulnerability-in-log4j-package-of-Apache

Positive Technologies : https://twitter.com/ptsecurity/status/1469398376978522116

Progress / IpSwitch : https://www.progress.com/security

ProofPoint : https://proofpointcommunities.force.com/community/s/article/Proofpoint-Statement-Regarding-CVE-2021-44228-Java-logging-package-log4j2

PTV Group : https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information

Pulse Secure : https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR

Puppet : https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/

Pure Storage : https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_(%22log4j%22)

Q

Qlik : https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368

Quest KACE : https://support.quest.com/kace-systems-management-appliance/kb/335869/is-the-kace-sma-affected-by-cve-2021-44228

R

Radware : https://support.radware.com/app/answers/answer_view/a_id/1029752

Red5Pro : https://www.red5pro.com/blog/red5-marked-safe-from-log4j-and-log4j2-zero-day/

RedHat : https://access.redhat.com/security/cve/cve-2021-44228

Revenera / Flexera : https://community.flexera.com/t5/Revenera-Company-News/Security-Advisory-Log4j-Java-Vulnerability-CVE-2021-44228/ba-p/216905

Riverbed : https://supportkb.riverbed.com/support/index?page=content&id=S35645

Roset.com : https://support.rosette.com/hc/en-us/articles/4416216525965-Log4j-Vulnerability

RunDeck by PagerDuty : https://docs.rundeck.com/docs/history/CVEs/

RSA : https://community.rsa.com/t5/general-security-advisories-and/rsa-customer-advisory-apache-vulnerability-log4j2-cve-2021-44228/ta-p/660501

Rubrik : https://support.rubrik.com/s/announcementdetail?Id=a406f000001PwOcAAK

S

SAFE FME Server : https://community.safe.com/s/article/Is-FME-Server-Affected-by-the-Security-Vulnerability-Reported-Against-log4j

SailPoint : https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-log4j-Remote-Code-Execution-Vulnerability/ba-p/206681

Salesforce : https://help.salesforce.com/s/articleView?id=000363736&type=1

SAP BusinessObjects : https://launchpad.support.sap.com/#/notes/3129956

SAP Global coverage : https://support.sap.com/content/dam/support/en_us/library/ssp/my-support/trust-center/sap-tc-01-5025.pdf

SAS : https://support.sas.com/content/support/en/security-bulletins/remote-code-execution-vulnerability-cve-2021-44228.html

SDL worldServer : https://gateway.sdl.com/apex/communityknowledge?articleName=000017707

Seafile : https://forum.seafile.com/t/urgent-zero-day-exploit-in-log4j/15575

Security Onion : https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html

ServiceNow : https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1000959

Sesam Info : https://twitter.com/sesam_info/status/1469711992122486791

Shibboleth : http://shibboleth.net/pipermail/announce/2021-December/000253.html

Siemens : https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf

Signald : https://gitlab.com/signald/signald/-/issues/259

Skillable : https://skillable.com/log4shell/

SLF4J : http://slf4j.org/log4shell.html

SmileCDR : https://www.smilecdr.com/our-blog/a-statement-on-log4shell-cve-2021-44228

Software AG : https://tech.forums.softwareag.com/t/log4j-zero-day-vulnerability/253849

SolarWinds : https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228

SonarSource : https://community.sonarsource.com/t/sonarqube-and-the-log4j-vulnerability/54721

Sonatype : https://blog.sonatype.com/a-new-0-day-log4j-vulnerability-discovered-in-the-wild

SonicWall : https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032

Sophos : https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce

Splunk : https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html

Spring Boot : https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot

SumoLogic : https://help.sumologic.com/Release-Notes/Collector-Release-Notes#december-11-2021-19-361-12

SUSE : https://www.suse.com/c/suse-statement-on-log4j-log4shell-cve-2021-44228-vulnerability/

Sterling Order IBM : https://www.ibm.com/support/pages/node/6525544

Sweepwidget : https://sweepwidget.com/view/23032-v9f40ns1/4zow83-23032

Swingset : https://github.com/bpangburn/swingset/blob/017452b2d0d8370871f43a68043dacf53af7f759/swingset/CHANGELOG.txt#L10

Synopsys : https://community.synopsys.com/s/article/SIG-Security-Advisory-for-Apache-Log4J2-CVE-2021-44228

SysAid : https://www.sysaid.com/lp/important-update-regarding-apache-log4j

Sysdig : https://sysdig.com/blog/cve-critical-vulnerability-log4j/

T

Talend : https://jira.talendforge.org/browse/TCOMP-2054

TealiumIQ : https://community.tealiumiq.com/t5/Announcements-Blog/Update-on-Log4j-Security-Vulnerability/ba-p/36824

Threema UNOFICIAL : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3993316

TrendMicro : https://success.trendmicro.com/solution/000289940

Tricentis Tosca : https://support-hub.tricentis.com/open?number=NEW0001148&id=post

U

Ubiquiti-UniFi-UI : https://community.ui.com/releases/UniFi-Network-Application-6-5-54/d717f241-48bb-4979-8b10-99db36ddabe1

Ubuntu : https://ubuntu.com/security/CVE-2021-44228

USSIGNAL MSP : https://ussignal.com/blog/apache-log4j-vulnerability

V

VArmour : https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility

Varonis : https://help.varonis.com/s/article/Apache-Log4j-Zero-Day-Vulnerability-CVE-2021-44228

Veritas NetBackup : https://www.veritas.com/content/support/en_US/article.100052058

Veeam : https://www.veeam.com/kb4254

Vespa ENGINE : https://github.com/vespa-engine/blog/blob/f281ce4399ed3e97b4fed32fcc36f9ba4b17b1e2/_posts/2021-12-10-log4j-vulnerability.md

VMware : https://www.vmware.com/security/advisories/VMSA-2021-0028.html

W

Wallarm : https://lab.wallarm.com/cve-2021-44228-mitigation-update/

WatchGuard / Secplicity / https://www.secplicity.org/2021/12/10/critical-rce-vulnerability-in-log4js/

WildFlyAS : https://twitter.com/WildFlyAS/status/1469362190536818688

WitFoo : https://www.witfoo.com/blog/emergency-update-for-cve-2021-44228-log4j/

Wodby Cloud : https://twitter.com/wodbycloud/status/1470125735914450950

Wowza : https://www.wowza.com/docs/known-issues-with-wowza-streaming-engine#log4j2-cve

WSO2 : https://github.com/wso2/security-tools/pull/169

X

XCP-ng : https://xcp-ng.org/forum/topic/5315/log4j-vulnerability-impact

Y

Yandex-Cloud : https://github.com/yandex-cloud/docs/blob/6ff6c676787756e7dd6101c53b051e4cd04b3e85/ru/overview/security-bulletins/index.md#10122021–cve-2021-44228–%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%BD%D0%BE%D0%B5-%D0%B2%D1%8B%D0%BF%D0%BE%D0%BB%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5-%D0%BA%D0%BE%D0%B4%D0%B0-log4shell-apache-log4j

Z

ZAMMAD : https://community.zammad.org/t/cve-2021-44228-elasticsearch-users-be-aware/8256

Zaproxy : https://www.zaproxy.org/blog/2021-12-10-zap-and-log4shell/

Zerto : https://help.zerto.com/kb/000004822

Zesty : https://www.zesty.io/mindshare/company-announcements/log4j-exploit/

Zimbra : https://forums.zimbra.org/viewtopic.php?f=15&t=70240

ZSCALER : https://www.zscaler.fr/blogs/security-research/security-advisory-log4j-0-day-remote-code-execution-vulnerability-cve-2021