Log4j RCE- CVE-2021-44228
Oracle issued a security alert advisory that addresses CVE-2021-44228, a recently discovered remote code execution vulnerability found in Apache Log4j. Malicious adversaries can exploit the vulnerability remotely without requiring authentication.
The Apache Log4j permits developers to log different data types within an application. The logged data is generated from user inputs. If the information consists of special characters and is logged within Apache Log4j, attackers can use the Java lookup method to execute a user-defined Java class remotely. Executing the Java class in the LDAP server results in remote code execution on the victim server.
The high-severity vulnerability impacts different Apache Log4j versions. Specifically, the vulnerability affects Apache Log4j 2 versions 2.0 to 2.14.1, and there are additional reports that it may also affect some 1.x series when using the JMS Appender class.
Since enterprise Java software depends on Log4j 2 library highly, it is hard to quantify the possible impacts once attackers exploit the vulnerability. As a result, there is a possibility that more vulnerable products will be discovered in the coming days. For example, ransomware attackers may leverage the vulnerability due to its applicability and ease of exploitation.
As a mitigation measure, it is recommended to update to a patched Apache Log4j version as soon as possible. However, all companies should assess and review security logs to detect unusual activities and impacted applications.
How Cynergy can help
The Cynergy solution discovers all assets deployed in your organization continuously. These include leaked employee data, publicly exposed interfaces, websites, and subdomains. More importantly, Cynergy helps you verify that all code developments and deployments are free of any vulnerabilities.
Through active exploitation, Cynergy can reveal vulnerabilities, that require immediate addressing. Cynergy builds a prioritized action plan based on the detected vulnerabilities that you can implement directly on the Cynergy platform.
Request a Live Demo
Want to enhance your cybersecurity operations?
Are you looking for your first cybersecurity expert?
Want to gain visibility for your exposed assets?
You can request a live demo by scheduling date and time on our available hours: