Information About Log4j Vulnerability Log4Shell

A security vulnerability in the Log4j CVE-2021-44228 library (called Log4shell) allows third parties to log in and perform remote commands. Failing to update the version may result in an interception by unauthorized persons.

 

This security gap is found worldwide, so it is recommended to check for possible signs of intrusion and update the system to the latest version.

 

Based on the results of performed additional security checks, DocLogix only uses these libraries with an additional plug-in that is not installed by default in each client’s system.

 

What to do if you suspect that malicious activity in your system?

 

  • Make sure the Log4j library version is up to 2.15.0
  • Versions from 2.10.0 onwards:
    • Change the setting
      • log4j2.formatMsgNoLookups = true
    • or variable
      • LOG4J_FORMAT_MSG_NO_LOOKUPS = true
  • Version 2.7 to 2.14.1:
    • Change message changer in all patterns: % m to % m {nolookups}
  • Version 2.0-beta9 to 2.10.0:
    • Remove JndiLookup class:
      • zip -q -d log4j-core – * .jar org / apache / logging / log4j / core / lookup / JndiLookup.class

 

Log4shell detector guide:

https://github.com/Neo23x0/log4shell-detector

Find more info here:

https://unit42.paloaltonetworks.com/apache-log4j-vulnerability-cve-2021-44228/

https://www.lunasec.io/docs/blog/log4j-zero-day/

https://logging.apache.org/log4j/2.x/security.html

 

 

If you have additional questions regarding the use of Log4j in the DocLogix system, please contact your key account manager or sales@doclogix.lt, info@doclogix.lt.

Comments
We use cookies to make browsing our webpages as convenient as possible. By clicking "I Accept" you agree to the cookie entry. Read more about cookies and how to refuse cookies in DocLogix Privacy Policy.