Zero Day Vulnerability in the Apache log4j
As of early December 2021, a critical zero day vulnerability in the Apache log4j utility was published. The exploit known as log4shell, allows arbitrary code execution on affected systems, many of which include servers that are part of the internet’s larger infrastructure and core services.
For our customers concerned about the log4j vulnerability, we understand that the security of your ecosystem is crucial to your success, and that the mission critical roles of those devices mean that any threat is a business critical one. However, with many organizations already in the planning, remediation and/or monitoring phases, we believe that with the proper strategy, along with the right resources, remediation is quickly attainable.
The log4shell exploit leverages a vulnerability in the Java Naming and Directory Interface (JNDI) to perform remote lookups. If an application relies on web servers that are vulnerable to log4shell, it’s largely immaterial which operating system that application is running on, as the exploitation would occur on the server side (not client).
While it would require significant effort to create an application that uses log4j, you should still practice due diligence and check in with your internal development team and software vendors about their response to log4shell. If you are experiencing difficulties in contacting your software vendor’s representative, SQALogic can assist our customers in retrieving any information associated with their quality assurance, performance, and general testing software tools.
Here are some of our partners’ remediation recommendations, along with some well-known software industry vendors:
As part of our own investigation, SQALogic quickly identified and assisted organizations on patching a small number of vulnerable tools within their infrastructures.
We will continue to monitor the log4shell situation as it develops.