Log in
Register
Cyber Forum
More options
Toggle width
Share this page
Share this page
Share
Share
Cyber Forum
Log in
Register
More options
Toggle width
Share this page
Share this page
Share
Share
Menu
Install the app
Install
Home
CyberWeekly Podcast
Breaking News! Podcast
Cyber Risk Rating
Forums
New posts
Forum list
Trending
Leaderboards
News Feeds
Resources
Latest reviews
Sophos X-Ops Intelix
Threat Reports
Members
Current visitors
My.CompTIA
Help Documents
Preference Center
Forums
Security
Active Exploits Discussion/Recommendations
Log4j Vulnerability Information
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="Jonathan Braley" data-source="post: 2510" data-attributes="member: 77"><p>Update from IT-ISAC Operations Team</p><p></p><p>Apache released Log4j version 2.16.0 in a security update to address the CVE-2021-45046 vulnerability. A remote attacker can exploit this second Log4j vulnerability to cause a denial-of-service (DOS) condition in certain non-default configurations.</p><p></p><p><strong>Note</strong>: affected organizations that have already upgraded to Log4j 2.15.0 will need to upgrade to Log4j 2.16.0 to be protected against both CVE-2021-44228 and CVE-2021-45046.</p><p></p><p>Per reporting today, patch 2.16.0 appears to mitigate both vulnerabilities sufficiently. It is possible more bypasses and vulnerabilities could emerge as security researchers and cybercriminal continue to investigate. We will update as necessary.</p><p></p><p>Patching 1000's of devices one by one may not be feasible, especially after companies spent countless hours already upgrading to 2.15. So using tools to disable JDNI to LDAP so that they cannot be exploited remotely could be a beneficial effort. A combination of both may be a viable safeguard.</p><p></p><p>--</p><p></p><p><strong>Log4j Overview Scanning Software - TLP: WHITE</strong></p><p></p><p><a href="https://github.com/NCSC-NL/log4shell/blob/main/scanning/README.md" target="_blank">https://github.com/NCSC-NL/log4shell/blob/main/scanning/README.md</a></p><p></p><p>DISCLAIMER: We do not endorse any products or services. Please use these tools at your own risk. These have been provided by the UK’s NCSC.</p><p></p><p>--</p><p></p><p><strong>Known Vulnerable Products and Versions - TLP: WHITE</strong></p><ul> <li data-xf-list-type="ul"><strong><strong>NCSC Vulnerable product list - best in my opinion:</strong></strong><ul> <li data-xf-list-type="ul"><a href="https://github.com/NCSC-NL/log4shell/blob/main/software/README.md" target="_blank">https://github.com/NCSC-NL/log4shell/blob/main/software/README.md</a> </li> </ul></li> <li data-xf-list-type="ul">Vulnerable Products: <ul> <li data-xf-list-type="ul"><a href="https://github.com/YfryTchsGD/Log4jAttackSurface" target="_blank">https://github.com/YfryTchsGD/Log4jAttackSurface</a> </li> </ul></li> <li data-xf-list-type="ul">CISA list of vulnerable products: <ul> <li data-xf-list-type="ul"><a href="https://github.com/cisagov/log4j-affected-db" target="_blank">https://github.com/cisagov/log4j-affected-db</a></li> </ul></li> </ul></blockquote><p></p>
[QUOTE="Jonathan Braley, post: 2510, member: 77"] Update from IT-ISAC Operations Team Apache released Log4j version 2.16.0 in a security update to address the CVE-2021-45046 vulnerability. A remote attacker can exploit this second Log4j vulnerability to cause a denial-of-service (DOS) condition in certain non-default configurations. [B]Note[/B]: affected organizations that have already upgraded to Log4j 2.15.0 will need to upgrade to Log4j 2.16.0 to be protected against both CVE-2021-44228 and CVE-2021-45046. Per reporting today, patch 2.16.0 appears to mitigate both vulnerabilities sufficiently. It is possible more bypasses and vulnerabilities could emerge as security researchers and cybercriminal continue to investigate. We will update as necessary. Patching 1000's of devices one by one may not be feasible, especially after companies spent countless hours already upgrading to 2.15. So using tools to disable JDNI to LDAP so that they cannot be exploited remotely could be a beneficial effort. A combination of both may be a viable safeguard. -- [B]Log4j Overview Scanning Software - TLP: WHITE[/B] [URL]https://github.com/NCSC-NL/log4shell/blob/main/scanning/README.md[/URL] DISCLAIMER: We do not endorse any products or services. Please use these tools at your own risk. These have been provided by the UK’s NCSC. -- [B]Known Vulnerable Products and Versions - TLP: WHITE[/B] [LIST] [*][B][B]NCSC Vulnerable product list - best in my opinion:[/B][/B] [LIST] [*][URL]https://github.com/NCSC-NL/log4shell/blob/main/software/README.md[/URL] [/LIST] [*]Vulnerable Products: [LIST] [*][URL]https://github.com/YfryTchsGD/Log4jAttackSurface[/URL] [/LIST] [*]CISA list of vulnerable products: [LIST] [*][URL]https://github.com/cisagov/log4j-affected-db[/URL] [/LIST] [/LIST] [/QUOTE]
Name
Verification
Post reply
Forums
Security
Active Exploits Discussion/Recommendations
Log4j Vulnerability Information
Top
Bottom
Home
Forums
Threat Reports
My.CompTIA
Menu