What is Apache Log4j vulnerability (CVE-2021-44228) and how it can impact you?
About the webinar
The recently identified vulnerability in Apache Log 4J 2 has impacted countless servers, putting widely used applications and cloud services at risk. Log4j2 is a ubiquitous library used by millions for Java applications. The vulnerability, when exploited, results in remote code execution on the vulnerable server with system-level privileges. As a result, it is rated at CVSS v3 score of 10.0.
In the PoC it has been highlighted that the vulnerability is extremely easy to exploit by submitting a specially crafted request to the vulnerable system, which in turn will instruct system to download and execute a malicious payload.
- Affected versions of Log4J – Apache Log4j 2.x <= 2.15.0-rc1
- Latest version available for upgrade – Apache Log4j 2.15.0-rc2 (released 06-12-2021)
Takeaways from the webinar:
- What is Apache Log4j vulnerability (CVE-2021-44228) and how it can impact you?
- List of affected systems/ software
- Availability of Patch
- Mitigation Approach and Steps
- How SISA can help secure your systems from CVE-2021-44228 vulnerability?
- Proof of Concept (POC)