CVE-2021-44228 – Log4J V2 Java Logging Library Zero Day Vulnerability

logo_edledge_circular

What is it?

Log4j is an open source Java Logging Library developed by Apache Foundation and is widely used in many applications by organizations. On Thursday 09-Dec-2021 a Zero-Day vulnerability CVE-2021-44228 was discovered in Java Logging Library Log4J version 2, which could result in the unauthenticated Remote Code Execution [REC] by logging a certain string. Since Log4j is widely used in many applications hence the vulnerability is a real threat of getting compromised. Vulnerability CVE-2021-44228 has been categorized as critical.

Affected Version

Almost all versions of Log4J version 2 is affected. Refer to the detail below.

2.0-beta9 <= Apache log4j <= 2.14.1

Impact

As mentioned above, the Java logging library Log4J is widely used in many applications and the ease of exploitation due to the vulnerability makes it highly risky and easy to exploit. Lots of more products are expected to be listed as vulnerable with time after investigation.

Mitigation

To mitigate the vulnerability, Java 8 (or later) users should upgrade to release 2.16.0 and Users requiring Java 7 should upgrade to release 2.12.2 (when it becomes available). Application based mitigation depends on the application hosting source. Almost all major application sources are either investigating their products if they are vulnerable OR they have already released the patch having the fix of the vulnerability. Patching the applications with a fixed version of the patch will mitigate the vulnerability.

We will discuss here the vulnerability updates and their mitigation of Cisco, Unifi, SonicWall and Dell.

1. Cisco Products

A few Cisco products/applications are listed as vulnerable by Cisco e.g. Cisco Finesse, Cisco CUCM, Cisco IM&P etc (as of now when writing this blog) and Cisco is continuously investigating their software/applications for the vulnerability. Few patches with fix to mitigate the vulnerably is already released and can be downloaded from the Cisco Download centre. Refer to the link to find the details of the affected products, products which are not affected and patch to mitigate this vulnerability.

Fix and update of Log4J security vulnerability (CVE-2021-44228) for Cisco Products
2. Unifi Products

A few Unifi application uses the Log4J so it is listed as vulnerable. Unifi has released a patch having the fix of this vulnerability. To mitigate the vulnerability, install the new patch in the Unifi system. Details can be found in the link attached below.

 Fix and update of Log4J security vulnerability (CVE-2021-44228) for Unifi Products
3. SonicWall Products

As per the latest update (as of now when writing this blog) SonicWall Gen5, Gen6 and Gen7 firewalls are not impacted by Log4J vulnerability but if you are using SonicWall Email Security then there is bad news because it is impacted by the vulnerability. A detailed update of SonicWall products can be found in the below link.

  Fix and update of Log4J security vulnerability (CVE-2021-44228) for SonicWall Products 
4. Dell Products

Like the other OEMs, few Dell products are also impacted and Dell has already released a fixed patch for the Log4J vulnerability mitigation. A detailed update of Dell products can be found in the below link.

Fix and update of Log4J security vulnerability (CVE-2021-44228) for DELL Products

Apply the patch provided by the application source to mitigate the vulnerability.

To get more news about such security issues, do not forget to see the articles in the News section of this website.

Note: All details of this article about the vulnerability have been updated till writing this article. There will be new updates and changes with time.

Source: InternetUbiquiti, Dell, Cisco, SonicWall

EA00091

Leave a Reply

Your email address will not be published.