Seit Anfang Dezember 2021 ist die Sicherheitslücke Log4j weltweit Gesprächsthema. Das Expertenteam der Dr. Wallner Engineering GmbH haben ebenfalls viele Anfragen von Ihnen zu diesem Thema erhalten und möchten noch einmal für Sie zusammenfassen.
What exactly is Log4j?
Log4j wird die Java Bibliothek genannt, die als Open Source Software genutzt wird. Diese Software wird in vielen Java basierten Programmen als Standard verwendet, um beispielsweise die Anmeldedaten von Benutzenden oder Fehlermeldungen zu dokumentieren.
What makes Log4j so dangerous?
Log4j itself is not a threat. However, it does contain a vulnerability that evaluates and attempts to interpret entries that have already been documented. This vulnerability can be exploited to remotely execute program code on the target system or to access sensitive data.
Which versions are affected?
Almost all Log4J versions from 2.x are affected. Older versions 1.x are not affected by this vulnerability. Version 2.17 is currently considered fixed. It is recommended to upgrade to this or a higher version.
What measures should be implemented?
In the meantime, a tool that automatically carries out recommended measures has proven its worth. This tool is called Logpresso and is available at following link available. The way it works is simple:
- A previously defined path is scanned for log4j files
- The log4j files found are scanned for the vulnerability
- Any vulnerabilities found are rectified immediately
- Log files are written in which the cleaned files are listed including the storage path
You can find more detailed information on how the tool works at Github.
Sources:LunaSec, Github & eGovernment