Since early December 2021, the Log4j security vulnerability has been a topic of discussion worldwide. The expert team at Dr. Wallner Engineering GmbH has also received many inquiries from you on this subject and would like to summarize it for you once again.
What exactly is Log4j?
Log4j is the Java library that is used as open-source software. This software is used as a standard in many Java-based programs to document, for example, user login credentials or error messages.
What makes Log4j so dangerous?
Log4j itself is not a threat. However, it does contain a vulnerability that evaluates and attempts to interpret entries that have already been documented. This vulnerability can be exploited to remotely execute program code on the target system or to access sensitive data.
Which versions are affected?
Almost all Log4J versions from 2.x are affected. Older versions 1.x are not affected by this vulnerability. Version 2.17 is currently considered fixed. It is recommended to upgrade to this or a higher version.
What measures should be implemented?
In the meantime, a tool that automatically carries out recommended measures has proven its worth. This tool is called Logpresso and is available at following link available. The way it works is simple:
- A previously defined path is scanned for log4j files
- The log4j files found are scanned for the vulnerability
- Any vulnerabilities found are rectified immediately
- Log files are written in which the cleaned files are listed including the storage path
You can find more detailed information on how the tool works at Github.
Sources: LunaSec, Github & eGovernment