|
|
|||
| Rule General Information |
|---|
| Release Date: | 2021-12-10 | |
| Rule Name: | Apache Log4j2 Remote Code Execution Vulnerability (CVE-2021-44228) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Apachelog4j2 is a Java based logging tool. It is an upgrade of log4j. In its predecessor log4j1 X provides many optimizations available in logback and fixes some problems in logback architecture. It is one of the best Java logging frameworks at present. The log framework is widely used in business system development to record log information. Developers may write the error information caused by user input to the log. As long as the data entered by external users is logged, remote code execution can be caused. | |
| Impact: | An attacker can execute arbitrary code via a successful exploit in the context of the vulnerable software. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | https://github.com/apache/logging-log4j2/releases/tag/log4j-2.15.0-rc1 |
|
| Solutions |
|---|
| It is recommended that the user set "log4j2. Formatmsgnolookups = true", or set the JVM parameter "- dlog4j2. Formatmsgnolookups = t rue", or set the system environment variable "format_messages_pattern_disable_lookups" to true. |