Log4j Vulnerability

Log4j vulnerability is a zero-day exploit that affects a large number of websites by utilizing the Apache log4j utility (CSV-2021-44228).

This vulnerability is actively been exploited in the wild and you must upgrade to latest version of apache 2.15.0 as soon as possible.

If upgrade is not possible, then you need to do the following to your log4j versions >=12.10 by setting the system property log4j.formatMsgNoLookups of the LOG4J_FORMAT_MSG_NO_LOOKUPS environmental variable to true.

 

Need help mitigate issue, let us know.

Categories:

No responses yet

Leave a Reply

Your email address will not be published. Required fields are marked *