CDNetworks Deployed New Rule for Customers to Mitigate Apache Log4j2 Vulnerability

Gartner Fourth Consecutive Year
CDNetworks Deployed New Rule for Customers to Mitigate Apache Log4j2 Vulnerability

Contents

Try CDNetworks For Free

Most of our products have a 14 day free trail. No credit card needed.

Share This Post

Apache Log4j’s remote code execution (RCE) vulnerability  (CVE-2021-44228) is being broadly exploited as of December 10, 2021, causing large scale intrusions. The vulnerability is extremely harmful that enables remote code executions on systems running vulnerable Log4j versions and allows the attacker full control of the affected server. It can easily affect the default configurations of several Apache frameworks, including Apache Struts2, Apache Solr, Apache Druid, Apache Flink and more.

Vulnerability Details:

We recommend that all users of Log4j 2.0 through 2.14.1 should update to version 2.15.0 as soon as possible. If you cannot update version as soon as possible, here are the temporary mitigation steps to help you urgently alleviate and keep you secure:

  • Limit outbound access as much as possible
  • Modify jvm parameter: -log4j2.formatMsgNoLookups = true
  • Modify the configuration: formatMsgNoLookups=True
  • System environment variables: set FORMAT_MESSAGES_PATTERN_DISABLE_LOOKUPS to true

CDNetworks security team responded immediately to this high risk vulnerability, and deployed the new WAF rule 9930 for CDNetworks’ systems and products to mitigate the Zero Day CVE on Dec 10th.2021. Any customer who currently is using Application Shield(DDoS防护及Web应用防火墙) or Web Application Firewall will receive updates of new rule 9930 and enable Block Mode on CDNetworks’ portal to detect CVE-2021-44228 exploit attempts and mitigate this Zero Day CVE.

 

More To Explore