Apache Log4j, should you be concerned?
Published on December 17, 2021 by Alexander Goodwin
A vulnerability in a widely used Apache library has caused developers to launch into a furor over the past week, but what impact does it have on your organization?
In a recent media appearance Jen Easterly (Director of America’s Cybersecurity and Infrastructure Security Agency ” noted that the vulnerability was “One of the most serious that i have seen in my entire career” and that federal officials fully expect the vulnerability to be widely exploited by sophisticated mal actors. It is assumed that the bug will have a broad impact affecting hundreds of millions of devices across the globe.
For PreEmptive users there is little to be concerned about, our tools are verified as being protected against this vulnerability. However, you might be impacted elsewhere in your development organization. Here is what you need to know about Log4J: The affected program, Apache’s log4j, is a free and open-source logging library that a wide array of companies use. Logging libraries are implemented by engineers to record how programs run; they allow for code auditing and are a routine mechanism to investigate bugs and other functionality issues. Since log4j is free and widely trusted, companies large and small have been employing it for a multitude of tasks. So the risk is pernicious and widespread.
The vulnerability when exploited can result in shell access to a server’s system. This provides considerable risk and it is essential for teams to consider the severity of this vulnerability. Formally designated as CVE-2021-4428 the vulnerability carries a severity rating of 10/10 making it a highly risky bug. This issue is a zero-day remote code execution vulnerability which means that it allows attackers to download and run scripts on targeted servers, leaving them open to remote control. It is also relatively simple to exploit, hackers do not have to use complex tools to cause significant issues.
Are you impacted?
Apache Log4j is a ubiquitous tool, most of the largest platforms across the internet are tied up with this vulnerability, and there are an array of lists that show just how widespread this impact might be. However, at this point it is difficult to gain a comprehensive understanding of the direct impact, but it includes popular websites: Apple, Twitter, Amazon, Linkedin, CloudFlare and more. These organizations are rapidly working on releasing patches to protect their users against vulnerabilities but the discovery of the vulnerability was simultaneous for security teams and hackers, so exploitation attempts are already under way and increasing exponentially. Since December 11th there have already been over 800,000 attacks leveraging this exploit and it is only likely to get worse. Since the vulnerabile systems are critical assets such as servers, it is likely that the threat level will continue to be severe for the short term and it is essential that organizations take every step possible to mitigate risk.
Ready to add another layer of security to your applications try PreEmptive: Free Trial