A vulnerability in a widely used Apache library has caused developers to launch into a furor over the past week, but what impact does it have on your organization?
In a recent media appearance, Jen Easterly (Director of America’s Cybersecurity and Infrastructure Security Agency) noted that the vulnerability was “one of the most serious that I have seen in my entire career” and that federal officials fully expect sophisticated mal actors to exploit it widely. It is assumed that the bug will have a broad impact, affecting hundreds of millions of devices across the globe.
For PreEmptive users, there is little to be concerned about; our tools are verified as being protected against this vulnerability. However, you might be impacted elsewhere in your development organization. Here is what you need to know about Log4J: The affected program, Apache’s log4j, is a free and open-source logging library that a wide array of companies use. Logging libraries are implemented by engineers to record how programs run; they allow for code auditing and are a routine mechanism to investigate bugs and other functionality issues. Since log4j is free and widely trusted, companies large and small have been employing it for many tasks. So, the risk is pernicious and widespread.
The vulnerability, when exploited, can result in shell access to a server’s system. This provides considerable risk, and it is essential for teams to consider the severity of this vulnerability. Formally designated as CVE-2021-4428, the vulnerability carries a severity rating of 10/10, making it a highly risky bug. This issue is a zero-day remote code execution vulnerability which means that it allows attackers to download and run scripts on targeted servers, leaving them open to remote control. It is also relatively simple to exploit; hackers do not have to use complex tools to cause significant issues.
Apache Log4j is a ubiquitous tool, most of the largest platforms across the internet are tied up with this vulnerability, and there are an array of lists that show just how widespread this impact might be. However, at this point, it is difficult to gain a comprehensive understanding of the direct impact, but it includes popular websites: Apple, Twitter, Amazon, Linkedin, CloudFlare, and more. These organizations are rapidly working on releasing patches to protect their users against vulnerabilities. Still, the vulnerability discovery was simultaneous for security teams and hackers, so exploitation attempts are already underway and increasing exponentially. Since December 11th, there have already been over 800,000 attacks leveraging this exploit, and it is only likely to get worse. Since the vulnerable systems are critical assets such as servers, the threat level will likely continue to be severe for the short term, and it is essential that organizations take every step possible to mitigate risk.
Ready to add another layer of security to your applications? Try PreEmptive: Free Trial