Several weeks ago, a remote code execution vulnerability was identified in the Log4j2 Apache library. This vulnerability spans versions 2.0-beta7 to 2.17.0 with the exception of intermediate versions 2.3.2 and 2.12.4. The vulnerability may be addressed by updating the module to version 2.17.1 or newer.
For the CVE related to this vulnerability, please see the following link: https://nvd.nist.gov/vuln/detail/CVE-2021-44832
The United States Cybersecurity & Infrastructure Agency (CISA) released the following statement regarding the vulnerability: https://nvd.nist.gov/vuln/detail/CVE-2021-44832
The Log4j library is an open-source library built into Apache for logging. There are potentially millions of instances of this library throughout internet connected devices, as it is a very popular open-source software. The remote code execution vulnerability can be exploited by using a specific string that is formatted to appear like any other log message to the Log4j module. This can then be inserted into the module and logged thus granting an attacker the ability to execute code remotely. Splunk provided a useful dashboard of information pertaining to this vulnerability: https://www.splunk.com/en_us/cyber-security/log4shell-log4j-response-overview.html
For a much more detailed description of this vulnerability, how it may be exploited, and methods already seen “in the wild,” Palo Alto Networks provided this in depth article: https://unit42.paloaltonetworks.com/apache-log4j-vulnerability-cve-2021-44228/
Splunk also provided a means for attempting to detect this vulnerability, explained in depth in the following article: https://www.splunk.com/en_us/blog/security/log-jammin-log4j-2-rce.html
Lastly, Microsoft provided an article detailing the vulnerability and how it can be detected and remediated across Microsoft products at the following link: https://unit42.paloaltonetworks.com/apache-log4j-vulnerability-cve-2021-44228/
The Log4j vulnerability is likely to have far-reaching impact across industries for the foreseeable future. Stay tuned to the Sandalwood Blog for the latest information.
Why Sandalwood?
We are a one-stop-shop for launching job rotation for any employer from conception to implementation. Our experts tailor our services to meet the needs of our customers by collaborating with them throughout the entire process. We do not offer cookie cutter solutions for job rotation because the needs of employers vary significantly.
Why Sandalwood?
Sandalwood is pleased to offer solutions above and beyond the traditional ergonomic assessments. With an in-depth knowledge of various digital human modelling software suites, integration and adoption to your health and safety programs has never been easier. Sandalwood is experienced in ergonomic program design as well as industry leaders in digital human modelling services. We have a diverse team that is able the leverage the results from the digital human model to provide in depth risk assessments of future designs and current state. Sandalwood is also able to pair these assessments with expertise and provide guidance on the best solution for you. Sandalwood is also on the forefront of emerging technologies and able to integrate Motion capture, Wearables, and extended or virtual reality into your ergonomic program.
