How to find if Log4J is installed in my server
A critical vulnerability (CVE-2021-44228) was identified on the popular log4j logger library used by a lot of popular Java applications. The remote code execution (RCE) vulnerability allows attackers to gain access to the server by getting the application to log a special string.
Apache Log4j versions 2.0-beta9 to 2.14.1 are affected by this critical vulnerability.
To find if Log4J is installed on your server, run
|
1 |
find / -type f -name log4j* |
This will list all available log4j files on your server.
Example
|
1 2 3 4 |
root@server:~# find / -type f -name log4j* /opt/SoapUI-5.4.0/licenses/log4j-LICENSE.txt /opt/SoapUI-5.4.0/lib/log4j-1.2.14.jar root@server:~# |
In the above result, the server has an application SoapUI-5.4.0, that use Log4J. But the version is older than 2.0, so not affected by this vulnerability.
If your server has any application, that uses Log4J and it uses a vulnerable version, you need to upgrade it to the latest version.
how to check apache log4j version
Usually, the jar file has names like
|
1 |
log4j-1.2.14.jar |
File name format is log4j-VERSION.jar, in this case, version of log4j is 1.2.14