A critical vulnerability (CVE-2021-44228) was identified on the popular log4j logger library used by a lot of popular Java applications. The remote code execution (RCE) vulnerability allows attackers to gain access to the server by getting the application to log a special string.
Apache Log4j versions 2.0-beta9 to 2.14.1 are affected by this critical vulnerability.
To find if Log4J is installed on your server, run
find / -type f -name log4j*
This will list all available log4j files on your server.
Example
root@server:~# find / -type f -name log4j* /opt/SoapUI-5.4.0/licenses/log4j-LICENSE.txt /opt/SoapUI-5.4.0/lib/log4j-1.2.14.jar root@server:~#
In the above result, the server has an application SoapUI-5.4.0, that use Log4J. But the version is older than 2.0, so not affected by this vulnerability.
If your server has any application, that uses Log4J and it uses a vulnerable version, you need to upgrade it to the latest version.
how to check apache log4j version
Usually, the jar file has names like
log4j-1.2.14.jar
File name format is log4j-VERSION.jar, in this case, version of log4j is 1.2.14
Leave a Reply