How to find if Log4J is installed in my server

A critical vulnerability (CVE-2021-44228) was identified on the popular log4j logger library used by a lot of popular Java applications. The remote code execution (RCE) vulnerability allows attackers to gain access to the server by getting the application to log a special string.

Apache Log4j versions 2.0-beta9 to 2.14.1 are affected by this critical vulnerability.

To find if Log4J is installed on your server, run

This will list all available log4j files on your server.


In the above result, the server has an application SoapUI-5.4.0, that use Log4J. But the version is older than 2.0, so not affected by this vulnerability.

If your server has any application, that uses Log4J and it uses a vulnerable version, you need to upgrade it to the latest version.

how to check apache log4j version

Usually, the jar file has names like

File name format is log4j-VERSION.jar, in this case, version of log4j is 1.2.14

Need help with Linux Server or WordPress? We can help!

Leave a Reply

Your email address will not be published. Required fields are marked *