업무/etc

Java log4j 취약점 발견 및 참고 자료(CVE-2021-44228)

sysops 2021. 12. 11. 15:01
728x90

 

2021년 12월 10일 Java 기반 로깅 라이브러리인 Apache Log4j2에서 이 로깅 기능으로 원격 코드 실행을 트리거하는 취약점이 발견되었습니다.

 

취약점을 가진 버전은  Apache Log4j 2.x <= 2.15.0-rc1 버전이며 다양한 어플리케이션에서 사용중이라 꼭 확인이 필요합니다.

  • Spring-Boot-starter-log4j2
  • Apache Struts
  • Apache Solr
  • Apache Druid
  • Apache Flink
  • ElasticSearch
  • Flume
  • Apache Dubbo
  • Logstash
  • Kafka

대략적인 조치 방법과 참고 자료는 아래 링크 확인하시면 됩니다.

 

참고 : 

https://www.cyberkendra.com/2021/12/worst-log4j-rce-zeroday-dropped-on.html?m=1 

 

Worst Apache Log4j RCE Zero day Dropped on Internet

Apache Log4j2 remote code execution vulnerability

www.cyberkendra.com

https://nvd.nist.gov/vuln/detail/CVE-2021-44228

 

NVD - CVE-2021-44228

CVE-2021-44228 Detail Awaiting Analysis This vulnerability is currently awaiting analysis. Description Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI r

nvd.nist.gov

https://unit42.paloaltonetworks.com/apache-log4j-vulnerability-cve-2021-44228/

 

Apache log4j Vulnerability CVE-2021-4428: Analysis and Mitigations

We provide background and a root cause analysis of CVE-2021-44228, a vulnerability in Apache log4j, and we recommend mitigations.

unit42.paloaltonetworks.com

https://github.com/tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce

 

GitHub - tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce: Apache Log4j 远程代码执行

Apache Log4j 远程代码执行. Contribute to tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce development by creating an account on GitHub.

github.com

 

728x90
저작자표시 비영리 변경금지 (새창열림)