All Collections
Notices
Vulnerability CVE-2021-44228 Release
Vulnerability CVE-2021-44228 Release

Critical security vulnerability (CVE-2021-44228) in the Log4j

James Trujillo avatar
Written by James Trujillo
Updated over a week ago

This article for WAREwithal users contains information about the Log4j vulnerability and our actions we are taking to attend to this critical security issue. With all security issues, our approach is simple: assess, test, release, then repeat.

The Log4j vulnerability CVE-2021-44228 was first identified in early December. It is categorized as a Zero-Day vulnerability which can simply be interpreted as "immediate action is necessary" due to the severity of the exploit. Since then, the attempted fixes resulted in a couple more issues with Log4j (CVE-2021-45046, CVE-2021-45105).

We leverage Apache and Adobe ColdFusion in order to provide WAREwithal services and have taken action based on their recommendations for mitigating the exploit.

Apache Software Foundation most recent release of Log4j version 2.17, on Friday, December 17, 2021, was to target newly discovered exploit to the already vulnerability of remote code execution on a Java logging library (CVE-2021-44228) that is used by many enterprise software applications.

Adobe ColdFusion has released information on how to mitigate the exploit and has released a patch (version(s) 2021, 2018) for this log4j vulnerability on 12/17/2021 for admins to deploy. They have released solutions to attend to the additional exploits on December 21, 2021. Adobe claims that there is no attack vector to exploit the Log4j vulnerabilities and recommends that the patches and JAR files still be updated.

Our servers already having mitigated the execution of this exploit and that fact that the functionality is not in use on our servers.

We have deployed the patch and attended to the modifications on our staging servers. We will be testing the servers and continue to monitor the public threads to ensure that no issues arise from deploying this remedy. Once tests are proven to be stable and no issues are identified with the deployment of the patch, we will deploy the remedy across our servers to ensure the fullest protection has been provided to our users.

>> UPDATE <<

We have successfully tested the updates on our staging server as well as a couple of our production servers. No additional patches or notifications on new configurations have come out. We deem these releases as stable. Due to this success, all the production servers were updated by December 24th, 2021.

At this time, this vulnerability has not impacted Kolbe Corp’s own systems, and any risk of it doing so has been addressed to the best of our ability. We will continue monitoring and reviewing resources to help secure Kolbe Corp from Log4j exploits as more information about this exploit is discovered.

We will continue to update this post until the security issue has been completely resolved.

Did this answer your question?