Is the log4j vulnerability already exploited in your enterprise? Do you know what data is being exfiltrated? Protect your data assets with ease.
Join the DZone community and get the full member experience. We are following developments on the Log4Shell security vulnerability in Apache “Log4j 2″ utility ( CVE-2021-44228, CVE-2021-45046). We, at Theom, are actively helping multiple enterprises expose the impact of the log4j vulnerability and understand what data has been exfiltrated. We are sharing this post to help the defenders. Establish if the log4j RCE vulnerability has been exploited. Note: Vulnerability assessment products can only say if the software is vulnerable. Theom tells you if the vulnerability is exploited. If the vulnerability was exploited, you need answers for questions like: What data was exposed? What data entities were exfiltrated? What is the business criticality of the exfiltrated data? What other data is at risk? Further uncover other latent zero-days when exploited, by fingerprinting user and application data access behavior. The latest vulnerability in the popular Apache Log4j has taken the security world by storm. The log4j vulnerability is so widespread, it may take many weeks to patch and fix. Log4j is a logging library used in almost every Java application. It is very popular as it makes it easy to create a log4j class and pass the suitable parameters for logging within an application. Alibaba cloud security team discovered the vulnerability, and a patch has been made available since then. Refer to the CISA site to track the latest information on this vulnerability. Now that the remote code execution vulnerability in log4j is available with open-sourced proof of exploits, the race is between low-skilled attackers and defenders.
