Internet Security Alert: Apache Log4j 2 Remote Code Execution Vulnerability
Summary
Recently, the Sangfor Security Team detected information about a Remote Code Execution Vulnerability in a Apache Log4j2 component, which was classified as high. The vulnerability is caused by Apache Log4j2 recursive analysis function. Attackers can use this vulnerability to construct malicious data for remote code execution attacks without authorization, and finally obtain the highest authority of the server.
This is a high level security alert. Sangfor team interviewed Jason Yuan, VP – Product & Marketing, Sangfor Technologies to discuss about Apache Log4j vulnerability and to get easy understanding. He also mentioned about Sangfor Emergency Incident Response and mitigation methods incase if you are affected.
Event Level
Level 3
Sangfor Solution
Please visit Vulnerability Wiki on Sangfor Security Center for solutions: https://sec.sangfor.com/security-vulnerability/detail?vuln_sfv=SF_2021_23893&lang=EN-US
Official Solution
Currently, the vendor had fixed this vulnerability in latest version. The official link is as follows:
https://github.com/apache/logging-log4j2/releases/tag/log4j-2.15.0-rc1
Affected Product Line
Products using Apache Log4j2 should be evaluated immediately.