Log4j | Weaponized Threat

Log4j Weaponized Threat

Extremely Dangerous Vulnerability Discovered

This weekend a vulnerability in Log4j which is a very popular Java-based logging tool has been Weaponized.  All versions of Log4j prior to 2.14.1 are vulnerable, this does not just impact the stand alone installer.  Any application which uses Log4j for log file management or LDAP queries could also be vulnerable, unfortunately where this is the case the vendor must provide updates for those 3rd party updates.

The Scope metric captures whether a vulnerability in one vulnerable component impacts resources in components beyond its security scope.

What makes this extra serious, is that the Scope (we call it a Jump Point) is Changed – meaning that exploitation of this vulnerability could allow the attacked to affect resources beyond the security scope managed by the security authority of the vulnerable component.

CVE-2021-44228 – CVSS Score: 10

Syxsense Risk Alert 

    • Attack Vector: Any Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope (Jump Point): Yes

As always, we recommend full testing be performed prior to live deployment to your device. These are now available within Syxsense.

How to Protect Your Business from Logj4

Although a number of popular IT management and security tools are vulnerable, Syxsense is pleased to confirm that it does NOT use Log4j. Syxsense Secure and Enterprise customers can use the Syxsense security scanner to identify endpoints that are exposed to this new vulnerability.

Syxsense vulnerability scanner is not only a complete security management package, it is automated, repeatable, and generates quick results, delivering security and safety in a timely manner. With security scanning and patch management in one console, Syxsense Secure is the only product that not only shows you what’s wrong, but also deploys the solution.

It offers visibility into OS and third-party vulnerabilities like defects, errors, or misconfigurations of components, while increasing cyber resilience. And it is fully integrated with automated patch management software that lets you easily manage unpatched vulnerabilities with the click of a button.

Syxsense includes patch supersedence, patch roll back, and a wealth of automation features. In addition, it provides a three-hour turnaround for the testing and delivery of new patches as well as technology to send software and patches across the wire once, using peer-to-peer within the network for local distribution.