Log4j Vulnerability: Are Your Applications at Risk?

Eduardo Rocha Senior Sales Engineer and Security Analyst
3 Min read

Why Should You Care?

Log4j vulnerability can affect vendors and services across the software industry. The IT community has received a shockwave following the Log4j security vulnerability announcement at the end of 2021. Apache Log4j is a popular logging utility used in various applications. As a result, the Federal Trade Commission (FTC) issued a warning that millions of consumer and enterprise products, web services, and applications are at risk.

That’s why CTOs, CISOs, DevOps Managers, and Project Leads need to understand the implications of this recent cybersecurity threat.

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

Log4j Is Everywhere!

Apache Log4j is a logging utility commonly used to log security and performance metrics for websites, applications, and IT services. Programmers can use Log4j to output logs and diagnostic information to various output targets without slowing down the applications. Developers can enable logging at runtime to debug problems. Due to the convenience and performance factors, Log4j has gained popularity among software companies worldwide.

Even businesses not using Log4j might have the utility present in third-party vendor applications and APIs. Companies like Adobe, AWS, Atlassian, Broadcom, Cisco, Citrix, Debian, Dockers, IBM, Microsoft, Oracle, Redhat, Ubuntu, VMWare, and more use Log4j in their products and services.

Log4j Vulnerability Explained

Apache received the first Log4j vulnerability report from a security engineer from Alibaba on November 24, 2021. Cybercriminals can exploit the vulnerability, published as CVE-2021-44228 and known as “Log4Shell”, to manipulate log messages or use log message parameters to execute malicious code loaded from LDAP servers when message lookup substitution is enabled. The vulnerability received a Common Vulnerability Scoring System (CVSS) base score of 10.0, the highest severity level.

Unfortunately, the message lookup substitution is enabled by default for Apache Log4j2 2.0-beta9 to 2.14.1. From Log4j 2.15.0, the message lookup substitution is disabled by default. From Log4j 2.16.0, the functionality has been completely removed.

Cyberattackers can exploit the Log4j vulnerability for unauthenticated, remote code execution (RCE) when a vulnerable version of the Log4j library is present in an application. They can use a single text string to trigger the software to contact external hosts, download a malicious payload and execute it locally. Cybercriminals are already using Log4j exploits for credential theft, data exfiltration, crypto mining, distributed denial of service (DDoS) attacks, and malware deployment.

Apache has been addressing the issues concerning the Log4j vulnerability. Here is a summary of the related CVE publications and resolutions:

VulnerabilityCVSS ScoreSecurity ThreatFixed Version
CVE-2021-4422810A remote code execution (RCE) vulnerability affecting Log4j versions from 2.0-beta9 to 2.14.12.15.0
CVE-2021-450469A data leak and remote code execution (RCE) vulnerability affecting Log4j versions from 2.0-beta9 to 2.15.0, excluding 2.12.22.16.0
CVE-2021-451055.9 A denial-of-service (DoS) vulnerability affecting Log4j versions from 2.0-alpha1 to 2.16.02.17.0
CVE-2021-448326.6 A vulnerability to remote code execution via JDBC Appender when attacker controls configuration affecting Log4j2 versions 2.0-beta7 through 2.17.02.17.1

Log4j Vulnerability Is a Cybersecurity Imperative

Like most modern businesses, your organization probably uses software applications, tools, and APIs from multiple vendors. Due to the popularity of the Log4j library, the probability of your systems having exposure to the Log4j vulnerability is high. You should prepare your systems through understanding your application stack, improving access control, and updating relevant libraries to enhance application and API security. Learn how our leading partners help you defend against Log4j vulnerability here.

Early detection and remediation of the Log4j vulnerability is a time-sensitive issue for many organizations. If you need to quickly mitigate the risk associated with Log4j, an experienced web technology partner who has expertise in mitigating cybersecurity threats can speed up the process.

At GlobalDots, our web security consultants can help with risk assessment and mitigation for cybersecurity threats like the Log4j vulnerability. To learn more about our security services, contact GlobalDots today.

Latest Articles

Three Ways CISOs Can Combat Emerging Threats in 2025

73% of CISOs fear a material cyberattack in the next 12 months, with over three-quarters convinced AI is advancing too quickly for existing methods to combat it. But what can CISOs do to prepare for the coming wave – and access the resources they need to deal with this evolving threat landscape? To find out, […]

11th November, 2024
How Optimizing Kafka Can Save Costs of the Whole System

Kafka is no longer exclusively the domain of high-velocity Big Data use cases. Today, it is utilized on by workloads and companies of all sizes, supporting asynchronous communication between even small groups of microservices.  But this expanded usage has led to problems with cost creep that threaten many companies’ bottom lines. And due to the […]

Itay Tal Head of Cloud Services
29th September, 2024
Migrating Volumez RedHat VMs into Amazon Linux 2 for higher effective discounts rate of Saving Plan

A cloud data infrastructure company relied on extensive use of multiple instance types to test its products. But this made it difficult to optimize costs – a fact which had begun to impact their ability to scale the business.   The GlobalDots team helped the company identify and implement a new infrastructure configuration that both saved […]

Itay Tal Head of Cloud Services
19th September, 2024
How Yuki Achieved SOC 2 Compliance 6x Faster

Overview A fast-growing Snowflake optimization platform was missing out on customers because they didn’t have the right data security compliance. Through multiple consultations and extensive vendor-testing, the GlobalDots team selected a solution to provide both tech and human support, helping the company achieve SOC 2 compliance within just 3 months – and win new customers […]

Itay Tal Head of Cloud Services
16th September, 2024

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.

    GlobalDots' industry expertise proactively addressed structural inefficiencies that would have otherwise hindered our success. Their laser focus is why I would recommend them as a partner to other companies

    Marco Kaiser
    Marco Kaiser

    CTO

    Legal Services

    GlobalDots has helped us to scale up our innovative capabilities, and in significantly improving our service provided to our clients

    Antonio Ostuni
    Antonio Ostuni

    CIO

    IT Services

    It's common for 3rd parties to work with a limited number of vendors - GlobalDots and its multi-vendor approach is different. Thanks to GlobalDots vendors umbrella, the hybrid-cloud migration was exceedingly smooth

    Motti Shpirer
    Motti Shpirer

    VP of Infrastructure & Technology

    Advertising Services