Log4j Vulnerability (original) (raw)
Explore more about blësk by**contacting** one of our experts.
Resources
Resources
Log4j Vulnerability
Log4j Vulnerability
A vulnerability with the Java Log4j extension was announced this weekend.
Log4j is a Java-based logging audit framework used by blësk for the Event Log Manager (ELM) application.
This critical flaw (Level 10 on a scale of 10), affects the majority of large companies offering web solutions and/or having a web infrastructure or being accessible through the web are affected.
The vulnerability number is CVE-2021-44228.
There are also alternatives to mitigate the behavior of the vulnerability on blësk that follows.
1 – In CLI with the superuser “root”, edit the file /etc/logstash/log4j2.properties
2 – Add to the end of this file the following line: log4j2.formatMsgNoLookups = true
3 – Restart the service with the following command: /etc/init.d/logstash restart
Feel free to contact blësk support if you have any questions.
Software vulnerabilities have been widespread since the beginning of the Internet. Despite the evolution of IT security platforms, software and systems can never be claimed as completely secured.
Organizations faced operational challenges to keep IT services secure, up-to-date and uninterrupted while physically no-one is in, or able to come to a corporate location.
Downtime can be either planned or unplanned. When your IT team needs to make important technology updates, they may have to turn off your network temporarily.-
Software vulnerabilities have been widespread since the beginning of the Internet. Despite the evolution of IT security platforms, software and systems can never be claimed as completely secured. -
Organizations faced operational challenges to keep IT services secure, up-to-date and uninterrupted while physically no-one is in, or able to come to a corporate location.