{"id":261,"date":"2021-12-18T13:53:34","date_gmt":"2021-12-18T13:53:34","guid":{"rendered":"http:\/\/blog.nitro-cloud.com\/?p=7"},"modified":"2023-12-20T23:26:53","modified_gmt":"2023-12-21T00:26:53","slug":"log4j-security-problem","status":"publish","type":"post","link":"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/","title":{"rendered":"Log4j Vulnerability"},"content":{"rendered":"\r\n

We have probably all heard of the critical Log4j library security issue by now. Log4j is an Apache library that saves logs. That is why software developers use it instead of writing their own logging system. Unfortunately, The problem found allows the attacker to execute his code remotely.<\/p>\r\n\r\n\r\n\r\n

As the library is popular, all the software uses it. Even companies like VMWare, Adobe and etc. are struggling with this issue.<\/p>\r\n\r\n\r\n\r\n

Some companies are struggling with the vulnerability<\/strong><\/span><\/h2>\r\n\r\n\r\n\r\n

VMware<\/h3>\r\n\r\n\r\n\r\n

VMware has this vulnerability and is working on a patch to solve the problem quickly.<\/p>\r\n\r\n\r\n\r\n

Adobe<\/h3>\r\n\r\n\r\n\r\n

Adobe has asked to disable LDAP for now to avoid security issues in adobe connect software.<\/p>\r\n\r\n\r\n\r\n

Cloudflare<\/h3>\r\n\r\n\r\n\r\n

Cloudflare is trying to protect his services from this issue with all his power as well.<\/p>\r\n\r\n\r\n\r\n

Other companies<\/h3>\r\n\r\n\r\n\r\n

Other Huge companies, such as DELL and HP, are reviewing their products. They are putting a page on their site to share the review progress with their customers.<\/p>\r\n\r\n\r\n\r\n

Basic Solutions<\/strong><\/span><\/h2>\r\n\r\n\r\n\r\n

Apache has provided a solution to prevent this vulnerability. The solution is upgrade to version 2.16 or 2.12.2 for Java 7. This change can not be done by us, So that we should wait for release an update or patch for software we using.<\/p>\r\n\r\n\r\n\r\n

What can we do for protect our softwares?<\/strong><\/span><\/h2>\r\n\r\n\r\n\r\n

During this period, the best thing to do is to limit the access as much as possible and not allow unauthorized people to access any of our software remotely, online, and under the network.<\/p>\r\n\r\n\r\n\r\n

If you also have software that uses this library, contact the programming team or the software provider site immediately and follow their solution to avoid this security hole.<\/p>\r\n\r\n\r\n\r\n

We hope this issue does not affect anyone’s software and your software company will provide its update or patch as soon as possible to avoid the issue.<\/p>\r\n\r\n\r\n\r\n

Some software solutions:<\/strong><\/span><\/h2>\r\n\r\n\r\n\r\n
\r\n
\r\n
\r\n
\"Apache\"<\/a><\/figure>\r\n<\/div>\r\n<\/div>\r\n\r\n\r\n\r\n
\r\n
\r\n
\"VMware\"<\/a><\/figure>\r\n<\/div>\r\n<\/div>\r\n\r\n\r\n\r\n
\r\n
\"Adobe\"<\/a><\/figure>\r\n<\/div>\r\n<\/div>\r\n\r\n\r\n\r\n

CVE Links:<\/strong><\/span><\/h2>\r\n\r\n\r\n\r\n

If you are interested to read more about this vulnerability, see more info here:<\/p>\r\n\r\n\r\n\r\n

\r\n
CVE-2021-45046<\/a><\/div>\r\n\r\n\r\n\r\n
CVE-2021-44228<\/a><\/div>\r\n<\/div>\r\n\r\n\r\n\r\n

 <\/p>\r\n","protected":false},"excerpt":{"rendered":"

We have probably all heard of the critical Log4j library security issue by now. Log4j is an Apache library that saves logs. That is why software developers use it instead of writing their own logging system. Unfortunately, The problem found allows the attacker to execute his code remotely. As the library is popular, all the […]<\/p>\n","protected":false},"author":3,"featured_media":266,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17],"tags":[],"class_list":["post-261","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security"],"acf":[],"yoast_head":"\nLog4j Vulnerability - Nitro Cloud blog<\/title>\n<meta name=\"description\" content=\"Log4j is an Apache library that saves logs. Unfortunately, The problem found allows the attacker to execute his code remotely.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Log4j Vulnerability\" \/>\n<meta property=\"og:description\" content=\"Log4j is an Apache library that saves logs. Unfortunately, The problem found allows the attacker to execute his code remotely.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/\" \/>\n<meta property=\"og:site_name\" content=\"Nitro Cloud blog\" \/>\n<meta property=\"article:published_time\" content=\"2021-12-18T13:53:34+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-12-21T00:26:53+00:00\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"Log4j Vulnerability\" \/>\n<meta name=\"twitter:description\" content=\"Log4j is an Apache library that saves logs. Unfortunately, The problem found allows the attacker to execute his code remotely.\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\/\/nitro-cloud.com\/blog\/#\/schema\/person\/1813918feb5e2ad047fba3585e6bac41\"},\"headline\":\"Log4j Vulnerability\",\"datePublished\":\"2021-12-18T13:53:34+00:00\",\"dateModified\":\"2023-12-21T00:26:53+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/\"},\"wordCount\":327,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/nitro-cloud.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/nitro-cloud.com\/blog\/wp-content\/uploads\/2021\/12\/log4j.png\",\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/\",\"url\":\"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/\",\"name\":\"Log4j Vulnerability - Nitro Cloud blog\",\"isPartOf\":{\"@id\":\"https:\/\/nitro-cloud.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/nitro-cloud.com\/blog\/wp-content\/uploads\/2021\/12\/log4j.png\",\"datePublished\":\"2021-12-18T13:53:34+00:00\",\"dateModified\":\"2023-12-21T00:26:53+00:00\",\"description\":\"Log4j is an Apache library that saves logs. Unfortunately, The problem found allows the attacker to execute his code remotely.\",\"breadcrumb\":{\"@id\":\"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/#primaryimage\",\"url\":\"https:\/\/nitro-cloud.com\/blog\/wp-content\/uploads\/2021\/12\/log4j.png\",\"contentUrl\":\"https:\/\/nitro-cloud.com\/blog\/wp-content\/uploads\/2021\/12\/log4j.png\",\"width\":1200,\"height\":628,\"caption\":\"LOG4J\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u062e\u0627\u0646\u0647\",\"item\":\"https:\/\/nitro-cloud.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Log4j Vulnerability\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/nitro-cloud.com\/blog\/#website\",\"url\":\"https:\/\/nitro-cloud.com\/blog\/\",\"name\":\"Nitro Cloud blog\",\"description\":\"Answers to frequently asked questions of users\",\"publisher\":{\"@id\":\"https:\/\/nitro-cloud.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/nitro-cloud.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/nitro-cloud.com\/blog\/#organization\",\"name\":\"Nitro Cloud blog\",\"url\":\"https:\/\/nitro-cloud.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/nitro-cloud.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"http:\/\/localhost\/hosting-weblog\/wp-content\/uploads\/2023\/06\/03.png\",\"contentUrl\":\"http:\/\/localhost\/hosting-weblog\/wp-content\/uploads\/2023\/06\/03.png\",\"width\":200,\"height\":43,\"caption\":\"Nitro Cloud blog\"},\"image\":{\"@id\":\"https:\/\/nitro-cloud.com\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/nitro-cloud.com\/blog\/#\/schema\/person\/1813918feb5e2ad047fba3585e6bac41\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/nitro-cloud.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/18de79882ab6b9d1ea666d4202a61f4430493480af1146e7d9e2c0d016d34b79?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/18de79882ab6b9d1ea666d4202a61f4430493480af1146e7d9e2c0d016d34b79?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"url\":\"https:\/\/nitro-cloud.com\/blog\/author\/alirashidi\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Log4j Vulnerability - Nitro Cloud blog","description":"Log4j is an Apache library that saves logs. Unfortunately, The problem found allows the attacker to execute his code remotely.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/","og_locale":"en_US","og_type":"article","og_title":"Log4j Vulnerability","og_description":"Log4j is an Apache library that saves logs. Unfortunately, The problem found allows the attacker to execute his code remotely.","og_url":"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/","og_site_name":"Nitro Cloud blog","article_published_time":"2021-12-18T13:53:34+00:00","article_modified_time":"2023-12-21T00:26:53+00:00","author":"admin","twitter_card":"summary_large_image","twitter_title":"Log4j Vulnerability","twitter_description":"Log4j is an Apache library that saves logs. Unfortunately, The problem found allows the attacker to execute his code remotely.","twitter_misc":{"Written by":"admin","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/#article","isPartOf":{"@id":"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/"},"author":{"name":"admin","@id":"https:\/\/nitro-cloud.com\/blog\/#\/schema\/person\/1813918feb5e2ad047fba3585e6bac41"},"headline":"Log4j Vulnerability","datePublished":"2021-12-18T13:53:34+00:00","dateModified":"2023-12-21T00:26:53+00:00","mainEntityOfPage":{"@id":"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/"},"wordCount":327,"commentCount":0,"publisher":{"@id":"https:\/\/nitro-cloud.com\/blog\/#organization"},"image":{"@id":"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/#primaryimage"},"thumbnailUrl":"https:\/\/nitro-cloud.com\/blog\/wp-content\/uploads\/2021\/12\/log4j.png","articleSection":["Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/","url":"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/","name":"Log4j Vulnerability - Nitro Cloud blog","isPartOf":{"@id":"https:\/\/nitro-cloud.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/#primaryimage"},"image":{"@id":"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/#primaryimage"},"thumbnailUrl":"https:\/\/nitro-cloud.com\/blog\/wp-content\/uploads\/2021\/12\/log4j.png","datePublished":"2021-12-18T13:53:34+00:00","dateModified":"2023-12-21T00:26:53+00:00","description":"Log4j is an Apache library that saves logs. Unfortunately, The problem found allows the attacker to execute his code remotely.","breadcrumb":{"@id":"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/#primaryimage","url":"https:\/\/nitro-cloud.com\/blog\/wp-content\/uploads\/2021\/12\/log4j.png","contentUrl":"https:\/\/nitro-cloud.com\/blog\/wp-content\/uploads\/2021\/12\/log4j.png","width":1200,"height":628,"caption":"LOG4J"},{"@type":"BreadcrumbList","@id":"https:\/\/nitro-cloud.com\/blog\/log4j-security-problem\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u062e\u0627\u0646\u0647","item":"https:\/\/nitro-cloud.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Log4j Vulnerability"}]},{"@type":"WebSite","@id":"https:\/\/nitro-cloud.com\/blog\/#website","url":"https:\/\/nitro-cloud.com\/blog\/","name":"Nitro Cloud blog","description":"Answers to frequently asked questions of users","publisher":{"@id":"https:\/\/nitro-cloud.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/nitro-cloud.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/nitro-cloud.com\/blog\/#organization","name":"Nitro Cloud blog","url":"https:\/\/nitro-cloud.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/nitro-cloud.com\/blog\/#\/schema\/logo\/image\/","url":"http:\/\/localhost\/hosting-weblog\/wp-content\/uploads\/2023\/06\/03.png","contentUrl":"http:\/\/localhost\/hosting-weblog\/wp-content\/uploads\/2023\/06\/03.png","width":200,"height":43,"caption":"Nitro Cloud blog"},"image":{"@id":"https:\/\/nitro-cloud.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/nitro-cloud.com\/blog\/#\/schema\/person\/1813918feb5e2ad047fba3585e6bac41","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/nitro-cloud.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/18de79882ab6b9d1ea666d4202a61f4430493480af1146e7d9e2c0d016d34b79?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/18de79882ab6b9d1ea666d4202a61f4430493480af1146e7d9e2c0d016d34b79?s=96&d=mm&r=g","caption":"admin"},"url":"https:\/\/nitro-cloud.com\/blog\/author\/alirashidi\/"}]}},"_links":{"self":[{"href":"https:\/\/nitro-cloud.com\/blog\/wp-json\/wp\/v2\/posts\/261","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nitro-cloud.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nitro-cloud.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nitro-cloud.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/nitro-cloud.com\/blog\/wp-json\/wp\/v2\/comments?post=261"}],"version-history":[{"count":1,"href":"https:\/\/nitro-cloud.com\/blog\/wp-json\/wp\/v2\/posts\/261\/revisions"}],"predecessor-version":[{"id":274,"href":"https:\/\/nitro-cloud.com\/blog\/wp-json\/wp\/v2\/posts\/261\/revisions\/274"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nitro-cloud.com\/blog\/wp-json\/wp\/v2\/media\/266"}],"wp:attachment":[{"href":"https:\/\/nitro-cloud.com\/blog\/wp-json\/wp\/v2\/media?parent=261"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nitro-cloud.com\/blog\/wp-json\/wp\/v2\/categories?post=261"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nitro-cloud.com\/blog\/wp-json\/wp\/v2\/tags?post=261"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}