Morefield Communications Security Advisory: Log4Shell CVE-2021-44228

Morefield Communications Cybersecurity and IT Operations team have been carefully monitoring a new vulnerability in the Log4J Java library which provides logging capabilities to various software. This new vulnerability (Log4Shell) allows a remote, unauthenticated attacker to force Java-based applications and servers to log a specific string into their internal systems, if using the Log4J library. When the application or server processes the logs, the string can force the vulnerable system to download and run a malicious script from an attacker-controlled domain, effectively taking over the vulnerable application or server.

A significant number of applications are affected. We will be updating this post as new information and affected applications are discovered.

Listed below are some of the running list of all applications and/or server products affected:

  • Apache Software Foundation – Apache Struts, Apache Flink, Apache Druid, Apache Flume, Apache Solr, Apache Flink, Apache Kafka, Apache Dubbo (not limited to these products)
  • VMWare
  • ElasticSearch
  • Apple
  • Twitter
  • Amazon
  • Minecraft
  • Palo Alto
  • IBM
  • CloudFlare
  • JD
  • NetEase
  • Tencent
  • Todo
  • Baidu
  • Didi
  • Steam
  • Tenable
  • Tesla

BlueTeam CheatSheet * Log4Shell* – User community updated list of vulnerable applications

Additional Resources:

 

We expect more application vendors to report this vulnerability and we are diligently monitoring vendor responses for platforms and systems commonly deployed. We are committed to helping our clients make smart technology decisions while delivering outstanding service and expert solutions. If you have any questions, please contact your Network Administrator or Sales Representative.

Sign Up for Our Newsletter