The newly discovered zero-day vulnerability allows attackers to gain complete control of organizational systems and servers.
A new vulnerability has come forth in Java logging library Apache Log4j, allowing attackers to access servers. This recent weakness is coined as Zero-Day vulnerability, and according to CERT New Zealand, it is already being exploited.
Keeping this in mind, CISA has urged administrators to take swift and immediate action to address the issue. Reports suggest that any system using Apache Log4j – between versions 2.0 and 2.14.1 – is at risk of falling victim to remote attackers taking over their server.
Where was it discovered?
This threat first came to light in Minecraft, but experts believe that the issue extended into cloud applications. It was also discovered in enterprise applications and anyone using Apache Struts.
Since the Java Library is ubiquitous, it is simple for an attacker to exploit the entire system and gain full control, free to do as pleased. This is why a concrete resolution is the need of the hour before the damage is out of hand.
How can this be resolved?
There are announcements of an upgrade that can be done in order to remove the issue, but there are other ways to tackle it as well. The first step is to keep constant track of logs. Then, organizations can check if they are affected by using Log4j versions. If so, experts believe that switching to log4j2.formatMsgNoLookups to true may be of help. To do that, the program will need an extra script of “‐Dlog4j2.formatMsgNoLookups=True” to the JVM command when starting the application.
The best way is to upgrade to the log4j-2.15.0-rc1 version. This version has dealt with all potential breaches and protects systems and servers being impacted by attackers.