Some applications that leverage log4j2 (2.14.1 or older) are vulnerable to a simple attack which can allow for remote code execution. Apache Log4j <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled (CVE-2021-44228).
Following internal research and validation by the Industrial Defender security and R&D teams the following products are NOT impacted and NOT vulnerable to CVE-2021-44228.
Customers can use the Policy application to check for the presence of log4j or applications that may
Our VMS is updated in real time as data is made available about CVEs. Industrial Defender recommends customers do a data exchange to help determine exposure to CVE-2021-44228.
Signatures have been published that can detected the remote code execution associated with log4j vulnerability. They are available on the on the Industrial Defender support portal.
For further information regarding this critical security issue please contact our Support Team.
Phone - 877-943-3363