Domino on Linux/Unix, Troubleshooting, Best Practices, Tips and more ...

 
alt

Daniel Nashed

 

How to scan for Apache Log4j 2 CVE-2021-44228?

Daniel Nashed  13 December 2021 09:53:01

Many admins and end users around the world are concerned that their systems or systems they are using are affected by the new very critical security issue in Apache Log4j 2


What if you have home grown applications, where you can't ask a vendor for help?

The vulnerability is only affecting version Log4j 2.x so you really have to check in very detail.

For Docker images Docker has updated their scanner and there is a good article about the background of this issue -->
https://www.docker.com/blog/apache-log4j-2-cve-2021-44228/

There is also another easy to use scanner, which can scan file-systems, GitHub repositories, Docker images and other sources.
I used the example from the Docker post to verify it finds CVE-2021-44228, because I could not find it in any software I am using on Linux.

Here is a link to the scanner's GitHub repository and information how to use and install it -->
https://aquasecurity.github.io/trivy

Example output from the image the Docker post uses:

+-------------------------------------+------------------+----------+-------------------+---------------+---------------------------------------+
|               LIBRARY               | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION |                 TITLE                 |
+-------------------------------------+------------------+----------+-------------------+---------------+---------------------------------------+
| org.apache.logging.log4j:log4j-api  | CVE-2021-44228   | CRITICAL | 2.14.0            | 2.15.0        | log4j-core: Remote code execution     |
|                                     |                  |          |                   |               | in Log4j 2.x when logs contain        |
|                                     |                  |          |                   |               | an attacker-controlled...             |
|                                     |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2021-44228 |
+-------------------------------------+                  +          +                   +               +                                       +

Links

    Archives


    • [HCL Domino]
    • [Domino on Linux]
    • [Nash!Com]
    • [Daniel Nashed]