Defending Against the Log4j Vulnerabilities
The Log4Shell vulnerability was first found in the popular Apache Log4j 2. It’s a critical zero-day vulnerability that enables bad actors to perform remote code execution (RCE). Log4j is used in frameworks, such as Apache Struts 2, Apache Solr, Apache Druid and Apache Flink.
In many instances, system admins may not be aware that Log4j is being used in their environments, leaving thousands of applications and third-party services at risk. Additional Log4j vulnerabilities have continued to add complexity to response efforts for many organizations.