Log4J Vulnerability

Last week a vulnerability was published regarding the Apache log4j, a Java-based logging framework. The vulnerability leads to remote command execution (rce) that can easily be initiated by sending a specific string to any Java application that requires user input.

At the moment the internet is being scanned massively for hosts that have any web services open which could potentially be exploited. Our firewall vendors already have an IPS signature available that detect and drop this exploit, below an example:

Make sure your firewall has the latest IPS signature database downloaded, and IPS is enabled on any inbound firewall rules for internet-facing hosts, specifically port 80.

Our firewall vendors have the following guidelines available:

Below a list of our vendor products that are possibly affected by this exploit. We have excluded any SaaS solutions from the list as this is the vendors responsibility: