Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Security Notice: Apache Log4j Remote Code Execution (RCE) Log4shell Vulnerability (CVE-2021-44228)

MicahMicah admin
edited January 2022 in Water Cooler

Apache Log4j project disclosed CVE-2021-44228, which is a Critical (CVSS 10.0) remote code execution vulnerability affecting Apache Log4j2 version<= 2.14.1. A subsequent security patch was released on Dec 10, 2021.

SonicWall has observed widespread scanning and exploitation of this vulnerability over the internet using a publicly available PoC (Proof of Concept) exploit. SonicWall is currently investigating its product line to scope and impact, as utilization of Log4j does not immediately suggest exploitation is possible.

Please see the following resources to learn more:

Category: Water Cooler
Reply

@micah - SonicWall's Self-Service Sr. Manager

Comments

Sign In or Register to comment.