Shoggi
Level 5

Security Advisory: Log4j Java Vulnerability (CVE-2021-44228)

Dear team,

we try to cover us for above with SVM. We know RedHat is covered in SVM but nothign on Windows OS.

We tried to download their sources but there is only *.jar and non of them have a signed certificate etc.

What are our options to find insecure apps/services on servers or endpoints on MS OS using SVM?

Lukas

This thread has been automatically locked due to inactivity.

To continue the discussion, please start a new thread.

1 Reply
raslam
Level 7 Flexeran
Level 7 Flexeran

Lucas, 

The SVM only scans DLL, exe, and ocx files and cant scan and report on .jar files. At this point, we strongly recommend you contact the official product vendor and follow the vendor's official remediation process. 

From the SVM perspective, we have issued a couple of advisories covering CVE-2021-44228. 

For example 

SA105668 Debian update for apache-log4j2
SA105493 VMware Multiple Products Apache log4j JNDI Arbitrary Code Execution Vulnerability
SA105503 Cisco Multiple Products Apache log4j JNDI Arbitrary Code Execution Vulnerability
SA105528 Debian update for apache-log4j2
SA105630 Apache log4j JNDI Arbitrary Code Execution Vulnerability