Hello guys, since the last couple of days, there is a lot of chaos going
into the Java world due to the Log4j2 issue which allows Remote code
execution (RCE), the CVE-2021-44228, which is designated a zero-day vulnerability. Everyone is busy whether their Java application is impacted
and given the popularity of Log4j it's a good chance that your application
will be impacted. Even if you are not using Log4j2 directly, they
might be used by the framework or library you use like
Spring Boot, Hadoop, Elastic Serach, or
Struts. This is kind of a serious issue becuase RCE Vulnarabilyt means it allows
hackers to execute code in your servers, and this has been used in past on
many breaches like the 2017 Equifax data breach but its not time to lose
calm and understand the impact and whether your app is affected or not and
what you can do in short term to prevent it.
Monday, December 13, 2021
Subscribe to:
Posts
(
Atom
)