Since last few days almost all organizations are struggling to find the products affected due to recently discovered vulnerability which is Log4j. Because of high criticality of this vulnerability huge number of servers, applications are getting affected & all organizations are in rush to fix the vulnerability. So that their environment can become secure & protected.
So, what is the actual vulnerability:
A new critical vulnerability has been detected in Apache log4j, which is a widely used open-source utility used to generate logs inside java applications.
The vulnerability CVE-2021-44228, also known as Log4Shell, permits a Remote Code Execution (RCE) allowing the attackers to execute arbitrary code on the host.
So, what is the Impact of this Vulnerability:
The actual impact of this vulnerability is very huge due to the broad adoption of this Log4j library in many environments. If you have any of java applications in your environment, they are most likely using Log4j to log internal events.
In case if attacker manages to get access of vulnerable server than the exploitation is also flexible, letting attacker retrieve and execute arbitrary code from local to remote LDAP servers and other protocols. Which can in turn compromise the system & attacker will take full control of the system.
Finding this vulnerability in your server can become difficult task for your team so to help you with that Runecast has came up with the free scan which will allow you to perform free scan of your environment. It also affects Kubernetes, AWS or Azure, this vulnerability affects the application layer (as it did with VMware). If you have workloads like Linux and Windows servers running on these platforms than you must scan your environment as soon as possible.
Due to the severity and widespread impact of this issue, Runecast is currently offering a free assessment of your estate. This includes all applications running on Windows, Linux, VMware, and even Kubernetes on Linux, as stated above.
With Runecast you can scan your hybrid or multi-cloud environment with Runecast Analyzer and see all vulnerable instances of Log4Shell, along with remediation guidance. Runecast is a patented enterprise IT platform that provides IT operations and security teams one platform for configuration monitoring, vulnerability management, security compliance, remediation, upgrade planning and reporting.
You will get 7-day free trial from Runecast which will allow you to scan unlimited assets in your complete environment. This is for the organization who are looking to scan & fix this vulnerability as soon as possible so we request you to just don’t provide wrong details. It will help you only to fix your environment.
You can check out below link for which you just have to fill the form to request your free vulnerability scan:
Many vendors are already notifying their customers & organizations to detect vulnerability & fix it as soon as possible.
A VMSA was released by VMware (VMSA-2021-0028) in response to the highly critical CVE-2021-44228 vulnerability. You can read more in details in KB 87068 article which displays the long list of products which are affected due to this vulnerability & you need to fix them as soon as possible.
That’s it for Today Friends. I Hope you liked reading this post & If you find anything more to be added or removed feel free to write it in our comments. If you find it useful You are Feel free to share this on social media to help others & spread knowledge.
If you have any query on any thing you are free to write it in our comments section & we will make sure to provide you the better solution as soon as possible.