Log4j: Understand The Security Flaw And Its Severity


Log4j: The year 2021 was marked by another wave of hundreds (maybe thousands) of cyber scams that affected companies and even government agencies. To “close the year”, a major vulnerability was discovered and left the whole world on alert: the Log4j flaw.

The open source platform used by Apple, Twitter, Steam and Tencent ventures has a serious loophole that allows malicious agents to steal confidential data, upload files to a server and more.

According to Google, more than 35,000 Java packages, representing more than 8% of the Maven Central repository (the main Java repository), were affected by the issue. Discovered on Dec. 16, the vulnerability was considered one of the “most serious” ever seen by Jen Easterly, head of the US Department of Cyber ​​Security and Infrastructure Security Agency (CISA).

How do attackers take advantage of the Log4j flaw?

According to Tenable, a specialist in Cyber ​​Exposure, the problem with Log4j is considered critical because exploring it is relatively simple. The loophole allows the unauthenticated remote attacker to attack the popular Apache Log4j log library, used by several very popular services such as iCloud, Amazon and Tesla, in addition to those mentioned at the beginning of the article.

According to Tenable, the vulnerability is exploited when an attacker sends a manipulated request that uses a Java Name and Directory Interface (JNDI) injection, which is a java directory interface) through a variety of services, including: Lightweight Directory Access Protocol, Secure (LDAP), Remote Method Invocation (RMI) and Domain Name Service (DNS).