log4j – Smart Cyber Security

Ivanti Updates Log4j Advisory with Security Updates for Multiple Products

Ivanti Updates Log4j Advisory with Security Updates for Multiple Products 01/14/2022 10:18 AM EST Original release date: January 14, 2022 Ivanti has updated its Log4j Advisory with security updates for multiple products to address CVE-2021-44228. An unauthenticated attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to… Continue reading Ivanti Updates Log4j Advisory with Security Updates for Multiple Products

CISA Issues ED 22-02 Directing Federal Agencies to Mitigate Apache Log4j Vulnerabilities

CISA Issues ED 22-02 Directing Federal Agencies to Mitigate Apache Log4j Vulnerabilities Original release date: December 17, 2021 CISA has issued Emergency Directive (ED) 22-02: Mitigate Apache Log4j Vulnerability], directing federal civilian executive branch (FCEB) agencies to address Log4j vulnerabilities—most notably, CVE-2021-44228. Although ED 22-02 applies to FCEB agencies, CISA strongly recommends that all organizations… Continue reading CISA Issues ED 22-02 Directing Federal Agencies to Mitigate Apache Log4j Vulnerabilities

Apache Releases Log4j Version 2.15.0 to Address Critical RCE Vulnerability Under Exploitation

Apache Releases Log4j Version 2.15.0 to Address Critical RCE Vulnerability Under Exploitation 12/10/2021 09:50 AM EST Original release date: December 10, 2021 The Apache Software Foundation has released a security advisory to address a remote code execution vulnerability (CVE-2021-44228) affecting Log4j versions 2.0-beta9 to 2.14.1. A remote attacker could exploit this vulnerability to take control… Continue reading Apache Releases Log4j Version 2.15.0 to Address Critical RCE Vulnerability Under Exploitation