Catastrophic Log4j Security Fail Threatens Enterprise Systems & Web Apps Worldwide – Search Engine Journal

A serious code execution vulnerability in Log4j has security experts warning of potentially catastrophic consequences for enterprise organizations and web apps.

The vulnerability, listed as CVE-2021-44228 in the Apache Log4j Security Vulnerabilities log, enables remote attackers to take control of an affected system.

What is Log4j?

Log4j is an open source Apache logging system framework used by developers for recordkeeping within an application.

This exploit in the popular Java logging library results in Remote Code Execution (RCE). The attacker sends a malicious code string that, when logged by Log4j, allows the attacker to load Java on the server and take control.

Wired reports that attackers were using Minecraft’s chat function to exploit the vulnerability Friday afternoon.

Who Is Impacted By The Log4j Security Issue?

The issue is so severe that the United States Cybersecurity & Infrastructure Security Agency released a notice December 10 that states, in part:

“CISA…

Read Full Story: https://www.searchenginejournal.com/log4j-security-fail/429821/

The post Catastrophic Log4j Security Fail Threatens Enterprise Systems & Web Apps Worldwide – Search Engine Journal first appeared on SEO, Marketing and Social News | OneSEOCompany.com.

source: https://news.oneseocompany.com/2021/12/10/catastrophic-log4j-security-fail-threatens-enterprise-systems-web-apps-worldwide-search-engine-journal_2021121010624.html

Your content is great. However, if any of the content contained herein violates any rights of yours, including those of copyright, please contact us immediately by e-mail at media[@]kissrpr.com.