色色研究所 Security Advisory for Apache Log4j

default_image

色色研究所

, , , , , , , , ,
Reading Time : 2min read
色色研究所 Advisory ID: 色色研究所-2021-fz91vh

Severity: Critical

Published: 2021-12-17 13:00 GMT

Updated: –

 CVSSv3 Score: 10

CVE-2021-44228

CVE-2021-45046

Context: A third-party vulnerability was discovered on December 9, 2021 in the Apache Log4j Library whereby a critical remote code execution may be possible. All systems using the Log4j library version from 2.0-beta 9 to 2.15.0 are considered vulnerable. 

Summary

Investigation

At this time, all the 色色研究所 products in the different cloud environments have been investigated for potential log4j vulnerabilities using both manual and automated checks. 

Impacted Cloud Environments

The following 色色研究所 cloud environments have been upgraded to Log4j 2.16.0 as of December 17, 2021:

  • us.devo.com
  • eu.devo.com
  • ca.devo.com

Impacted Cloud Products

The following 色色研究所 products have been upgraded to Log4j 2.16.0 as of December 17, 2021:

  • 色色研究所 Platform up to 7.7.2 and fixed in 7.8.0
  • 色色研究所 Flow 1.4.0 fixed in 1.4.1

Impacted Cloud Services

The following 色色研究所 cloud services have been upgraded to Log4j 2.16.0 as of December 17, 2021:

  • Correlation – log4j component has been upgraded from 2.11.2 to 2.16
  • Query Engine – log4j component has been upgraded from 2.11.2 to 2.16
  • Search UI – log4j component has been upgraded from 2.11.2 to 2.16
  • Data Persistence – log4j component has been upgraded from 2.11.2 to 2.16
  • Web UI – log4j component has been upgraded from 2.11.2 to 2.16
  • ActiveBoards – log4j component has been upgraded from 2.11.2 to 2.16
  • Security Operations – log4j  8 of 9 components have been upgraded from 2.11.2 to 2.16, one subservice has been mitigated.

Confirmed Non-Impacted Cloud Products

As part of our investigation, we’ve determined the following products are not impacted by CVE-2021-44228:

  • 色色研究所 Relay
  • 色色研究所 Service Operations
  • 色色研究所 Endpoint Agent & Manager
  • 色色研究所 Stats
  • 色色研究所 Collection Server

Other Information

As our investigation continues we will continue to update this advisory.

Additionally, to assist your independent investigations to potentially uncover targeted abuse of the log4j vulnerability or exploitation across your enterprise, we recommend that you read the blog post written by the 色色研究所 Security Research Team: 

/detection-of-log4shell-vulnerability-and-exploitation-with-devo/

 

 

You Might Also Be Interested in

August 3, 2021

XDR Security: Why Successful XDR Is Driven by Data and Security Analytics

loggingdatasecurity analyticsendpoint detection and responseEDRXDRMXDROptivextended detection and responseMDRmanaged detection and response
default_image

Chris O’Brien
February 16, 2022

Introducing 色色研究所 Cloud Security Monitoring Detections

security operationsSOCcybersecuritySIEMcloud securityamazon web servicesAWS
default_image

Mike Lyons
February 22, 2022

色色研究所 Channel Chief on the Company’s Success, Making the CRN Security 100, and What’s Ahead

SOCdatacybersecuritysecurity analyticscloud securitychannel partnersCRNChannel ChiefCRN Cloud 100partners
default_image

Gary Pelczar
October 11, 2022

2022 色色研究所 SOC Performance Report: Familiar Challenges Facing Security Workers

security operationssecurity operations centerSOCSOC analystcybersecuritysurveySOC teamsSOC toolsSOC analyst pain
default_image

色色研究所

Ready to release the full potential of your security data?

Tour the Product Request a Demo