{"id":7171,"date":"2021-12-13T15:45:41","date_gmt":"2021-12-13T14:45:41","guid":{"rendered":"https:\/\/www.asecus.ch\/?p=7171"},"modified":"2021-12-21T08:43:51","modified_gmt":"2021-12-21T07:43:51","slug":"zero-day-exploit-java-library-log4j","status":"publish","type":"post","link":"https:\/\/www.asecus.ch\/en\/news\/zero-day-exploit-java-library-log4j\/","title":{"rendered":"Zero-Day Exploit &#8211; Java Library Log4j"},"content":{"rendered":"\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-1qp9h-974c7d48fa0c803956985d76f856cf21\">\n.avia-section.av-1qp9h-974c7d48fa0c803956985d76f856cf21{\nbackground-repeat:no-repeat;\nbackground-image:url(https:\/\/www.asecus.ch\/wp-content\/uploads\/2020\/08\/header-img-2.png);\nbackground-position:50% 0%;\nbackground-attachment:scroll;\n}\n<\/style>\n<div id='mobile-max-heigth'  class='avia-section av-1qp9h-974c7d48fa0c803956985d76f856cf21 main_color avia-section-default avia-no-border-styling  avia-builder-el-0  el_before_av_textblock  avia-builder-el-first  hero-container avia-bg-style-scroll av-minimum-height av-minimum-height-custom av-height-custom  container_wrap fullsize'  data-section-bg-repeat='no-repeat' data-av_minimum_height_px='250'><div class='container av-section-cont-open' style='height:250px'><main  role=\"main\" itemprop=\"mainContentOfPage\"  class='template-page content  av-content-full alpha units'><div class='post-entry post-entry-type-page post-entry-7171'><div class='entry-content-wrapper clearfix'>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kx4vtzi3-fc5daa9bed9788045a047deb4c7df7d5\">\n#top .av-special-heading.av-kx4vtzi3-fc5daa9bed9788045a047deb4c7df7d5{\npadding-bottom:0;\ncolor:#ffffff;\nfont-size:70px;\n}\nbody .av-special-heading.av-kx4vtzi3-fc5daa9bed9788045a047deb4c7df7d5 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n#top #wrap_all .av-special-heading.av-kx4vtzi3-fc5daa9bed9788045a047deb4c7df7d5 .av-special-heading-tag{\nfont-size:70px;\n}\n.av-special-heading.av-kx4vtzi3-fc5daa9bed9788045a047deb4c7df7d5 .special-heading-inner-border{\nborder-color:#ffffff;\n}\n.av-special-heading.av-kx4vtzi3-fc5daa9bed9788045a047deb4c7df7d5 .av-subheading{\nfont-size:18px;\n}\n\n@media only screen and (max-width: 479px){ \n#top #wrap_all .av-special-heading.av-kx4vtzi3-fc5daa9bed9788045a047deb4c7df7d5 .av-special-heading-tag{\nfont-size:25px;\n}\n.av-special-heading.av-kx4vtzi3-fc5daa9bed9788045a047deb4c7df7d5 .av-subheading{\ndisplay:none;\n}\n}\n\n@media only screen and (min-width: 480px) and (max-width: 767px){ \n#top #wrap_all .av-special-heading.av-kx4vtzi3-fc5daa9bed9788045a047deb4c7df7d5 .av-special-heading-tag{\nfont-size:0.8em;\n}\n}\n<\/style>\n<div  class='av-special-heading av-kx4vtzi3-fc5daa9bed9788045a047deb4c7df7d5 av-special-heading-h1 custom-color-heading blockquote modern-quote  avia-builder-el-1  avia-builder-el-no-sibling  top-special-heading av-inherit-size'><h1 class='av-special-heading-tag '  itemprop=\"headline\"  >Critical Zero-Day Exploit Log4Shell<\/h1><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div>\n<\/div><\/div><\/main><!-- close content main element --><\/div><\/div><div id='after_section_1'  class='main_color av_default_container_wrap container_wrap fullsize'  ><div class='container av-section-cont-open' ><div class='template-page content  av-content-full alpha units'><div class='post-entry post-entry-type-page post-entry-7171'><div class='entry-content-wrapper clearfix'>\n<section  class='av_textblock_section av-kdon9vit-a75c57b837ec5678aff65f78eff08161 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><div class=\"breadcrumb breadcrumbs avia-breadcrumbs\"><div class=\"breadcrumb-trail\" ><span class=\"trail-before\"><span class=\"breadcrumb-title\">You are here:<\/span><\/span> <span  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BreadcrumbList\" ><span  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ListItem\" itemprop=\"itemListElement\" ><a itemprop=\"url\" href=\"https:\/\/www.asecus.ch\/en\/\" title=\"Asecus\" rel=\"home\" class=\"trail-begin\"><span itemprop=\"name\">Home<\/span><\/a><span itemprop=\"position\" class=\"hidden\">1<\/span><\/span><\/span> <span class=\"sep\">\/<\/span> <span  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BreadcrumbList\" ><span  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ListItem\" itemprop=\"itemListElement\" ><a itemprop=\"url\" href=\"https:\/\/www.asecus.ch\/en\/news\/zero-day-exploit-java-library-log4j\/\" title=\"Zero-Day Exploit &#8211; Java Library Log4j\"><span itemprop=\"name\">Zero-Day Exploit &#8211; Java Library Log4j<\/span><\/a><span itemprop=\"position\" class=\"hidden\">2<\/span><\/span><\/span><\/div><\/div>\n<\/div><\/section>\n<\/div><\/div><\/div><!-- close content main div --><\/div><\/div>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kcom12tj-524b27619b124ade1fe89cdccca84ac0\">\n.avia-section.av-kcom12tj-524b27619b124ade1fe89cdccca84ac0{\nmargin-top:0px;\nmargin-bottom:0px;\n}\n<\/style>\n<div id='av_section_2'  class='avia-section av-kcom12tj-524b27619b124ade1fe89cdccca84ac0 alternate_color avia-section-no-padding avia-no-border-styling  avia-builder-el-3  el_after_av_textblock  el_before_av_hr  avia-bg-style-scroll container_wrap fullsize'  ><div class='container av-section-cont-open' ><div class='template-page content  av-content-full alpha units'><div class='post-entry post-entry-type-page post-entry-7171'><div class='entry-content-wrapper clearfix'>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-1magt-06e475b6cf22ffa09d392d67ae562de8\">\n.flex_column.av-1magt-06e475b6cf22ffa09d392d67ae562de8{\nborder-radius:0px 0px 0px 0px;\npadding:0px 0px 0px 0px;\n}\n<\/style>\n<div  class='flex_column av-1magt-06e475b6cf22ffa09d392d67ae562de8 av_one_full  avia-builder-el-4  avia-builder-el-no-sibling  first flex_column_div av-zero-column-padding  '     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-3x9nsk-cda711166e2e5c7fa8d11cdef49db517\">\n#top .hr.hr-invisible.av-3x9nsk-cda711166e2e5c7fa8d11cdef49db517{\nheight:30px;\n}\n<\/style>\n<div  class='hr av-3x9nsk-cda711166e2e5c7fa8d11cdef49db517 hr-invisible  avia-builder-el-5  el_before_av_textblock  avia-builder-el-first '><span class='hr-inner '><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kt2usm4y-a1eced4d1f17e1bc340e413b26f1d601 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3 class=\"av-special-heading-tag av-mini-font-size-overwrite av-mini-font-size-25\">Zero-Day Exploit Targeting Java Library Log4j<\/h3>\n<p>On Friday it was announced that there is a critical vulnerability in the Java library &#8220;Log4j&#8221;. The vulnerability is already being exploited by criminals. The vulnerability is highly critical (CVSS 10) because it can be exploited remotely by an unauthenticated attacker to execute arbitrary code.<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-3x9nsk-1e6bd49d78ea66b941844ffaf0624e1a\">\n#top .hr.hr-invisible.av-3x9nsk-1e6bd49d78ea66b941844ffaf0624e1a{\nheight:5px;\n}\n<\/style>\n<div  class='hr av-3x9nsk-1e6bd49d78ea66b941844ffaf0624e1a hr-invisible  avia-builder-el-7  el_after_av_textblock  el_before_av_image '><span class='hr-inner '><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kt2uxomw-0ff8a51f3079627baa8700a23a29219b\">\n.avia-image-container.av-kt2uxomw-0ff8a51f3079627baa8700a23a29219b img.avia_image{\nbox-shadow:none;\n}\n.avia-image-container.av-kt2uxomw-0ff8a51f3079627baa8700a23a29219b .av-image-caption-overlay-center{\ncolor:#ffffff;\n}\n<\/style>\n<div  class='avia-image-container av-kt2uxomw-0ff8a51f3079627baa8700a23a29219b av-styling- avia-align-center  avia-builder-el-8  el_after_av_hr  el_before_av_textblock '   itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" ><div class=\"avia-image-container-inner\"><div class=\"avia-image-overlay-wrap\"><img decoding=\"async\" fetchpriority=\"high\" class='wp-image-7180 avia-img-lazy-loading-not-7180 avia_image ' src=\"https:\/\/www.asecus.ch\/wp-content\/uploads\/2021\/12\/log4j_attack.jpg\" alt='' title='log4j_attack'  height=\"711\" width=\"1203\"  itemprop=\"thumbnailUrl\" srcset=\"https:\/\/www.asecus.ch\/wp-content\/uploads\/2021\/12\/log4j_attack.jpg 1203w, https:\/\/www.asecus.ch\/wp-content\/uploads\/2021\/12\/log4j_attack-300x177.jpg 300w, https:\/\/www.asecus.ch\/wp-content\/uploads\/2021\/12\/log4j_attack-1030x609.jpg 1030w, https:\/\/www.asecus.ch\/wp-content\/uploads\/2021\/12\/log4j_attack-768x454.jpg 768w\" sizes=\"(max-width: 1203px) 100vw, 1203px\" \/><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-kt2uyagl-1e91ad6cfc4a58dfc98c4b30d4635fb5 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>Image source and further information about the vulnerability: <a href=\"https:\/\/www.govcert.admin.ch\/blog\/zero-day-exploit-targeting-popular-java-library-log4j\/\" target=\"_blank\" rel=\"noopener\">https:\/\/www.govcert.admin.ch\/<\/a><\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-3x9nsk-772ef2e146f9eb459e7f0f62c06c775d\">\n#top .hr.hr-invisible.av-3x9nsk-772ef2e146f9eb459e7f0f62c06c775d{\nheight:20px;\n}\n<\/style>\n<div  class='hr av-3x9nsk-772ef2e146f9eb459e7f0f62c06c775d hr-invisible  avia-builder-el-10  el_after_av_textblock  el_before_av_textblock '><span class='hr-inner '><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kt2uyagl-1e91ad6cfc4a58dfc98c4b30d4635fb5 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>Software vendors are already analyzing whether their product are vulnerable and developing appropriate patches if necessary. As soon as we get an update from our vendors if they are vulnerable or corresponding patches are available, we will inform our customers accordingly.<\/p>\n<p><strong>Here you can find an overview of the latest information from our vendors:<\/strong><\/p>\n<\/div><\/section><br \/>\n<div class='avia-data-table-wrap av-av_table-d468729fa8178f72f522a624be40de2c avia_responsive_table avia-table-1'><table  class='avia-table avia-data-table avia_pricing_default  avia-builder-el-12  el_after_av_textblock  el_before_av_hr '  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Table\" ><tbody><tr class='avia-heading-row'><th class=''>Vendor<\/th><th class=''>Latest information<\/th><th class=''>Details<\/th><\/tr><tr class=''><td class=''>Bitglass<\/td><td class=''>Not Affected<\/td><td class=''>Not Vulnerable: Forcepoint Bitglass<\/td><\/tr><tr class=''><td class=''>Bluecat<\/td><td class=''>Affected<\/td><td class=''>Affected:<br \/>\n&#8211; BlueCat has determined that there are no un-authenticated paths to injecting log data in BlueCat Edge. Development and testing of an upgrade to the patched Log4j version are underway, but only users you have granted access to your Edge instance could exploit the vulnerability.<br \/>\n&#8211; The Java versions and default configuration used in BlueCat Integrity 9.1, 9.2, and 9.3 prevent the worst-case exploits which use an external LDAP server. Only exploits relying on pre-loaded Java classes are viable.<\/td><\/tr><tr class=''><td class=''>F5<\/td><td class=''>Not Affected<\/td><td class=''>Not vulnerable:<br \/>\n&#8211; Big-IP<br \/>\n&#8211; Big-IQ<br \/>\n&#8211; NGINX<\/td><\/tr><tr class=''><td class=''>ForcePoint<\/td><td class=''>Partially Affected<\/td><td class=''>Affected:<br \/>\n&#8211; Forcepoint NGFW Security Management Center Software (see article 38989 and associated Tech Alert)<br \/>\n&#8211; Forcepoint SMC Appliances (see article 38989 and associated Tech Alert)<br \/>\n&#8211; Forcepoint Web Security (Investigation in Progress for Remediation or Mitigation)<br \/>\n&#8211; Forcepoint DLP (see article 38992 and associated Tech Alert)<br \/>\n&#8211; Forcepoint Security Manager (see article 38991 and associated Tech Alert)<br \/>\nNot Affected:<br \/>\n&#8211; Forcepoint NGFW<br \/>\n&#8211; Forcepoint NGFW VPN Client<br \/>\n&#8211; Forcepoint Sidewinder<br \/>\n&#8211; Forcepoint Sidewinder Control Center<br \/>\n&#8211; Forcepoint Content Gateway<br \/>\n&#8211; Forcepoint One Endpoint<br \/>\n&#8211; Forcepoint DLP Endpoint<br \/>\n&#8211; Forcepoint Web Proxy Connect Endpoint<br \/>\n&#8211; Forcepoint Web Direct Connect Endpoint<br \/>\n&#8211; Forcepoint NGFW ECA Agent<br \/>\n&#8211; Forcepoint CASB Agent<br \/>\n&#8211; Forcepoint Bitglass SSE<br \/>\n&#8211; Forcepoint Cloud Security Gateway (CSG)<br \/>\n&#8211; Forcepoint Web Cloud Security Gateway<br \/>\n&#8211; Forcepoint Email Security Cloud<br \/>\n&#8211; Forcepoint User ID<br \/>\n&#8211; Forcepoint Remote Browser Isolation<br \/>\n&#8211; Forcepoint Private Access<br \/>\n&#8211; Forcepoint Advanced Malware Detection<\/td><\/tr><tr class=''><td class=''>Fortinet<\/td><td class=''>Partially Affected<\/td><td class=''>Affected:<br \/>\n-FortiAIOps &#8211; Fixed in version 1.0.2<br \/>\n-FortiCASB &#8211; Fixed on 2021-12-10<br \/>\n-FortiConverter Portal &#8211; Fixed on 2021-12-10<br \/>\n-FortiCWP &#8211; Fixed on 2021-12-10<br \/>\n-FortiEDR Cloud &#8211; Not exploitable. Additional precautionary -mitigations put in place on 2021-12-10<br \/>\n-FortiInsight &#8211; Not exploitable. Additional precautionary mitigations -being investigated.<br \/>\n-FortiIsolator &#8211; Fix scheduled for version 2.3.4<br \/>\n-FortiMonitor &#8211; Mitigations for NCM &amp; Elastiflow available<br \/>\n-FortiPortal &#8211; Fixed in 6.0.8 and 5.3.8<br \/>\n-FortiSIEM &#8211; Mitigation available<br \/>\n-ShieldX &#8211; Fix scheduled for versions 2.1 and 3.0 &#8211; ETA 2021\/12\/17<br \/>\nNot Affected:<br \/>\n-FortiADC<br \/>\n-FortiAI<br \/>\n-FortiAnalyzer<br \/>\n-FortiAP<br \/>\n-FortiAP-U<br \/>\n-FortiAuthenticator<br \/>\n-FotiCache<br \/>\n-FortiCarrier<br \/>\n-FortiClient (All versions)<br \/>\n-FortiClientEMS<br \/>\n-FortiConnect<br \/>\n-FortiConverter<br \/>\n-FortiDDoS<br \/>\n-FortiDDoS-F<br \/>\n-FortiDeceptor<br \/>\n-FortiEDR Agent<br \/>\n-FortiExtender<br \/>\n-FortiMail<br \/>\n-FortiManager<br \/>\n-FortiNAC<br \/>\n-FortiOS (includes FortiGate &amp; FortiWiFi)<br \/>\n-FortiPresence<br \/>\n-FortiProxy<br \/>\n-FortiRecorder (inlcudes FortiCamera)<br \/>\n-FortiSandbox<br \/>\n-FortiSASE<br \/>\n-FortiSOAR<br \/>\n-FortiSwitch &amp; FortiSwitchManager<br \/>\n-FortiTester<br \/>\n-FortiToken &amp; FortiToken Mobile<br \/>\n-FortiVoice (includes FortiPhone)<br \/>\n-FortiWeb<br \/>\n-FortiWLC<br \/>\n-FortiWLM<br \/>\n-FortiAnalyzer Cloud<br \/>\n-FortiClient Cloud<br \/>\n-FortiExtender Cloud<br \/>\n-FortiGate Cloud<br \/>\n-FortiGSLB Cloud<br \/>\n-FortiLAN Cloud (includes Switch &amp; AP)<br \/>\n-FortiManager Cloud<br \/>\n-FortiPenTest<br \/>\n-FortiPhish Cloud<br \/>\n-FortiToken Cloud<br \/>\n-FortiWeb Cloud<\/td><\/tr><tr class=''><td class=''>Palo Alto Networks<\/td><td class=''>PAN-OS for Panorama is affected in certain versions.<\/td><td class=''>PAN-OS for Panorama is affected in certain versions. Asecus recommends to update to the newest version 10.1 if possible. Hotfixes are still in development. Please note that the vulnerability only affects Panorama. The firewalls are not affected<br \/>\nAffected Versions:<br \/>\n&#8211; 9.0.x<br \/>\n&#8211; 9.1.x<br \/>\n&#8211; 10.0.x<br \/>\nNot affected Versions:<br \/>\n&#8211; 8.1.x.<br \/>\n&#8211; 10.1.x<\/td><\/tr><tr class=''><td class=''>Pentera<\/td><td class=''>Affected<\/td><td class=''>Affected:<br \/>\n&#8211; Pentera up to 5.0.7 is affected (a patch will be available on Monday, December 13 (Version 5.0.8)<\/td><\/tr><tr class=''><td class=''>Proofpoint<\/td><td class=''>Affected<\/td><td class=''>A critical remote code execution vulnerability affecting the popular Java logging package log4j2, CVE-2021-44228, was published on December 10, 2021. The vulnerability is also referred to as Log4Shell. Scanning and exploitation of the vulnerability began shortly after the vulnerability was disclosed.<br \/>\nProofpoint issued an internal advisory for patching all affected production and corporate environments on the day the vulnerability was disclosed. Additionally, we are conducting an internal investigation to determine if there is any impact.<br \/>\nWe are actively monitoring for new disclosures regarding indicators of compromise and attacker tactics, techniques, and protocols. Updates to this notification will be made if there are any significant changes to the available information about the threat and will be available to customers by request.<br \/>\nA patch for PPS is available (patch-0004293) in the meantime.<\/td><\/tr><tr class=''><td class=''>Swivel<\/td><td class=''>Not Affected<\/td><td class=''>Swivel is not using Log4J Version 2.<\/td><\/tr><tr class=''><td class=''>IBM QRadar<\/td><td class=''>Probably Affected<\/td><td class=''>No official communication from IBM is available at this moment.<br \/>\nHowever the two sourced links, make it seem, that QRadars is probably affected<\/td><\/tr><tr class=''><td class=''>SEPPmail<\/td><td class=''>Not Affected<\/td><td class=''>There is no Java installed on Seppmail appliances<\/td><\/tr><\/tbody><\/table><\/div><style type='text\/css'>.avia-table-1 td:nth-of-type(1):before { content: 'Vendor'; } .avia-table-1 td:nth-of-type(2):before { content: 'Latest information'; } .avia-table-1 td:nth-of-type(3):before { content: 'Details'; } <\/style><br \/>\n<div  class='hr av-3x9nsk-c3cc67b474d2d7c34aba9493f398d0c8 hr-default  avia-builder-el-13  el_after_av_table  el_before_av_textblock '><span class='hr-inner '><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kt2uyagl-1e91ad6cfc4a58dfc98c4b30d4635fb5 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p><strong>Vendors &#8211; Detail Information:<\/strong><\/p>\n<p>BlueCat: <a href=\"https:\/\/care.bluecatnetworks.com\/s\/detail\/a8B3r000000PSMgEAO\" target=\"_blank\" rel=\"noopener\">https:\/\/care.bluecatnetworks.com\/s\/detail\/a8B3r000000PSMgEAO<\/a><\/p>\n<p>F5:<a href=\"https:\/\/support.f5.com\/csp\/article\/K19026212\" target=\"_blank\" rel=\"noopener\">https:\/\/support.f5.com\/csp\/article\/K19026212<\/a><\/p>\n<p>ForcePoint: <a href=\"https:\/\/support.forcepoint.com\/s\/article\/Apache-log4j-Zero-Day-RCE-Vulnerability-CVE-2021-44228\" target=\"_blank\" rel=\"noopener\">CVE-2021-44228<\/a> &amp; <a href=\"https:\/\/support.forcepoint.com\/s\/article\/CVE-2021-44228-Java-log4j-vulnerability-mitigation-with-NGFW-Security-Management-Center\" target=\"_blank\" rel=\"noopener\">Security-Management-Center<\/a><\/p>\n<p>Fotinet:<a href=\"https:\/\/www.fortiguard.com\/psirt\/FG-IR-21-245?utm_source=blog&amp;utm_campaign=blog\" target=\"_blank\" rel=\"noopener\"> https:\/\/www.fortiguard.com\/psirt\/FG-IR-21-245?utm_source=blog&amp;utm_campaign=blog<\/a><\/p>\n<p>Palo Alto Networks: <a href=\"https:\/\/security.paloaltonetworks.com\/CVE-2021-44228\" target=\"_blank\" rel=\"noopener\">https:\/\/security.paloaltonetworks.com\/CVE-2021-44228<\/a><\/p>\n<p>Proofpoint: <a href=\"https:\/\/proofpointcommunities.force.com\/support\/kAF5Y000000sXwk?srPos=0&amp;srKp=kaF&amp;lang=en_US\" target=\"_blank\" rel=\"noopener\">https:\/\/proofpointcommunities.force.com\/support\/kAF5Y000000sXwk?srPos=0&amp;srKp=kaF&amp;lang=en_US<\/a><\/p>\n<p>IBM QRadar:<a href=\"https:\/\/www.reddit.com\/r\/QRadar\/comments\/rdhzps\/any_mitigations_in_the_works_for_the_log4j\/\" target=\"_blank\" rel=\"noopener\">https:\/\/www.reddit.com<\/a> &amp;<a href=\"https:\/\/socradar.io\/what-do-you-know-about-the-log4j-critical-vulnerability-and-what-can-we-do\/\" target=\"_blank\" rel=\"noopener\"> https:\/\/socradar.io\/<\/a><\/p>\n<\/div><\/section><br \/>\n<div  class='hr av-21uj90-1801833cff970b977727c6d61a3033da hr-default  avia-builder-el-15  el_after_av_textblock  avia-builder-el-last '><span class='hr-inner '><span class=\"hr-inner-style\"><\/span><\/span><\/div><\/p><\/div><\/div><\/div><\/div><!-- close content main div --><\/div><\/div><div id='after_section_2'  class='main_color av_default_container_wrap container_wrap fullsize'  ><div class='container av-section-cont-open' ><div class='template-page content  av-content-full alpha units'><div class='post-entry post-entry-type-page post-entry-7171'><div class='entry-content-wrapper clearfix'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kdinen91-f4a44b1e571f625e89b26160d1aa46ee\">\n#top .hr.hr-invisible.av-kdinen91-f4a44b1e571f625e89b26160d1aa46ee{\nheight:68px;\n}\n<\/style>\n<div  class='hr av-kdinen91-f4a44b1e571f625e89b26160d1aa46ee hr-invisible  avia-builder-el-16  el_after_av_section  el_before_av_textblock  avia-builder-el-first  av-mini-hide'><span class='hr-inner '><span class=\"hr-inner-style\"><\/span><\/span><\/div><\/p>\n<section  class='av_textblock_section av-kt2uyagl-1e91ad6cfc4a58dfc98c4b30d4635fb5 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>If you have any questions or need our support, do not hesitate to contact us:<\/p>\n<\/div><\/section>\n<section class=\"asecus_hubspot_contact_form_section \"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div id=\"hubspot_form\"><\/div><\/section>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kdinen91-f4a44b1e571f625e89b26160d1aa46ee\">\n#top .hr.hr-invisible.av-kdinen91-f4a44b1e571f625e89b26160d1aa46ee{\nheight:68px;\n}\n<\/style>\n<div  class='hr av-kdinen91-f4a44b1e571f625e89b26160d1aa46ee hr-invisible  avia-builder-el-19  el_after_asecus_hubspot_contact_form  avia-builder-el-last  av-mini-hide'><span class='hr-inner '><span class=\"hr-inner-style\"><\/span><\/span><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Critical Zero-Day Exploit Log4Shell&#8230;<\/p>\n","protected":false},"author":3,"featured_media":7180,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":"","footnotes":""},"categories":[182],"tags":[134,189],"class_list":["post-7171","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-highlighted-en","tag-news-en"],"_links":{"self":[{"href":"https:\/\/www.asecus.ch\/en\/wp-json\/wp\/v2\/posts\/7171","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.asecus.ch\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.asecus.ch\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.asecus.ch\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.asecus.ch\/en\/wp-json\/wp\/v2\/comments?post=7171"}],"version-history":[{"count":0,"href":"https:\/\/www.asecus.ch\/en\/wp-json\/wp\/v2\/posts\/7171\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.asecus.ch\/en\/wp-json\/wp\/v2\/media\/7180"}],"wp:attachment":[{"href":"https:\/\/www.asecus.ch\/en\/wp-json\/wp\/v2\/media?parent=7171"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.asecus.ch\/en\/wp-json\/wp\/v2\/categories?post=7171"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.asecus.ch\/en\/wp-json\/wp\/v2\/tags?post=7171"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}