2021-12-11 13:13:16 +07:00
|
|
|
# Zero-Day CVE-2021-44228 (Log4J Java Library)
|
2021-12-11 10:33:33 +07:00
|
|
|
Details: [https://cubetiq.atlassian.net/browse/CERT-1](https://cubetiq.atlassian.net/browse/CERT-1)
|
|
|
|
|
|
|
|
***Resolved***
|
|
|
|
```text
|
|
|
|
Upgrade log4j to version: 2.15.0
|
|
|
|
```
|
|
|
|
|
|
|
|
### Spring Boot
|
|
|
|
##### Gradle Kotlin DSL (build.gradle.kts) (Gradle Multiple Modules)
|
|
|
|
```kts
|
|
|
|
allprojects {
|
2021-12-11 13:13:16 +07:00
|
|
|
// Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
|
2021-12-11 10:33:33 +07:00
|
|
|
ext["log4j2.version"] = "2.15.0"
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
##### Gradle Kotlin DSL (build.gradle.kts) (Gradle Single Module)
|
|
|
|
```kts
|
2021-12-11 13:13:16 +07:00
|
|
|
// Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
|
2021-12-11 10:33:33 +07:00
|
|
|
implementation(platform("org.apache.logging.log4j:log4j-bom:2.15.0"))
|
|
|
|
```
|
|
|
|
***Or***
|
|
|
|
```kts
|
2021-12-11 13:13:16 +07:00
|
|
|
// Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
|
2021-12-11 10:33:33 +07:00
|
|
|
ext["log4j2.version"] = "2.15.0"
|
|
|
|
```
|
|
|
|
|
|
|
|
##### Gradle DSL (build.gradle) (Gradle Multiple Modules)
|
|
|
|
```gradle
|
|
|
|
allprojects {
|
|
|
|
ext {
|
2021-12-11 13:13:16 +07:00
|
|
|
// Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
|
2021-12-11 10:33:33 +07:00
|
|
|
set('log4j2.version', '2.15.0')
|
|
|
|
}
|
|
|
|
}
|
|
|
|
```
|
|
|
|
***Or***
|
|
|
|
```kts
|
|
|
|
ext {
|
2021-12-11 13:13:16 +07:00
|
|
|
// Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
|
2021-12-11 10:33:33 +07:00
|
|
|
set('log4j2.version', '2.15.0')
|
|
|
|
}
|
|
|
|
```
|
2021-12-11 10:40:59 +07:00
|
|
|
|
|
|
|
# Check vulnerabilities in Nginx Web Server
|
|
|
|
```bash
|
|
|
|
sudo cat /var/log/nginx/access.log | grep '${jndi:'
|
|
|
|
```
|
2021-12-11 13:55:00 +07:00
|
|
|
|
|
|
|
### Blacklist IP Addresses
|
|
|
|
```
|
|
|
|
62.210.130.250
|
|
|
|
45.155.205.233
|
|
|
|
45.137.21.9
|
|
|
|
75.76.121.218
|
2021-12-13 08:28:35 +07:00
|
|
|
167.99.80.0/20
|
|
|
|
104.248.48.0/20
|
|
|
|
163.172.157.143
|
|
|
|
172.111.48.30
|
|
|
|
45.130.229.168
|
|
|
|
167.71.0.0/20
|
2021-12-13 14:07:58 +07:00
|
|
|
193.3.19.159
|
|
|
|
45.83.64.1
|
2021-12-11 13:55:00 +07:00
|
|
|
```
|