# Zero-Day CVE-2021-44228 (Log4J Java Library)
Details: [https://cubetiq.atlassian.net/browse/CERT-1](https://cubetiq.atlassian.net/browse/CERT-1)

***Resolved***
```text
Upgrade log4j to version: 2.15.0
```

### Spring Boot
##### Gradle Kotlin DSL (build.gradle.kts) (Gradle Multiple Modules)
```kts
allprojects {
    // Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
    ext["log4j2.version"] = "2.15.0"
}
```

##### Gradle Kotlin DSL (build.gradle.kts) (Gradle Single Module)
```kts
// Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
implementation(platform("org.apache.logging.log4j:log4j-bom:2.15.0"))
```
***Or***
```kts
// Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
ext["log4j2.version"] = "2.15.0"
```

##### Gradle DSL (build.gradle) (Gradle Multiple Modules)
```gradle
allprojects {
    ext {
        // Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
        set('log4j2.version', '2.15.0')
    }
}
```
***Or***
```kts
ext {
    // Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
    set('log4j2.version', '2.15.0')
}
```

# Check vulnerabilities in Nginx Web Server
```bash
sudo cat /var/log/nginx/access.log | grep '${jndi:'
```

### Blacklist IP Addresses
```
62.210.130.250
45.155.205.233
45.137.21.9
75.76.121.218
```