Network Protection: Firewall, NAT, QoS, & IPS detect CVE-2021-44228 log4j

UTM Firewall requires membership for participation - click to join

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

detect CVE-2021-44228 log4j

Daniel Wittich over 3 years ago

Would ATP detect requests trying to exploit CVE-2021-44228 log4j?

The exploit could come via any request cotaining the string "${jndi"

This thread was automatically locked due to age.

Top Replies

SWeissflog over 3 years ago in reply to StephanG +2

Not vulnerable www.sophos.com/.../sophos-sa-20211210-log4j-rce

Parents

Amodin over 3 years ago

Astaro IPS Rules

I would keep the list URL around so you can check back regularly.

Some of you guys I think sit on CVE and refresh that site just to grab a new CVE to post it, lol. This was like... less than five days ago published.

XG 19.5 GA 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
16GB Memory | 500GB SSD HDD | GB Ethernet x5
Cancel
Vote Up +1 Vote Down

Cancel

Reply

Amodin over 3 years ago

Astaro IPS Rules

I would keep the list URL around so you can check back regularly.

Some of you guys I think sit on CVE and refresh that site just to grab a new CVE to post it, lol. This was like... less than five days ago published.

XG 19.5 GA 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
16GB Memory | 500GB SSD HDD | GB Ethernet x5
Cancel
Vote Up +1 Vote Down

Cancel

Children

Daniel Wittich over 3 years ago in reply to Amodin

I didnt know the list. verrrry useful. thanks!
Cancel
Vote Up 0 Vote Down

Cancel
StephanG over 3 years ago in reply to Daniel Wittich

More important - is the Sophos UTM itself affected?
Cancel
Vote Up +1 Vote Down

Cancel
SWeissflog over 3 years ago in reply to StephanG

Not vulnerable

www.sophos.com/.../sophos-sa-20211210-log4j-rce
Cancel
Vote Up +2 Vote Down

Cancel