Go to All Forums

Identify Log4j vulnerability in your applications using our APM Insight Java agent

On December 9, 2021, a new critical vulnerability CVE-2021-4422, also known as Log4Shell, was discovered in the popular Java logging library Log4j versions 2.0 to 2.14.1 that permits remote code execution (RCE), allowing attackers to execute arbitrary code on the host.

How vulnerable are your applications?

This vulnerability provides the loophole for attackers to execute codes remotely on any target computer that runs Log4j. It has also affected a few businesses by giving attackers the ability to hack systems, steal data, and install malware.

How does Site24x7 help businesses protect themselves?

Site24x7's top priority remains the security of our clients and products. In light of the recently discovered Log4j vulnerability (CVE-2021-44228), we have released a new version of APM Insight Java Agent that will detect if your application contains the Log4j vulnerability and notify you if so.

To avoid CVE 2021-44228 in your application, it is recommended that you update your Log4j library version to 2.17 or higher.

Here's a quick look at how we detect and alert you if your application is vulnerable to Log4j.

Log4j vulnerability notification in APM Insight Java agent

Not using Site24x7 yet? You can sign up now for a free, 30-day trial.

Java Agent installation

  1. Download and install the latest version of the Site24x7 APM Insight Java Agent based on the application server being used.
  2. Once the agent is installed, you can view the application monitor under APM > APM Insight > Applications.

Install this agent and test your applications for Log4j vulnerabilities. Fix them quickly to maintain a secure IT environment. Please leave your feedback in the comments section below.


Regards,
The Site24x7 team

 

Like (1) Reply
Replies (2)

Re: Identify Log4j vulnerability in your applications using our APM Insight Java agent

This is very helpful!

And it would be even better if it finds the current spring4shell vulnerabilities.

Challenge accepted? ;)

Regards, Torsten

Like (0) Edit Delete Reply

Re: Re: Identify Log4j vulnerability in your applications using our APM Insight Java agent

Thank you, Torsten.

Yes, we are also working on detecting Spring4shell vulnerabilities using our APM Insight Java agent. Soon, you'll be able to see the same in our product:)

We will keep you posted in this thread.

 

Regards,
Priya
Site24x7 Team

Like (0) Reply

Was this post helpful?