• 2021-44228

• Dec 10, 2021

• Critical

Recently, a zero-day vulnerability (CVE-2021-44228) was discovered in the popular Apache Log4j logging library, which could allow an attacker full remote code execution. There is evidence that this vulnerability is being exploited in the wild. This logging library is commonly used by enterprise apps and cloud services, with many enterprise deployments supporting private apps. Apache has since released a security update, and provided recommended configurations for earlier versions that mitigates the vulnerability’s impact, and we strongly encourage all IT admins to update their software immediately if you haven’t already done so.

Zscaler has confirmed no impact to its services from the CVE-2021-44228 vulnerability.

Security researchers at Alibaba Cloud discovered a zero-day vulnerability, meaning without an emergency security update, every customer running a vulnerable version is at risk. Not only this, but the vulnerability allows full remote code execution, allowing full administrator access to the underlying Apache service and all data within it. In order to exploit this vulnerability, an attacker must first find the app itself. To stop attackers from doing so:

• Minimize your attack surface and  make apps invisible
• Minimize your attack surface and make apps invisible
• Ensure only authorized users can access apps
• Prevent lateral movement with user-to-app and app-to-app microsegmentation
• Inspect both inbound and outbound traffic.

If you want to protect your enterprise from zero-day vulnerabilities, retire your firewalls and VPNs and embrace a true zero trust architecture with the Zscaler Zero Trust Exchange.