Vulnerability Management
Dec 16, 2021

Log4Shell – Do you know what you don’t know?

Is it just me or is the announcement of a significant CVE becoming a holiday tradition? Discovered on December 9, 2021 by Minecraft players, the Apache Log4Shell vulnerability is uniquely insidious because it infects servers which are traditionally well insulated from attacks, perceived as unreachable by intruders, and not at risk for CVEs. Log4Shell is an […]

Is it just me or is the announcement of a significant CVE becoming a holiday tradition? Discovered on December 9, 2021 by Minecraft players, the Apache Log4Shell vulnerability is uniquely insidious because it infects servers which are traditionally well insulated from attacks, perceived as unreachable by intruders, and not at risk for CVEs. Log4Shell is an entirely different can of worms that proves this assumption wrong.


Using simple text-based chats, Log4Shell essentially gives bad actors the keys to your kingdom by enabling them to download anything web accessible and gain ACE (arbitrary code execution) privileges. At that point, Java reads the log entry as a command and executes it, empowering bad actors to download anything that is network accessible from the infected host.


You’ve probably updated your software and even investigated the vendors you think may have been vulnerable. That means that your network is safe today, but how do you know what was previously at risk? Without historical snapshots and diffing capabilities, you don’t. And that means you may actually still be exposed.

Identify Log4Shell Exposure In Seconds 

READ THE FORWARD USE CASE


Forward Networks customers are not guessing – they are using Forward Enterprise to verify if all hosts, including the ones potentially breached, can communicate with the Internet. Consequently, those hosts that are Internet accessible are the ones that need to be immediately looked at and remediated. Using the blast radius feature, Forward customers can determine in seconds where in the infrastructure compromised end-hosts can and could have reached. Additionally, the network snapshots collected over time provide the necessary data to identify all devices that may have been previously infected or communicated with an infected host.


Forward Networks does not use Log4j in our shipping software (including past versions). If you are a Forward Networks customer and have additional questions, please contact your Customer Support Architect or email support@forwardnetworks.com.

Do you have any comments for us? Share them on social media

Fabrizio Maccioni

Fabrizio Maccioni is the Director of Technical Marketing at Forward Networks. Fabrizio focuses on Network Device Programmability, Automation, and Application Hosting.

Subscribe to our newsletter

Make sure you don't miss a post by signing up here for our monthly 'Moving Forward' newsletter

Related Posts

Browse all posts
Top cross linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram