Learn about privacy, security, and anonymity with the help of these articles.

How to secure your server for any log4j vulnerabilities

December 21, 2021

In this blog, I will show you how to fast check, If your server could be vulnerable to CVE-2021-44228 (the log4j vulnerability). It does not give a 100% proof, that you are not vulnerable, but it gives a hint if it is possible, that you could be vulnerable.

Download the log4j scanner: https://github.com/rubo77/log4j_checker_beta

Errors:

Be aware, It could give false positives like those of ElasticSearch.

See: https://www.elastic.co/guide/en/elasticsearch/reference/current/release-notes-7.16.1.html

Security Updates:
A high severity vulnerability (CVE-2021-44228) for Apache Log4j 2 versions 2.0 to 2.14 was disclosed publicly on the project’s GitHub on December 9, 2021.

Here is my example of one my servers: