CVE-2021-44228.md

Zero-Day CVE-2021-44228 (Log4J Java Library)

Details: https://cubetiq.atlassian.net/browse/CERT-1

Resolved

Upgrade log4j to version: 2.15.0

Spring Boot

Gradle Kotlin DSL (build.gradle.kts) (Gradle Multiple Modules)

allprojects {
    // Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
    ext["log4j2.version"] = "2.15.0"
}

Gradle Kotlin DSL (build.gradle.kts) (Gradle Single Module)

// Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
implementation(platform("org.apache.logging.log4j:log4j-bom:2.15.0"))

Or

// Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
ext["log4j2.version"] = "2.15.0"

Gradle DSL (build.gradle) (Gradle Multiple Modules)

allprojects {
    ext {
        // Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
        set('log4j2.version', '2.15.0')
    }
}

Or

ext {
    // Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
    set('log4j2.version', '2.15.0')
}

Check vulnerabilities in Nginx Web Server

sudo cat /var/log/nginx/access.log | grep '${jndi:'

Blacklist IP Addresses

62.210.130.250
45.155.205.233
45.137.21.9
75.76.121.218
167.99.80.0/20
104.248.48.0/20
163.172.157.143
172.111.48.30
45.130.229.168
167.71.0.0/20
193.3.19.159
45.83.64.1
167.172.44.255
45.83.193.150
195.54.160.149
167.99.32.139
159.65.216.0/21
157.245.96.0/20
115.144.122.0/24
192.241.192.0/19
195.54.160.0/23
66.240.192.0/18
209.141.32.0/19
136.144.41.0/24
198.98.48.0/20
192.35.168.0/23
134.209.80.0/20
185.189.182.0/24
49.143.32.0/24
177.75.208.0/20
185.224.139.151
31.131.16.127