{"id":2652,"date":"2023-10-04T14:30:37","date_gmt":"2023-10-04T14:30:37","guid":{"rendered":"http:\/\/172.105.17.27\/?p=2652"},"modified":"2023-10-05T13:26:29","modified_gmt":"2023-10-05T13:26:29","slug":"log4j-vulnerability","status":"publish","type":"post","link":"https:\/\/www.blesk.ca\/fr\/2023\/10\/04\/log4j-vulnerability\/","title":{"rendered":"Log4j Vulnerability"},"content":{"rendered":"<div class=\"fusion-fullwidth fullwidth-box fusion-builder-row-1 fusion-flex-container nonhundred-percent-fullwidth non-hundred-percent-height-scrolling\" style=\"--awb-border-radius-top-left:0px;--awb-border-radius-top-right:0px;--awb-border-radius-bottom-right:0px;--awb-border-radius-bottom-left:0px;--awb-flex-wrap:wrap;\" ><div class=\"fusion-builder-row fusion-row fusion-flex-align-items-flex-start fusion-flex-content-wrap\" style=\"max-width:1310.4px;margin-left: calc(-4% \/ 2 );margin-right: calc(-4% \/ 2 );\"><div class=\"fusion-layout-column fusion_builder_column fusion-builder-column-0 fusion_builder_column_1_1 1_1 fusion-flex-column\" style=\"--awb-bg-blend:overlay;--awb-bg-size:cover;--awb-width-large:100%;--awb-margin-top-large:0px;--awb-spacing-right-large:1.92%;--awb-margin-bottom-large:0px;--awb-spacing-left-large:1.92%;--awb-width-medium:100%;--awb-spacing-right-medium:1.92%;--awb-spacing-left-medium:1.92%;--awb-width-small:100%;--awb-spacing-right-small:1.92%;--awb-spacing-left-small:1.92%;\"><div class=\"fusion-column-wrapper fusion-flex-justify-content-flex-start fusion-content-layout-column\"><div class=\"fusion-text fusion-text-1 fusion-text-no-margin\" style=\"--awb-font-size:19px;--awb-line-height:1.8em;--awb-margin-bottom:50px;\"><p>A vulnerability with the Java Log4j extension was announced this weekend.<\/p>\n<p>Log4j is a Java-based logging audit framework used by bl\u00ebsk for the Event Log Manager (ELM) application.<\/p>\n<p>This critical flaw (Level 10 on a scale of 10), affects the majority of large companies offering web solutions and\/or having a web infrastructure or being accessible through the web are affected.<\/p>\n<p>The vulnerability number is <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-44228\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2021-44228<\/a>.<\/p>\n<p>There are also alternatives to mitigate the behavior of the vulnerability on bl\u00ebsk that follows.<\/p>\n<p>1 \u2013 In CLI with the superuser \u201croot\u201d, edit the file \/etc\/logstash\/log4j2.properties<\/p>\n<p>2 \u2013 Add to the end of this file the following line: log4j2.formatMsgNoLookups = true<\/p>\n<p>3 \u2013 Restart the service with the following command: \/etc\/init.d\/logstash restart<\/p>\n<p>Feel free to contact bl\u00ebsk support if you have any questions.<\/p>\n<\/div><\/div><\/div><\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>A vulnerability with the Java Log4j extension was announced this weekend.<br \/>\nLog4j is a Java-based logging audit framework used by bl\u00ebsk for the Event Log Manager (ELM) application.<\/p>","protected":false},"author":2,"featured_media":2653,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-2652","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blesk-tech-talk"],"_links":{"self":[{"href":"https:\/\/www.blesk.ca\/fr\/wp-json\/wp\/v2\/posts\/2652","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.blesk.ca\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.blesk.ca\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.blesk.ca\/fr\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.blesk.ca\/fr\/wp-json\/wp\/v2\/comments?post=2652"}],"version-history":[{"count":5,"href":"https:\/\/www.blesk.ca\/fr\/wp-json\/wp\/v2\/posts\/2652\/revisions"}],"predecessor-version":[{"id":2708,"href":"https:\/\/www.blesk.ca\/fr\/wp-json\/wp\/v2\/posts\/2652\/revisions\/2708"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.blesk.ca\/fr\/wp-json\/wp\/v2\/media\/2653"}],"wp:attachment":[{"href":"https:\/\/www.blesk.ca\/fr\/wp-json\/wp\/v2\/media?parent=2652"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.blesk.ca\/fr\/wp-json\/wp\/v2\/categories?post=2652"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.blesk.ca\/fr\/wp-json\/wp\/v2\/tags?post=2652"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}