4-Steps Protection To Mitigate Log4j CVE Vulnerability | Fix Log4Shell

There are generally three Log4j, aka log4shell designated CVE-2021-44228 by MITRE, vulnerability mitigation plans that can be considered implementing as soon as possible to protect systems and applications from this Log4j vulnerability:

  • Shield all of your applications
  • Patch Log4j libraries
  • Turn off the vulnerable capabilities

Mitigating log4j vulnerability plan #1: Shield all of your applications

Mitigating log4j vulnerability plan #2: Patch Log4j libraries

Mitigating log4j vulnerability plan #3:Turn off the vulnerable capabilities

Mitigating log4j vulnerability plan #4: Identifying Log4j vulnerable Application systems

How To Detect and Mitigate the Log4Shell Vulnerability (CVE-2021-44228 & CVE-2021-45046)

  1. Get Log4Shell or log4j information
  2. Analyze and assess in case your application have been impacted by Log4Shell
  3. Mitigate log4j

Get log4j(log4shell) information

  • Assess if application have been impacted by Log4j (log4shell)
  • Implement log4j mitigation plan

    Run log4shell Scanner

    disable the use of JNDI message lookups

    on-the-fly Hotpatching using a Java agent

    Leave a Comment

    Your email address will not be published.

    This site uses Akismet to reduce spam. Learn how your comment data is processed.

    Scroll to Top