In light of the publicly announced CVE-2021-44228, also known as Log4j, ADS has proactively gathered some resources in an attempt to help guide you through what the potential impact would be to your environments. Log4j is used in many forms of enterprise and open-source software, including cloud platforms, web applications, and email services, meaning that there’s a wide range of software that could be at risk from attempts to exploit the vulnerability.

Below please find a brief listing of known affected applications along with vendor links where the outlined information would assist with performing a self-assessment to determine impact.

Known Affected Applications:

  • Apache Struts
  • Apache Solr
  • Apache Druid
  • Apache Flink
  • ElasticSearch
  • Flume
  • Apache Dubbo
  • Logstash
  • Kafka
  • Spring-Boot-starter-log4j

Partner vendor responses around the vulnerability and potential mitigation steps:

We hope you find these resources helpful. Please reach out to your ADS account manager if you’d like to schedule a technical review of your environment!

Wishing You a Happy & Secure Holiday Season,

Atlantic Data Security



Our Latest Articles

Apple's Zero-Day Vulnerabilities

Threat Mitigation

49ers’ Attacked by Ransomware

Blog Threat Mitigation

Skybox Security Partner of the the Year Award: Press Release

Award

A Year of Breaches

Assessments Blog Threat Mitigation

Atlantic Data Security Log4j Resource Guide

Threat Mitigation

Breaking Down the MITRE ATT&CK Framework

Assessments Award Servers Threat Mitigation
Request a Meeting with Us
Skip to content