{"id":35864,"date":"2022-03-09T14:39:20","date_gmt":"2022-03-09T06:39:20","guid":{"rendered":"https:\/\/greycortex.hk\/?p=35864"},"modified":"2022-03-09T14:42:26","modified_gmt":"2022-03-09T06:42:26","slug":"greycortex-releases-security-update-to-patch-apache-log4j-vulnerability","status":"publish","type":"post","link":"https:\/\/greycortex.hk\/zh\/2022\/03\/09\/greycortex-releases-security-update-to-patch-apache-log4j-vulnerability\/","title":{"rendered":"GREYCORTEX Releases Security Update to Patch Apache Log4j Vulnerability"},"content":{"rendered":"<div data-elementor-type=\"wp-post\" data-elementor-id=\"35864\" class=\"elementor elementor-35864\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-2123b5c3 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"2123b5c3\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-61fc7f3c\" data-id=\"61fc7f3c\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-7031f60c elementor-widget elementor-widget-text-editor\" data-id=\"7031f60c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p class=\"anotation\"><span class=\"caps\">GREYCORTEX<\/span>\u00a0is actively responding to the reported high severity vulnerability (<span class=\"caps\">CVE-2021<\/span>\u2009\u2013\u200944228) that was found in the Apache Log4j library. All Mendel installations deployed in the last few years are vulnerable to this vulnerability. The new version, 3.8.0, which will be released in the upcoming days, is not affected and current versions 3.7.x and 3.6.x have now been covered with security updates.<\/p><h3>Background<\/h3><p>A high severity vulnerability (<span class=\"caps\">CVE-2021<\/span>\u2009\u2013\u200944228) impacting multiple versions of the Apache Log4j 2\u00a0utility was disclosed publicly via the project\u2019s GitHub on December 9, 2021. The vulnerability impacts Apache Log4j 2\u00a0versions 2.0 to 2.14.1.<\/p><p>Log4j is used as a\u00a0component of our\u00a0<span class=\"caps\">GREYCORTEX<\/span>\u00a0Mendel product. More information on the vulnerability can be found in the links\u00a0below.<\/p><p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-44228\"><span class=\"caps\">CVE-2021<\/span>\u2009\u2013\u200944228 Detail (<span class=\"caps\">NIST<\/span>)<\/a><\/p><p><a href=\"https:\/\/securelist.com\/cve-2021-44228-vulnerability-in-apache-log4j-library\/105210\/\"><span class=\"caps\">CVE-2021<\/span>\u2009\u2013\u200944228 vulnerability in Apache Log4j library (SecureList)<\/a><\/p><h3>Is my Mendel deployment vulnerable?\u00a0<\/h3><p>All Mendel installations deployed in the last few years are affected by this vulnerability but the vulnerable part of the Mendel deployment is\u00a0<span class=\"caps\">NOT<\/span>\u00a0exposed to a\u00a0direct Internet connection.<\/p><h3>What can I\u00a0do to mitigate and resolve this\u00a0issue?<\/h3><p><span class=\"caps\">GREYCORTEX<\/span>\u00a0has actively responded to the reported remote code execution vulnerability in the Apache Log4j 2\u00a0Java library, dubbed Log4Shell (or LogJam). We have investigated and taken action regarding our product\u00a0<span class=\"caps\">GREYCORTEX<\/span>\u00a0Mendel. The new version 3.8.0, which will be released in the upcoming days, is not affected and current versions 3.7.x and 3.6.x are now covered with security updates, which are automatically distributed through the update server.<\/p><p>Older systems will not be patched, customers who are using older versions are strongly advised to upgrade.<\/p><p>Mitigations: if you are not able to upgrade to the newer version or your Mendel instance does not have access to the update server, then please restrict access to Mendel via your firewall settings. It is recommended to restrict access only to a\u00a0trustworthy\u00a0<span class=\"caps\">IP<\/span>\u00a0address range, also for normal operations.<\/p><h3>How can I\u00a0find out if my Mendel system or other systems of our customers have been compromised?<\/h3><p>Mendel includes a\u00a0set of detection rules that can detect whether a\u00a0vulnerability in the Apache Log4j logging framework has been exploited to attack the Mendel system itself or other systems in your infrastructure. These rules are automatically available through the\u00a0<span class=\"caps\">GREYCORTEX<\/span>\u00a0update server. If your Mendel instance or your customer instance is online, these signatures will be added to it automatically.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>GREYCORTEX\u00a0is actively responding to the reported high severity vulnerability (CVE-2021\u2009\u2013\u200944228) that was found in the Apache Log4j library. All Mendel installations deployed in the last few years are vulnerable to this vulnerability. The new version, 3.8.0, which will be released in the upcoming days, is not affected and current versions 3.7.x and 3.6.x have now [&hellip;]<\/p>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":"","advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_post_was_ever_published":false},"categories":[28,20,21],"tags":[27,22],"class_list":["post-35864","post","type-post","status-publish","format-standard","hentry","category-28","category-greycortex","category-press-release","tag-27","tag-greycortex"],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/paZ0Rf-9ks","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/greycortex.hk\/zh\/wp-json\/wp\/v2\/posts\/35864","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/greycortex.hk\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/greycortex.hk\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/greycortex.hk\/zh\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/greycortex.hk\/zh\/wp-json\/wp\/v2\/comments?post=35864"}],"version-history":[{"count":2,"href":"https:\/\/greycortex.hk\/zh\/wp-json\/wp\/v2\/posts\/35864\/revisions"}],"predecessor-version":[{"id":35866,"href":"https:\/\/greycortex.hk\/zh\/wp-json\/wp\/v2\/posts\/35864\/revisions\/35866"}],"wp:attachment":[{"href":"https:\/\/greycortex.hk\/zh\/wp-json\/wp\/v2\/media?parent=35864"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/greycortex.hk\/zh\/wp-json\/wp\/v2\/categories?post=35864"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/greycortex.hk\/zh\/wp-json\/wp\/v2\/tags?post=35864"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}