Apache Log4j Vulnerabilities

181214

Micro Focus Micro Focus Community

App Support Tiers

MICRO FOCUS SUPPORTED

Support via Micro Focus Software Support, with a ticket filed against the associated product.

PARTNER

Micro Focus offers a content partnership program for select partners. Support for Partner Content offerings is provided by the partner and not by Micro Focus of the Micro Focus community.

MICRO FOCUS COMMUNITY

Micro Focus Community Content is provided by Micro Focus for the benefit of customers, support for it is not available via Micro Focus Software Support but through specific community content forums.

COMMUNITY

Community Contributed Content is provided by Micro Focus customers and supported by them.

EARLY ACCESS

Show less ...Show more

The downloads referenced under the "CyberRes Early Access" category are made available to subscribers to mitigate time-critical issues but have not undergone formal quality and performance testing associated with official Micro Focus/CyberRes product releases. Micro Focus has a multi-stage Quality Assurance process. During Stage 1 we conduct a resource analysis, field mapping, ensure content level 1 functionality and analysis in our sandbox environment. Stage 2 is a complete validation including production validation. This package has cleared Stage 1 validation and therefore should be deployed with the appropriate pre-production validation. Micro Focus strongly recommends that any downloaded content is first checked and tested thoroughly in a non-production environment before committing to production. We welcome feedback and, should any content be shown to be faulty, detrimental or carry an incorrect claim of authorship, we shall endeavor to remove or correct such content as promptly as reasonably possible once notified and validated.

Micro Focus | Micro Focus Community

Content to detect and monitor the Apache Log4j RCE vulnerability identified as CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, CVE-2021-4104 leveraging current release of ArcSight ESM, Logger, and Recon.

704 downloads

Description

You can leverage the current release of ArcSight ESM, Logger, and Recon to detect and monitor the Apache Log4j RCE vulnerabilities. This vulnerability can allow an attacker to execute arbitrary code by sending crafted log messages.

In the release 1.0.1.0, the Apache_Log4j_Vulnerabilities1.0.1.0 patch has updated searches in Logger/Recon and rules in ESM to support the following CVEs

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4104