You can leverage the current release of ArcSight ESM, Logger, and Recon to detect and monitor the Apache Log4j RCE vulnerabilities. This vulnerability can allow an attacker to execute arbitrary code by sending crafted log messages.
In the release 1.0.1.0, the Apache_Log4j_Vulnerabilities1.0.1.0 patch has updated searches in Logger/Recon and rules in ESM to support the following CVEs
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4104
ESM 7.2 and above
Logger 7.0 and above
Recon 1.2 and above
Suggested for you are based on app category, product compatibility, popularity, rating and newness. Some apps may not show based on entitlements. Learn more about entitlements.
The Apache_Log4j_Vulnerabilities1.0.1.0 patch has updated searches in Logger/Recon and rules in ESM to support the following CVEs
CVE-2021-44228
CVE-2021-45046
CVE-2021-45105
CVE-2021-4104
Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox