Live Virtual Event: AI & LLM: How Secure Are Your Generative Sheep? Dec 4, 2024
Learn More

Log4Shell Vulnerability: CVE-2021-44228 FAQs and Resources

Discover up-to-date information, tools, and assistance to help you get a handle on the Log4Shell vulnerability

What is Log4Shell?

Log4j2 is a ubiquitous library used by millions for Java applications. Created by Ceki Gülcü, the library is part of the Apache Software Foundation’s Apache Logging Services project.

What is Log4Shell Vulnerability: CVE-2021-44228?

An exploit for a critical zero-day vulnerability affecting Apache Log4j2 known as Log4Shell was disclosed on December 9, 2021. All versions of Log4j2 versions >= 2.0-beta9 and <= 2.15.0 are affected by this vulnerability. This vulnerability is actively being exploited in the wild.

The vulnerability, when exploited, results in remote code execution on the vulnerable server with system-level privileges. As a result, it is rated at CVSS v3 score of 10.0.

VIDEO

How to Run a Log4Shell Vulnerability Scan

Watch the video

VIDEO

Qualys Web Application Scanning Log4Shell Detection

Watch the video

WEBINAR

Live Demonstration: Effectively Detect and Remediate Log4Shell (Jan 4, 2022)

Watch the webinar

FREE SERVICE

Quickly Detect Vulnerabilities In Your External Attack Surface

Click Here to Start

Latest Updates

January 14, 2022 3:00 PM ET

January 11, 2022 2:00 PM ET

December 29, 2021 3:00 PM ET

  • New QIDs to address CVE-2021-44832 were released on December 29, 2021, at 3 PM ET with VULNSIGS-2.5.366-2 or later. Please review Qualys KB for CVE-2021-44832 to find all QIDs for this CVE.

December 22, 2021 7:53 PM ET

  • A bug in external scanners could result in false negatives when unauthenticated Log4Shell scans were run with external scanners. This issue is now resolved, and the fix will be rolled out by 11 PM ET today.

December 22, 2021 5:55 AM ET

  • Added information about new rule and dashboard in CSAM to quickly figure out the vulnerable software and hosts.

December 20, 2021 1:00 PM ET

  • Qualys is aware of false negatives for QID 376160, 376195 and 376193. They read the file generated by the Qualys Log4j Scan Utility and the signatures for addressing them are released at 1 PM ET on Dec 20th. They are part of VULNSIGS-2.5.359-3 or later.

December 18, 2021 9:00 PM ET

  • Two new QIDs (376194, 376195) to address CVE-2021-45105 (Log4j < 2.17) were released at 9 PM ET on Dec 18th. They are part of VULNSIGS-2.5.357-9 or later.

View all updates

Log4Shell Vulnerability Resources

Detect, Protect, and Response to Log4Shell exploits with Qualys applications

CyberSecurity Asset Management

Find and manage cybersecurity risks in IT assets. Qualys CSAM continuously inventories assets, applies business criticality and risk context, detects security gaps, and responds with appropriate actions to mitigate risk.

Learn more

Endpoint Detection and Response

Accurately detect and respond to attacks across all endpoints. Qualys Multi-Vector EDR brings a new multi-vector approach to EDR, providing vital context and full visibility into the entire attack chain – from prevention to detection to response.

Learn more

Patch Management

Streamline and accelerate vulnerability remediation for all your IT assets. Qualys Patch Management automatically correlates vulnerabilities to patch deployments so you can remediate quickly, proactively, and consistently.

Learn more

Enterprise TruRisk Platform Status

We are continuously monitoring all our environments for any indication of active threats and exploits. With these measures, we are confident that necessary mitigations and remediation are in place to block and prevent any exploits of Log4j RCE and there is no impact on Qualys scanners, Cloud Agent, systems or customer data. We will continue to monitor our environment round the clock and implement additional measures as required.