Help
FortiADC
FortiADC enhances the scalability, performance, and security of your applications whether they are hosted on premises or in the cloud.
ck_FTNT
Staff
Staff

Created on ‎12-21-2021 09:05 PM Edited on ‎12-22-2021 11:01 AM By Anonymous

Article Id 201693

Technical Tip: Using FortiADC to detect and block activities related to exploits of Apache Log4j2 vulnerability

 

Description

 This article describes the WAF signatures in FortiADC which can be used to detect and block attack attempts to exploit a Remote Code Execution Vulnerability in Apache Log4j2. This signature covers vulnerabilities CVE-2021-44228, CVE-2021-45046 & CVE-2021-45105.
Scope FortiADC v6.0 and later.
Solution

Update WAF signature and ensure the WAF signatures are 1.00030 or later.

 

The signature version can be verified by navigating to System > FortiGuard > FortiGuard Services.

ck_FTNT_0-1640199374275.png

 

 

For more information about this attack, see the following FortiGuard Outbreak Alert

FortiGuard Outbreak Alert - Log4j2 Vulnerability

341
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.