We have developed an IPS signature, Apache.Log4j.Error.Log.Remote.Code.Execution, with VID 51006 to address this threat. This signature has been released in IPS package (version 19.215). Please note that this is an emergency release, so the default action for this signature is set to pass at the moment. If you want this blocked, please change the action in the IPS profile.
For protection against this vulnerability, make sure that the IPS definition version is the one above. You can verify in System > FortiGuard, where you can also trigger an automated update. Once updated, alter the ips profile and change the action for this signature to block.
- Toss a 'Like' to your fixxer, oh Valley of Plenty! and chose the solution, too00oo -