Update on new DoS security issue in Log4j (CVE-2021-45105)
A new Log4j attack vector can potentially lead to the Denial of Service attack and the application crash. CVE-2021-45105 has been issued (the severity for this is classified as High - 7.5).
- Wallarm Research Team has already verified that the Wallarm attack engine can detect CVE-2021-45105 exploits.
- Attempts at exploitation will be automatically blocked in a blocking mode. When working in a monitoring mode, consider creating a virtual patch
- A new fixed version of Log4j (2.17) has been published by Apache. Upgrades are highly recommended.