A vulnerability affecting the Java Apache Log Library was released on December 10th 'Log4j 2', a tool developed by the Apache Foundation that helps software developers write log messages whose purpose is to record a particular transaction at runtime. In addition, Log4j allows you to filter messages by importance.
'Log4j 2' is a very common registration system used by web application developers and servers based on Java and other programming languages. Consequently the vulnerability affects a wide range of services and applications, including business applications and cloud services.
The danger posed by this vulnerability is that one attacker can explode-sending a malicious code that will end up being logged by Log4j and give the attacker access to the system, which will be able to run code remotely.
Actions
The CCN-CERT issued an alert on December 10 with an indicator of critical level of danger, after the vulnerability became known when it was reported by a cybersecurity engineer on github on December 9, with several waves of recommendations on December 10 and 13.
To take the verification, containment and eradication measures that are considered appropriate, the Catalan Cybersecurity Agency offers a series of recommendations that are included in the Cybersecurity Bulletin “Log4J Vulnerabilities”.
The SGAD, in relation to its own systems, has identified affected systems and applications and adopted priority mitigation measures, updates and configuration adjustments. The SGAD has addressed the COCS-CDTIC contacts calling for the application of the recommendations indicated by CCN-CERT to mitigate the vulnerability and for the SGAD to be informed of the actions taken.
