Advanced

Log4j Vulnerability: What You Should Know

Log4Shell demonstrated how a single flaw in a nearly ubiquitous, trusted open-source logging library could put a massive share of the internet's applications, cloud services, and even IoT...

Log4j is a logging framework for Java applications. Developers and security teams log application activity for good reasons: developers use logs for troubleshooting problems, and security analysts use logs to detect anomalies in traffic and behavior. Rather than writing custom logging code from scratch, a development team can pull in Log4j as an open-source, free library and wrap it into their code with minimal effort — it handles the logging plumbing automatically.

The irony is that a bug inside this widely trusted, "responsible coding" library is exactly what introduced one of the most severe vulnerabilities the industry has seen. The flaw discovered in Log4j is now known as Log4Shell. It allows an attacker to send a specially crafted message to a vulnerable application and, as a result of that message simply being logged, have the application execute attacker-controlled code.

Once code execution is achieved, an attacker can pivot from that single vulnerable application to move laterally elsewhere in the organization's network — turning a single logging call into a full remote code execution (RCE) and potential network compromise.

Sign in to read this course

A free account unlocks all 514 courses. 20 are readable without one.

What's inside

3 sections
  1. 1 Table of Contents
  2. 2 Module 1: Understanding the Log4Shell Vulnerability
  3. 3 Summary

More Vulnerability Briefings courses

View all 30

Interested in this course?

Contact us to book it or get a custom training plan for your team.