Polonious is not affected by the log4j vulnerability

Polonious is not affected by the log4j vulnerability

A zero-day exploit for Apache Log4j utility (CVE-2021-44228) was made public on December 9, 2021 that can result in remote code execution.

The Polonious team immediately started an assessment of our code base and can confirm that the Polonious system is not affected by this vulnerability.

TL;DR

We have scanned our source code and no references to the class org/apache/logging/log4j/core/lookup/JndiLookup.class which introduced the vulnerabiliy was found.

We also confirmed that we are not including the library log4j-core (where above class is included) in our source code.

Some newer components of Polonious use the log4j-api library with an underlying implementation of Logback, which is not affected by this vulnerability.

Additionally all KNOX-grade Polonious clients have Cloudflare Web Application Firewall to stop any attempts to exploit this vulnerability. See this blog for further details.

Our SIEM solution Cyflare also supports detection of any exploits for additional peace of mind.

Security is of utmost importance at Polonious and we do everything to keep your data safe.

If you have any further questions, don’t hesitate to reach out to our support team.

 

SIU Insights report 2021How do you compare to other SIUs?

Check out some interesting results from our SIU management survey. Submit below form to receive the download link and related updates going forward.

GICOP changes 2021Download the GICOP whitepaper and stay compliant.

Our whitepaper covers all aspects you need to know to stay compliant with the latest GICOP changes coming into effect in 2021. Submit below form to receive the download link and related updates going forward.