December 2021

How to protect my cloud workloads (Log4Shell)

Log4shell, how to protect my cloud workloads

Update 22/12: 2 new vulnerabilities have been identify. Those vulnerabilities are also impacting the initial patchs (2.15.0 and 2.16.0): CVE-2021-45105 : Risk of Denial of Service (DOS) CVE-2021-45046 : Risk of information leak and remote code execution in some environments and local code execution in all environments Update 22/12: Updated table assessing the risks at

Log4shell, how to protect my cloud workloads Read More »

Log4j Vulnerability

Log4j vulnerability (CVE-2021-44228)

On December 10th, a group of security researchers published a security notice regarding a vulnerability in Log4j. Log4j is a library commonly used in Java environment to manage logging. Log4j versions 2.0 to 2.14.1 are affected by a vulnerability that may lead to remote code execution (RCE). Older versions of Log4j (1.X) might also be

Log4j vulnerability (CVE-2021-44228) Read More »