In Response to the Log4j Vulnerability: Radiflow’s Products are Safe
Dec 13, 2021 | Radiflow team
The newly-reported Log4j vulnerability affects the widely used library Log4j which was created by Apache, the most widely used web server. The Log4j vulnerability allows remote code execution by simply typing a specific string into a textbox. It works on every program using the Log4j library. The severity for this vulnerability was marked as critical.
After internal analysis we are able to verify that Radiflow products are not affected by this vulnerability.
Detection and Mitigation
The latest SNORT Package is available for iSID customers, containing signatures for detection of the vulnerability’s exploit attempts in monitored networks.
iSID customers are requested to contact Radiflow support service.
GreyNoise has been publishing a list of IP addresses that have been seen scanning the internet to exploit this vulnerability and is keeping an updated list. These IP addresses should be added to the blocked lists of respective network detection products. Apache has provided a patch (Log4j 2.15.0) to mitigate the vulnerability.
Strictly Necessary Cookies
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.