Tenable Solution CenterLatest Research and Insights on Cve-2021-44228 Aka Log4shell
As organizations around the world scramble to address the critical Log4j vulnerability, known as Log4Shell, the number one question on every security leader’s mind is: How do I know if I have this out there?
The sheer ubiquity of Apache Log4j, an open-source logging framework, makes this a particularly challenging question to answer. Not only do many organizations use Log4j in their own source code, it’s also used in many of the products these organizations acquire from third parties.
Organizations around the world will be dealing with the long-tail consequences of this vulnerability, known as Log4Shell, for years to come. We’re dedicated to supporting our customers and the broader security community through this challenging time, and have put together some resources to help you find and fix CVE-2021-44228.
A Fukushima Moment
By Renaud Deraison,former CTO and Founder
The discovery of a critical flaw in the Apache Log4j software is nothing short of a Fukushima moment for the cybersecurity industry.
Ten years ago, an earthquake and subsequent tidal wave triggered the meltdown of the Fukushima nuclear power plant that continues to plague the region today. Similarly, the early exploitation of Log4j, during which attackers will go after the low-hanging fruit exposed by the vulnerability, will evolve over time to take the form of more complex attacks on more sensitive systems that have less exposure to the internet.
Research
The Tenable research team is working around the clock to bring you the latest information on CVE-2021-44228 and how attackers are taking advantage of the flaw.
- Log4Shell FAQs
- White Paper: Log4Shell & Active Directory: The Five Routes to Domain Dominance
- Blog | One in 10 Assets Assessed Are Vulnerable to Log4Shell
- Blog | CVE-2021-44228, CVE-2021-45046, CVE-2021-4104: Frequently Asked Questions About Log4Shell and Associated Vulnerabilities
- Blog | CVE-2021-44228: Proof-of-Concept for Critical Apache Log4j Remote Code Execution Vulnerability Available (Log4Shell)
- Blog | Apache Log4j Flaw Puts Third-Party Software in the Spotlight
- Blog | Log4Shell: 5 Steps The OT Community Should Take Right Now
- KB | Latest Plugins Associated with Log4Shell
- KB | Log4Shell Frequently Asked Questions
- KB | Using plugin 155998 from Tenable Core + Nessus
- KB | Overview of Callbacks in Log4Shell Remote Detection Plugins
- KB | Tenable Log4Shell Scan Templates Overview
- KB | Detailed information on the six NASL plugins and one WAS plugin to detect Log4Shock
- KB | Overview of callbacks in Log4j Remote Detection Plugins
On Demand Webinars
• Vulnerability Alert | Responding to Log4Shell in Apache Log4J (NA)
• Vulnerability Alert | Responding to Log4Shell in Apache Log4J (EMEA)
• Vulnerabilidad log4j: Demostración y Recomendaciones
Product Education
Find out the latest guidance on how to leverage Tenable’s full portfolio, from Nessus Essentials to Tenable Vulnerability Management, to identify where you are vulnerable to Log4Shell.
- Video | Using Tenable Vulnerability Management to detect CVE-2021-44228
- Video | Using Tenable Security Center to detect CVE-2021-44228
- Video | Using Tenable Web App Scanning to detect CVE-2021-44228
- Video | Using Tenable Nessus to detect CVE-2021-44228
- Video | Discovering Log4Shell (CVE-2021-44228) vulnerabilities: Tenable OT Security
- Community | Visit the Log4Shell group on the Tenable community to find further resources on how to secure every attack path against attackers leveraging CVE-2021-44228
On Demand Webinars
• How-To Scan for Log4Shell with Tenable Security Center
• How-To Scan for Log4Shell with Tenable Vulnerability Management
• How-To Scan for Log4Shell with Tenable Nessus Professional
Statement Regarding Log4j
Bob Huber, CISO TenableSome of you have asked whether Tenable is vulnerable to the Apache Log4j Remote Code Execution Vulnerability. No, none of Tenable’s products are running the version of Log4j vulnerable to CVE-2021-44228 or CVE-2021-45046 at this time.
Consistent with our cybersecurity practices, we have actioned all indicators of compromise, artifacts and updated our detections and protections related to this activity. In addition, we are closely monitoring our own software development practices.
Furthermore, the security and availability of our systems, products and customer and partner data are of the utmost importance to us. Tenable has implemented a robust information security management system with a specific focus on providing secure products and services for employees, customers and partners.
As part of our secure software development lifecycle (SSDLC) and quality processes, Tenable performs peer code reviews of all source code, static application security testing, dynamic application security testing, container security scans, third party dependency reviews and vulnerability scans.
We remain deeply committed to the security and protection of our customers, our products and the broader community.