Environment
- App Control Server: All Supported Versions
- EDR Server: 7.3.0 to 7.6.0
- Hosted EDR: 7.6.0
- Carbon Black Cloud: All Supported Versions
Question
Where can I find information on CVE-2021-44228 (Log4Shell - Log4j Remote Code Execution) and subsequent CVE-2021-45046, CVE-2021-45105, CVE-2021-44832?
Answer
Additional Notes
- EDR
- EDR sensors do not use Log4j and are therefore not affected.
- Are there threat intel feeds for EDR? EEDR and EDR: Are There Threat Intel Feeds for CVE-2021-44228 (Log4j)?
- Hosted EDR has been fixed
- 12/23 JNDLookup class was removed from 2.17.0 and covers CVE-2021-44832
- 12/23 updated Log4j to 2.17.0 to cover CVE-2021-45105
- 12/15 added mitigation to cover CVE-2021-45046
- 12/11 added mitigation to cover CVE-2021-44228
- App Control
- Carbon Black Cloud
Related Content