Log4j For Adobe Campaign | Community
Skip to main content
K
krvishaljha_24
Level 2
December 11, 2021
Solved

Log4j For Adobe Campaign

  • December 11, 2021
  • 2 replies
  • 3052 views

Hello,

 

A critical vulnerability was found in the popular Java logging framework log4j. 

The whole story can be found here: Log4Shell: RCE 0-day exploit found in log4j, a popular Java logging package | LunaSec

 

This new Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228) was reported on Friday (10 Dec 2021)

We're on ACC v7 and I'd appreciate any inputs from this community to understand if this vulnerability affects services hosted in ACC v7.
If so what are the corrective measures to overcome this.

 

Thanks,
Vishal

    This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
    Best answer by Milan_Vucetic

    Hi, for the all comunity memebers who work with on-premise solutions you can use the following code on your exposed servers (usualy tracking ones) to search the logs in order to see if attacks were tried:

    Where posible upgrade you log4j 2 on latest 2.15.0 version

    Nice way to see if you are exposed to this threat: Start netcat parallel to your app:

    then type the following in the app where gets logged (ex. the query string of your search):

    If you then see a lot of garbage emojies in the netcat console you are vulnerable!

    Sorry about pictures above. Article just won't to accept any code even if code tags used.

     

    Regards,

    Milan

    2 replies

    Milan_Vucetic
    Milan_VuceticAccepted solution
    Level 9
    December 12, 2021

    Hi, for the all comunity memebers who work with on-premise solutions you can use the following code on your exposed servers (usualy tracking ones) to search the logs in order to see if attacks were tried:

    Where posible upgrade you log4j 2 on latest 2.15.0 version

    Nice way to see if you are exposed to this threat: Start netcat parallel to your app:

    then type the following in the app where gets logged (ex. the query string of your search):

    If you then see a lot of garbage emojies in the netcat console you are vulnerable!

    Sorry about pictures above. Article just won't to accept any code even if code tags used.

     

    Regards,

    Milan

      adithyacs86
      adithyacs86
      Level 5
      December 22, 2021

      Hi Milan, 

      The code provided above are I believe for on prem in Linux OS, do we know how to check if the Adobe Campaign is installed in Windows servers. 

       

      Thanks,
      Adithya

      Marcel_Szimonisz
      Community Advisor
      Marcel_SzimoniszCommunity Advisor
      Community Advisor
      December 13, 2021

      We are on 7.0 21.1  build 9282 and it's using 

       

      log4j-1.2.11.jar

       

      it's under 

      $(XTK_INSTALL_DIR)/java/lib/log4j-1.2.11.jar

       

      this version does not contain the jndilookup library which is added from version 2

       

       

      So we are good, right?  at least for this vulnerability

       

       

        Milan_Vucetic
        Milan_Vucetic
        Level 9
        December 13, 2021

        Hi @marcel_szimonisz 

        Yes, you are good.

          Terms & ConditionsAccessibility statement

          Loading footer...