IPS signature patch release for Log4Shell vulnerability
Recently, security researchers have discovered a very important vulnerability with a severity of 10.0 in the Log4j library. This framework is responsible for log management in many Java-based programs. The Apache Foundation has also requested users to upgrade the above library version to 2.15.0 as soon as possible.
The CVE-2021-44228 vulnerability is known as Log4Shell and is of Remote Code Execution (RCE) type. Through this vulnerability, attackers can execute their desired codes on the victim or even take control of the system.
Currently, large companies and service providers such as Amazon, Apple iCloud, Cisco, Cloudflare, Twitter and Red Hat use the Log4j framework. Researchers believe that due to the high popularity of this program, the number of attacks will increase significantly in the coming days.
You can see more details about this attack from here.
In this regard, Gostar Sharif security company has also released the Intrusion Detection System (IPS) signature patch for its products. The rules in this patch can analyze the network traffic and inform the network administrators if the above cases are encountered. To know the latest update status, you can run the following command and make sure that the patch is installed correctly.