Sanitizing Cloudflare Logs to protect customers from the Log4j vulnerability
On December 9, 2021, a zero-day exploit called CVE-2021-44228 was discovered affecting Apache Log4j utility. Cloudflare has updated its WAF to protect against this vulnerability and advises customers to update their systems promptly. The company is also mitigating any exploits attempted via Cloudflare Logs, which are seeing the exploit pattern in logs sent to customers up to 1000 times every second. Customers can now update their Logpush jobs to automatically redact tokens that could trigger this vulnerability by setting CVE-2021-44228=true in their Logpush job options configuration. This redaction replaces the token ${ with x{ in logs, and is not currently available in the Cloudflare Dashboard but can be modified using the API.
Company
Cloudflare
Date published
Dec. 14, 2021
Author(s)
Jon Levine, Sohei Okamoto
Word count
417
Language
English
Hacker News points
9