/plushcap/analysis/cloudflare/log4j-cloudflare-logs-mitigation

Sanitizing Cloudflare Logs to protect customers from the Log4j vulnerability

What's this blog post about?

On December 9, 2021, a zero-day exploit called CVE-2021-44228 was discovered affecting Apache Log4j utility. Cloudflare has updated its WAF to protect against this vulnerability and advises customers to update their systems promptly. The company is also mitigating any exploits attempted via Cloudflare Logs, which are seeing the exploit pattern in logs sent to customers up to 1000 times every second. Customers can now update their Logpush jobs to automatically redact tokens that could trigger this vulnerability by setting CVE-2021-44228=true in their Logpush job options configuration. This redaction replaces the token ${ with x{ in logs, and is not currently available in the Cloudflare Dashboard but can be modified using the API.

Company
Cloudflare

Date published
Dec. 14, 2021

Author(s)
Jon Levine, Sohei Okamoto

Word count
417

Language
English

Hacker News points
9


By Matt Makai. 2021-2024.