Thanks Sarah,
already done, waiting for feedback from support!
I added
${jindi
behind an URL and got no hit on the policy?!?
Kind regards
Martin
------------------------------
Martin Schmitz
Owner
Martin Schmitz IT Security Consulting
Korschenbroich
------------------------------
Original Message:
Sent: 12-11-2021 16:18
From: Sarah Lamont(csp)
Subject: Problem : Virtual patch for the "Apache Log4j2 CVE-2021-44228" vulnerability
Hi Martin,
If you are concerned, it may be best to raise a ticket with support while you wait for feedback here. They will be able to consider the specifics of your environment.
Many thanks,
Sarah
------------------------------
Sarah Lamont(csp)
Digital Community Manager
Original Message:
Sent: 12-11-2021 15:28
From: Martin Schmitz
Subject: Problem : Virtual patch for the "Apache Log4j2 CVE-2021-44228" vulnerability
Hi,
Is this working for anyone? I implemented the policy on 2 MXs but I see no alerts?
Thx
Martin
------------------------------
Martin Schmitz
Owner
Martin Schmitz IT Security Consulting
Korschenbroich
Original Message:
Sent: 12-11-2021 14:08
From: Sarah Lamont(csp)
Subject: Problem : Virtual patch for the "Apache Log4j2 CVE-2021-44228" vulnerability
Hi there,
Please follow the steps in this blog. Note that I have included the steps as an image to allow for all actions to be included.
Manual Mitigation for Zero Day Remote code injection in Log4j (imperva.com)
I hope this helps.
Thanks,
Sarah
------------------------------
Sarah Lamont(csp)
Digital Community Manager
Original Message:
Sent: 12-10-2021 23:30
From: Yingfan Qiu
Subject: Problem : Virtual patch for the "Apache Log4j2 CVE-2021-44228" vulnerability
Hi,
Is there a temporary virtual patch for "Apache Log4j2 CVE-2021-44228"?
Regular signatures are easily bypassed, is there a better one?
#On-PremisesWAF(formerlySecuresphere)
------------------------------
Yingfan Qiu
sale engineer
Shenzhen,China
------------------------------