On the 9th of December 2021, a vulnerability, CVE-2021-44228, was disclosed concerning Apache Log4j, a popular open-source library. The vulnerability allows remote code execution and has been assigned a severity of 10.0, the highest possible, this vulnerability also affected the Gluu servers.
The log4jscanner is a simple tool, after the execution of the tool inside the Gluu container. It performs the following steps:
- Scan for all the services that are running inside the Gluu container.
- After getting the list of each service, it starts scanning the war file of each service. To check the version of all the log4j files used by these services.
- The version is checked against the latest version of the jar files that are released by Apache officially.
- Provide a detailed list of all the vulnerable files and the total no of files scanned.
- If required user can also use the log4j scanner to patch the vulnerable file using the official automated script released by the Gluu.
- Before applying the patch it also back up all the files, so the user has an option to revert to this state.
Read more about Log4Shell and how to mitigate it,