{"id":3950,"date":"2021-12-15T11:14:55","date_gmt":"2021-12-15T16:14:55","guid":{"rendered":"https:\/\/underhost.com\/blog\/?p=3950"},"modified":"2021-12-15T11:15:11","modified_gmt":"2021-12-15T16:15:11","slug":"security-notice-log4j-java-vulnerability","status":"publish","type":"post","link":"https:\/\/underhost.com\/blog\/security-notice-log4j-java-vulnerability\/","title":{"rendered":"Security notice: log4j Java Vulnerability"},"content":{"rendered":"\n

A vulnerability, called Log4Shell, was found in Log4j 2. Log4j is an open-source Apache logging library. This library is used by many popular applications, services, and Java components. The vulnerability is indexed as CVE-2021-44228<\/a> and assessed as a critical vulnerability. The flaw enables an attacker to execute arbitrary code on the affected system. Even though the vulnerability is severe, our products and services are not impacted.<\/p>\n\n\n\n\n
\n
Should I be worried?<\/div>\n<\/td>\n<\/tr>\n
\n
Our security team has just wrapped up a thorough analysis of our own systems. We have not identified any services, products, or applications that are at risk.<\/b> However, we will continue to monitor the vulnerability as details are unfolding. cPanel also had this issue fixed if you had Solr plugin installed (auto-update would have fixed that issue a couple of days ago and DirectAdmin does not use log4j so if you have any managed server with us or have auto-update on cPanel (by default) issue does not apply to you.<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

\u00a0<\/p>\n\n\n\n\n\n\n
\n
What can I do?<\/div>\n<\/td>\n<\/tr>\n
\n
Even though UnderHost applications are not affected, there is a possibility that your services are impacted. This is due to the unmanaged nature of our servers, and the fact that you have full control over your server.<\/div>\n
\u00a0<\/div>\n<\/td>\n<\/tr>\n
\n
We have detailed steps to identify the vulnerability with links to tools you can use to protect yourself.<\/div>\n
\u00a0<\/div>\n<\/td>\n<\/tr>\n
\n\n\n\n\n\n\n\n\n\n
▶<\/td>\nThe NCSC has released a list of affected software<\/a> and what steps you can take. This list will almost certainly be expanded, so check it regularly for updates for your system.<\/td>\n<\/tr>\n
▶<\/td>\nScan for the vulnerability by using one of the tools provided by the NCSC<\/a> or the NIST<\/a>.<\/td>\n<\/tr>\n
▶<\/td>\nContact the administrator or owner of your server if you do not maintain it yourself.<\/td>\n<\/tr>\n
▶<\/td>\nRead the security advice from the NCSC carefully and make sure you\u2019re up to date via the following link<\/a>.<\/td>\n<\/tr>\n
▶<\/td>\nMake a backup of all critical data if you are affected.<\/td>\n<\/tr>\n
▶<\/td>\nMake a list of used services and applications and check the latest communications from these suppliers.<\/td>\n<\/tr>\n
▶<\/td>\nPerform updates to the software on your server and keep a close eye on the latest updates.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n\n\n\n

Should you have any pressing questions regarding this subject, please let us know?<\/strong><\/p>\n\n\n\n


Simply open a request at our cP support desk via CustomersPanel.com<\/a><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"

Should you have any pressing questions regarding this subject, please let us know? Simply open a request at our cP support desk via CustomersPanel.com<\/p>\n","protected":false},"author":1,"featured_media":3954,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3950","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/underhost.com\/blog\/wp-json\/wp\/v2\/posts\/3950","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/underhost.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/underhost.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/underhost.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/underhost.com\/blog\/wp-json\/wp\/v2\/comments?post=3950"}],"version-history":[{"count":5,"href":"https:\/\/underhost.com\/blog\/wp-json\/wp\/v2\/posts\/3950\/revisions"}],"predecessor-version":[{"id":3956,"href":"https:\/\/underhost.com\/blog\/wp-json\/wp\/v2\/posts\/3950\/revisions\/3956"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/underhost.com\/blog\/wp-json\/wp\/v2\/media\/3954"}],"wp:attachment":[{"href":"https:\/\/underhost.com\/blog\/wp-json\/wp\/v2\/media?parent=3950"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/underhost.com\/blog\/wp-json\/wp\/v2\/categories?post=3950"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/underhost.com\/blog\/wp-json\/wp\/v2\/tags?post=3950"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}