Hey guys I hope you are all well. There is this new nasty vulnerability in Java, which by nature of it being crossplatform, affects a lot of the stuff we use, particularly in the homelab. So reddit has this list that basically says if you are running or maybe even using Java applications that have access to the internet, you could be in severe trouble because it affects ALL Java versions after all.
Heads up guys if you are using:
Unifi
Elastic
Minecraft
TP-Link stuff
VM Ware
Docker
Backblaze
All these are affected so far and needs to be patched. I think docker has a issued scanning tool but people are saying it is broken as of writing this.
Makes me wonder about the security of abandoned Android and iOS apps out there. Please post if there are other known affected apps/servers programs.
Stay safe and patch up.
EDIT:
I have found a larger list, which includes enterprise stuff over on bleepingcomputers.
2 Likes
From what I have read, it only affects log4j version 2.
Most threat actors are looking for corporate vulnerabilities where the data they might get at is more valuable, but that doesn’t mean that end users are not vulnerable.
There is an easy fix to block the vulnerability.
I do not even have that package installed on my system.
Can’t speak for end users, but my work is going absolutely apeshit getting things patched this week.
3 Likes
here are 2 lists that people from the security community are referencing for lists of affected products:
https://www.techsolvency.com/story-so-far/cve-2021-44228-log4j-log4shell/#affected-products-
https://github.com/NCSC-NL/log4shell/tree/main/software (src: https://twitter.com/HackingDave/status/1470805623415713806?t=HVZL_UXpaE7JatZU-WxPdQ&s=19)
The last one is actually taking statements from vendors as well, and saving screenshots from them: https://github.com/NCSC-NL/log4shell/tree/main/software/vendor-statements 
PS, sorry I can’t post links yet: https://forum.tuxdigital.com/t/discourse-post-issue-images-link/4594?u=elrey741
1 Like