A new 0-day vulnerability, formally known as CVE-2021-44228, was published on the NIST National Vulnerability Database on Friday and was followed by this NIST entry on December 14th. The vulnerability is found in the Log4j Java library.
Log4j is a popular open-source logging library made by the Apache Software Foundation. The security vulnerability found in Log4j allows hackers to execute remote commands on a target system. The severity of the vulnerability is classified as “Critical” by NIST.
The IgniteTech product team is reviewing our products for the use of Log4j. If we identify any products that use Log4j, we will list them on this page along with recommended mitigation steps.