Editor’s note : As of 12/21/2021 2:45pm PST, this post was updated to indicate that detections for CVE-2021-45105 are now present in production As of 12/20/2021 at 2:15pm PST, this post was updated to indicate that detections for CVE-2021-4104 are present in production …

Editor’s note : As of 1/4/2022 3:00pm PST, this post was updated to indicate that detections for CVE-2021-44832 are now present in production. Full change log can be found in the footnotes. NIST has announced recent vulnerabilities ( CVE-2021-44228, CVE-2021-45046, CVE-2021-4104, CVE-2021-45105 & CVE-2021-44832 ) in the Apache Log4j …

Editor's note : As of 12/16/2021 at 3:45pm PST, this post was updated to include information about detections for CVE-2021-45046. NIST has announced a recent vulnerability ( CVE-2021-44228 ) in the Apache Log4j library. To help with detection, Google Cloud IDS customers can now monitor and detect attempted exploits …

Editor’s note : As of 12/20/2021 at 2:15pm PST, this post was updated to indicate that detections for CVE-2021-4104 are present in production As of 12/19/2021 at 1:51pm PST, this post was updated to indicate that detections for CVE-2021-45046 are now present in …

NIST has announced a recent vulnerability ( CVE-2021-44228 ) in the Apache Log4j library. To help with detection, Google Cloud IDS customers can now monitor and detect attempted exploits of CVE-2021-44228. Background The Apache Log4j utility is a commonly used component for logging requests. On December 9, 2021, a vulnerability was …