Summary
Apache Log4j2 is an excellent Java logging framework. Recently, the Alibaba Cloud Security Team reported a remote code execution vulnerability in Apache Log4j2 to the Apache officials. Due to the recursive parsing function in certain functions of Apache Log4j2, attackers can directly construct malicious requests to trigger the remote code execution vulnerability.
The Meari Server Team immediately assessed the servers, and found that the service components that may be affected include java services that use log4j2, as well as public components that use log4j2 by default, such as logstash, kafka, grafana, etc. The Meari Server Team immediately upgraded and performed emergency repairs on the components to avoid the security risks that may be caused by serious vulnerabilities.
After the release of this serious vulnerability, the Meari Team handled it urgently on the same day to avoid online security risks. At present, no attacks have been observed. Moreover, due to the fact that the server uses containerized deployment, services run with minimum privileges, and port blocking strategies, the probability and negative effects of being attacked are greatly reduced. Coupled with rapid emergency repairs, this vulnerability did not cause security issues to the server.