Launching “AiTest” soon. A Cross-Browser performance testing SaaS platform. Automated but real load testing of your application. Stay tuned!

One tool for test automation for every service, application, and platform. aiTest Launching Soon - Secure Your FREE Spot (Limited to the First 100 Signups)!

One tool for test automation for every service, application, and platform. aiTest Launching Soon - Secure Your FREE Spot (Limited to the First 100 Signups)! | Join us on Tuesday, 25th August 2023, for an insightful webinar on 'Enhance the efficiency of Cloud monitoring using LogicMonitor' and optimize your cloud operations like never before!

The Worst Security Vulnerability In Last 10 Years


Many of you are working hard on fixing the new and serious Log4j 2 vulnerability CVE-2021-44228, which has a 10.0 CVSS score.

We have helped all our customers. If you are facing an issue, and need help reach out to us@

Here is a Success Story

Here we are summarizing fixes required to minimize the attack of this vulnerability on the infrastructure.

Note: This is only applicable if you are using a Java-based environment with the log4j logging library enabled.

1. Mitigation using AWS WAF:

To block all the bad requests at the AWS WAF level only, make sure you have the AWS Managed Rules Known Bad Inputs Rule Set and AWS Managed Rules Anony mouse Ip List rules in AWS Managed Rules for WAF enabled. This is applicable only for WAFv2.
Reference Terraform Code:

2. Upgrade log4j:

As of writing this documentation, log4j 2.16.0 is available. In addition to fixes to the CVE, Log4j 2.16.0 disables JNDI functionality by default and removes Message Lookups as well. Make sure you are upgrading log4j to 2.16.0.

If you are not able to upgrade to the latest version, you can also delete the JNDI lookup class by using the following command:

$ zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class


3. Amazon OpenSearch:

Amazon OpenSearch Service has released a critical service software update, R20211203-P2, that contains an updated version of Log4j2 in all regions. You should receive an email for the update on your root AWS account email address and a notification into AWS Console as well.


4. ELK Stack:

a. Upgrade to the elasticsearch version 7.16.1 which disables JNDI lookups and patched log4j jar to remove the JndiLookup class from the classpath.

b. Upgrade logstash version 7.16.1 which updates dependencies for log4j to 2.15.0

5. Scanning Local Docker Images for log4j vulnerability:

First, update your docker scan library to 0.11.0+ or update Docker Desktop to 4.3.1+.
Now you can use the docker scan command to scan your local images for log4j vulnerability.

$ docker scan elastic/logstash:7.13.3

More To Explore

News & Events

Logic Monitor Webinar

Don’t miss the chance to join our AAIC & LogicMonitor webinar and win amazing prizes in our lucky draw just by registering! The top three