https://community.checkpoint.com/t5/General-Topics/Log4j-CVE-2021-45105-e-CVE-2021-4104-Not-Found-basedNow-IPS/m-p/137364#M24525 <P>You can make an official enquiry through a TAC ticket.</P> Wed, 29 Dec 2021 14:00:46 GMT _Val_ 2021-12-29T14:00:46Z https://community.checkpoint.com/t5/General-Topics/Log4j-CVE-2021-45105-e-CVE-2021-4104-Not-Found-basedNow-IPS/m-p/137344#M24519 <P>Guys,</P><P><SPAN class=""><SPAN class=""><SPAN>I'm trying to update and find the CVE-2021-45105 e CVE-2021-4104 in my IPS checkpoint.</SPAN></SPAN> </SPAN></P><P><SPAN class=""><SPAN class=""><SPAN>Looks like it hasn't been released yet.</SPAN></SPAN> </SPAN></P><P><SPAN class=""><SPAN class=""><SPAN>Note: And I say IPS signature trheat prevention.</SPAN></SPAN></SPAN></P><P>&nbsp;</P><P>&nbsp;</P> Wed, 29 Dec 2021 11:11:10 GMT https://community.checkpoint.com/t5/General-Topics/Log4j-CVE-2021-45105-e-CVE-2021-4104-Not-Found-basedNow-IPS/m-p/137344#M24519 Paulo_Feitosa 2021-12-29T11:11:10Z https://community.checkpoint.com/t5/General-Topics/Log4j-CVE-2021-45105-e-CVE-2021-4104-Not-Found-basedNow-IPS/m-p/137345#M24520 <P><SPAN>CVE-2021-45105 is included into CPAI-2021-0955 on December 21:&nbsp;</SPAN><A href="https://www.checkpoint.com/defense/advisories/public/2021/cpai-2021-0955.html" target="_blank">https://www.checkpoint.com/defense/advisories/public/2021/cpai-2021-0955.html</A></P> <P><SPAN>CVE-2021-4104 is about vulnerability in the product that was EOL in 2015. Are you sure you did not mistype it?</SPAN></P> Wed, 29 Dec 2021 11:21:47 GMT https://community.checkpoint.com/t5/General-Topics/Log4j-CVE-2021-45105-e-CVE-2021-4104-Not-Found-basedNow-IPS/m-p/137345#M24520 _Val_ 2021-12-29T11:21:47Z https://community.checkpoint.com/t5/General-Topics/Log4j-CVE-2021-45105-e-CVE-2021-4104-Not-Found-basedNow-IPS/m-p/137347#M24521 <P><SPAN class="">I meant the cves below:<BR /><A href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44832" target="_blank" rel="noopener">CVE - CVE-2021-44832 (mitre.org)</A><BR /><A href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4104" target="_blank" rel="noopener">CVE - CVE-2021-4104 (mitre.org)</A><BR /><BR /></SPAN>Not found in my IPS basednow</P> <P>&nbsp;</P> Wed, 29 Dec 2021 14:00:02 GMT https://community.checkpoint.com/t5/General-Topics/Log4j-CVE-2021-45105-e-CVE-2021-4104-Not-Found-basedNow-IPS/m-p/137347#M24521 Paulo_Feitosa 2021-12-29T14:00:02Z https://community.checkpoint.com/t5/General-Topics/Log4j-CVE-2021-45105-e-CVE-2021-4104-Not-Found-basedNow-IPS/m-p/137364#M24525 <P>You can make an official enquiry through a TAC ticket.</P> Wed, 29 Dec 2021 14:00:46 GMT https://community.checkpoint.com/t5/General-Topics/Log4j-CVE-2021-45105-e-CVE-2021-4104-Not-Found-basedNow-IPS/m-p/137364#M24525 _Val_ 2021-12-29T14:00:46Z https://community.checkpoint.com/t5/General-Topics/Log4j-CVE-2021-45105-e-CVE-2021-4104-Not-Found-basedNow-IPS/m-p/137385#M24527 <P>In addition, here is a reply from our experts, quoting:</P> <P><BR /><EM><STRONG>CVE-2021-4104</STRONG>: This CVE contains a local attack vector, and therefore will not be detected in traffic as the known attack vector of Log4j&nbsp;- so it can't be covered by IPS.</EM></P> <P><EM>Also, notice that it is only affecting Log4j 1.2 that reached the end of life more than 6 years ago.</EM></P> <P><EM><STRONG>CVE-2021-44832</STRONG>: We will consult with the IPS team if it is possible to cover it although it also uses a local attack vector.</EM><BR /><EM>We will update you as soon as we receive their response.</EM></P> <P>&nbsp;</P> <P>&nbsp;</P> Wed, 29 Dec 2021 16:01:50 GMT https://community.checkpoint.com/t5/General-Topics/Log4j-CVE-2021-45105-e-CVE-2021-4104-Not-Found-basedNow-IPS/m-p/137385#M24527 _Val_ 2021-12-29T16:01:50Z