Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Paulo_Feitosa
Explorer

Log4j CVE-2021-45105 e CVE-2021-4104 Not Found basedNow IPS

Guys,

I'm trying to update and find the CVE-2021-45105 e CVE-2021-4104 in my IPS checkpoint.

Looks like it hasn't been released yet.

Note: And I say IPS signature trheat prevention.

 

 

0 Kudos
4 Replies
_Val_
Admin
Admin

CVE-2021-45105 is included into CPAI-2021-0955 on December 21: https://www.checkpoint.com/defense/advisories/public/2021/cpai-2021-0955.html

CVE-2021-4104 is about vulnerability in the product that was EOL in 2015. Are you sure you did not mistype it?

0 Kudos
Paulo_Feitosa
Explorer

I meant the cves below:
CVE - CVE-2021-44832 (mitre.org)
CVE - CVE-2021-4104 (mitre.org)

Not found in my IPS basednow

 

0 Kudos
_Val_
Admin
Admin

You can make an official enquiry through a TAC ticket.

0 Kudos
_Val_
Admin
Admin

In addition, here is a reply from our experts, quoting:


CVE-2021-4104: This CVE contains a local attack vector, and therefore will not be detected in traffic as the known attack vector of Log4j - so it can't be covered by IPS.

Also, notice that it is only affecting Log4j 1.2 that reached the end of life more than 6 years ago.

CVE-2021-44832: We will consult with the IPS team if it is possible to cover it although it also uses a local attack vector.
We will update you as soon as we receive their response.

 

 

0 Kudos