This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have one, create one now for free!
HeikoAnkenbrand
Champion
Champion
‎2021-12-15 03:07 AM

Second Log4j Vulnerability (CVE-2021-45046) Discovered

Jump to solution

Is there any more detailed information from Check Point on this vulnerability yet?

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046

(1)
2 Solutions

Accepted Solutions
_Val_
Admin
Admin
‎2021-12-15 11:32 PM

Jump to solution

Thanks for your patience. Here is the official answer:

  1. We are not vulnerable to CVE-2021-45046.
  2. Threat Prevention signatures are now available: https://www.checkpoint.com/defense/advisories/public/2021/cpai-2021-0936.html

View solution in original post

_Val_
Admin
Admin
‎2021-12-16 12:32 PM
In response to Ataaf

Jump to solution

@ClonyShen@Ataaf@Peggy_Lee There is protection available now: https://www.checkpoint.com/defense/advisories/public/2021/cpai-2021-0936.html

 

View solution in original post

0 Kudos
8 Replies
_Val_
Admin
Admin
‎2021-12-15 03:11 AM

Jump to solution

I will ask the relevant team to comment, but from looking at the description, my guess is, we are not vulnerable. We do not use that library, as before.

ClonyShen
Participant
‎2021-12-15 08:27 AM
In response to _Val_

Jump to solution

Is there an IPS Signatures  (CVE-2021-45046) in the Check Point ?

Ataaf
Explorer
‎2021-12-15 09:40 AM
In response to _Val_

Jump to solution

Do we have checkpoint IPS signature for CVE-2021-45046. if not, when will it be released?

(1)
_Val_
Admin
Admin
‎2021-12-16 12:32 PM
In response to Ataaf

Jump to solution

@ClonyShen@Ataaf@Peggy_Lee There is protection available now: https://www.checkpoint.com/defense/advisories/public/2021/cpai-2021-0936.html

 

0 Kudos
_Val_
Admin
Admin
‎2021-12-15 11:32 PM

Jump to solution

Thanks for your patience. Here is the official answer:

  1. We are not vulnerable to CVE-2021-45046.
  2. Threat Prevention signatures are now available: https://www.checkpoint.com/defense/advisories/public/2021/cpai-2021-0936.html
Peggy_Lee
Participant
‎2021-12-16 07:33 AM
In response to _Val_

Jump to solution

May I ask if there is an eta for the signature?  Thanks 

0 Kudos
Andreas_Hofmann
Participant
‎2021-12-20 08:08 AM
In response to _Val_

Jump to solution

Hi,

did Checkpoint test vulnerability for LOM Modules which use Java?

 

Thanks AH

0 Kudos
_Val_
Admin
Admin
‎2021-12-20 11:35 PM
In response to Andreas_Hofmann

Jump to solution

Yes, not vulnerable.

Labels