Forum Discussion

jpadilla

Guide

4 years ago

Is community impacted by Log4J vulnerability?

Is Khoros community compaged by this log4j vulnerability: CVE-2021-44228

Notmark-VFZ

Mentor

4 years ago

tyw wrote:
I think the issue you're seeing is related to Web Application Firewall (WAF) changes that may have been made on your site. We hit this with the word 'localhost'. No matter what we did, that word caused a 403 error.

After checking in with Support they asked me to review the WAF email and sure enough that was the culprit.

The 403 forbidden error is definitely because of the WAF, and rightly so!

It's basically the 1st line of defense in preventing any kind of attack using the Log4Shell vulnerability. The WAF blocks "jndi" followed by ":" because that is a must in the string used to start the attack.

So even if you have a vulnerable server, the server will not receive any malicious strings because you're blocking it before it even gets sent to the server.

Forum Discussion

Is community impacted by Log4J vulnerability?

Related Content

Khoros Care Downtime & Impacts to Bot Customers

Re: Khoros Cookies Datasheet (Community, Care, Marketing, CX Insights, Khoros Bot)

About Aurora community languages

Real-time Community Firehose

Set community to offline mode

Recent Discussions

Join node/group 301 API error

liqlAdmin in khoros aurora graphql API

How do I get the article ID in Freemarker in a TkbArticle?

How to retrieve "Internal reason for ban" field

Tips on keeping stage and prod in alignment?