topic Log4J day-zero exploit CVE-2021-44228 in APIs & Integrations

Log4J day-zero exploit CVE-2021-44228

PRDuque — Tue, 14 Dec 2021 11:08:10 GMT

Since Hubspot uses Log4J (https://product.hubspot.com/blog/bid/6011/log4j-dynamic-appender-configuration), does anyone knows what mitigation measures have been taken to deal with day-zero exploit CVE-2021-44228 ?

HubSpot uses Cloudflare (https://www.cloudflare.com/case-studies/hubspot/), and Cloudflare has already initiated mitigation measures (https://info.cloudflare.com/index.php/email/emailWebview?mkt_tok=NzEzLVhTQy05MTgAAAGBRbAScyE5IiQgYSp2tQ7p4d5EDZ0UyLMhBv5vE_6I_EvTz_OiGDqUph7Uzi8m_XQmGeqJTeiWE5czV4HlM4-yuhRXki1vnuUQCBryUi9NEdcyUVyo&md_id=59712).

But has HubSpot initiated some mitigation measures by themselfs ?

Re: Log4J day-zero exploit CVE-2021-44228

dennisedson — Tue, 14 Dec 2021 19:25:53 GMT

@PRDuque

HubSpot is aware of CVE-2021-44228 and we have performed a thorough check of our systems and have seen no indications of any impact from this vulnerability at this time. Out of an abundance of caution, our team is continuing to monitor this event. Customers don't need to take any action at this time.

Re: Log4J day-zero exploit CVE-2021-44228

PRDuque — Tue, 14 Dec 2021 19:39:47 GMT

Have you updated all projects to log4j latest version, and deployed it to production?

Re: Log4J day-zero exploit CVE-2021-44228

jonathanhaber — Tue, 14 Dec 2021 23:43:03 GMT

We've published a landing page that will hopefully be helpful:

https://www.hubspot.com/log4j2

Re: Log4J day-zero exploit CVE-2021-44228

DSidler — Wed, 15 Dec 2021 08:45:03 GMT

Thanks @jonathanhaber , this is very useful.

Not sure if already discussed, but it would be tremendously helpful if such information could be pushed out to us admins proactively. It took me some googling to even find this thread.