What IPS coverage does Palo Alto Networks have for CVE-2021-44228 (Apache Log4j RCE)
7504
Created On 12/10/21 18:24 PM - Last Modified 04/01/24 07:39 AM
Symptom
- Searching for IPS coverage provided by PaloAlto Networks for CVE-2021-44228
- Searching Threat Vault for CVE ID: CVE-2021-44228
Environment
- Palo Alto Firewalls
- Any PAN-OS
Cause
Upon initial IPS signature release with Content 8498, a CVE ID was not yet assigned to this vulnerability and therefore, the IPS signature had shipped without the appropriate CVE ID metadata. This issue has been since corrected.
Resolution
Once a CVE ID was assigned to the vulnerability, we have diligently added it, and therefore when you search Palo Alto Networks Threat Vault for CVE ID CVE-2021-44228 you are now able to find a comprehensive list of IPS signatures addressing this vulnerability.
For additional coverage details, please refer to the Conclusion section of our Unit42 Executive Summary Blog Post: Another Apache Log4j Vulnerability Is Actively Exploited in the Wild (CVE-2021-44228) (Updated Dec. 28)