What IPS coverage does Palo Alto Networks have for CVE-2021-442... - Knowledge Base - Palo Alto Networks

What IPS coverage does Palo Alto Networks have for CVE-2021-44228 (Apache Log4j RCE)

9306

Created On 12/10/21 18:24 PM - Last Modified 04/01/24 07:39 AM

Threat Prevention

8.1

9.0

9.1

9.2

10.0

10.1

PAN-OS

Symptom

Searching for IPS coverage provided by PaloAlto Networks for CVE-2021-44228
Searching Threat Vault for CVE ID: CVE-2021-44228

Environment

Palo Alto Firewalls
Any PAN-OS

Cause

Upon initial IPS signature release with Content 8498, a CVE ID was not yet assigned to this vulnerability and therefore, the IPS signature had shipped without the appropriate CVE ID metadata. This issue has been since corrected.

Resolution

Once a CVE ID was assigned to the vulnerability, we have diligently added it, and therefore when you search Palo Alto Networks Threat Vault for CVE ID CVE-2021-44228 you are now able to find a comprehensive list of IPS signatures addressing this vulnerability.

For additional coverage details, please refer to the Conclusion section of our Unit42 Executive Summary Blog Post: Another Apache Log4j Vulnerability Is Actively Exploited in the Wild (CVE-2021-44228) (Updated Dec. 28)

Other users also viewed:

How to download GlobalProtect from the Customer Support Portal

Download and Install the GlobalProtect App for Windows

Resource List: GlobalProtect Configuring and Troubleshooting

PAN-OS Software Updates

Where to find the current preferred software versions? (PAN-OS, GlobalProtect, User-ID Agent, Plugins)