CVE-2021-44228 – Log4Shell – Vulnerability and its impact on Kubernetes
Dec 12, 2021
All current versions of log4j2 up to 2.14.1 are vulnerable. To remediate this vulnerability, please update to version 2.15.0 or later.
Impact on Kubernetes
Kubernetes clusters running Java workloads are most likely using the Log4j logging framework and are at high risk of being exposed to this vulnerability.
Since this is an RCE-type vulnerability, the impact is critical as the attacker may have direct network access to vulnerable microservices. Kubernetes ingress resources are usually configured to have wide access to other in-cluster components as they redirect external APIs to corresponding internal microservices.
Are your Kubernetes’ clusters exposed?
The new Kubescape image scanner detects if this vulnerability exists in a Kubernetes cluster. The remediation and best practices according to the test results are also documented.
Kubescape users can simply run the Kubescape latest version and get the results immediately.
The image scanner detects the vulnerable versions of Log4j2 JAR files on your container image and marks them as “CVE-2021-44228” or “GHSA-jfh8-c2jp-5v3q” depending on the vulnerability database version.
Kubescape users - Please make sure to update to the latest Kubescape version in GitHub, or through the following command:
curl -s https://raw.githubusercontent.com/armosec/kubescape/master/install.sh | /bin/bash
If you haven’t signed up to Kubescape SaaS version (free), please sign up here
Click here to learn more about Kubernetes security best practices