eApps Hosting has become aware of a vulnerability affecting Java Servers using log4j (CVE-2021-44228). We have taken action at our core Firewall Level to block any requests that match this vulnerability; however, we strongly recommend that you update log4j within your application or set up a wrapper variable.
Note that this vulnerability only impact Java Servers (Tomcat, Jboss, Wildfly or Glassfish) deployments that are using log4j library for logging purposes. Our standard installation does not bring log4j but you may need to check with your developers regarding the application.
More information can be found here:
How to check if I’m using Log4J?
How to mitigate?
For updating log4j you will need to work with your developers so they can update the library within your application.
Depending on the version you are on, you can apply a work around while you manage to get the library updated:
If you have any questions or need assistance, please contact us at email@example.com.