Daily News

CISA in emergency directive orders federal agencies to patch Log4j vulnerability

By Sara Friedman / December 17, 2021

The Cybersecurity and Infrastructure Security Agency has issued an emergency directive ordering departments and agencies to assess and patch their “internet-facing network assets” for the Log4j vulnerability.

“A series of vulnerabilities in the popular Java-based logging library Log4j are under active exploitation by multiple threat actors,” CISA said in the emergency directive released today.

CISA said, “Exploitation of one of these vulnerabilities allows an unauthenticated attacker to remotely execute code on a server. Successful exploitation can occur even if the software...

form.antibot { display: none !important; } You must have JavaScript enabled to use this form.

CISA in emergency directive orders federal agencies to patch Log4j vulnerability

Log in to access this content.

Not a subscriber? Sign up for 30 days free access to exclusive news and analysis on cybersecurity regulations and more.