{"id":2965,"date":"2021-12-13T14:09:23","date_gmt":"2021-12-13T19:09:23","guid":{"rendered":"https:\/\/cert.pa\/?p=2965"},"modified":"2021-12-13T14:12:32","modified_gmt":"2021-12-13T19:12:32","slug":"csirt-panama-aviso-2021-12-13-vulnerabilidad-critica-en-apache-log4j","status":"publish","type":"post","link":"https:\/\/cert.pa\/?p=2965","title":{"rendered":"CSIRT Panam\u00e1 Aviso 2021-12-13 Vulnerabilidad cr\u00edtica en Apache Log4j"},"content":{"rendered":"\n<p><strong>CSIRT Panam\u00e1 Aviso 2021-12-13 Vulnerabilidad cr\u00edtica en Apache Log4j<\/strong><\/p>\n\n\n\n<p>Gravedad: Alta<br>Fecha de publicaci\u00f3n: diciembre13, 2021<br>\u00daltima revisi\u00f3n: diciembre 13, 2021<br>Sitio web: logging.apache.org<br>Sistemas Afectados: Todas las versiones de Apache log4j-core con versiones desde la 2.0-beta9 hasta la 2.14.1, ambas incluidas.<\/p>\n\n\n\n<p><strong>I. Descripci\u00f3n<\/strong><\/p>\n\n\n\n<p>Apache Software Foundation ha publicado un aviso de seguridad para abordar una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto(CVE-2021-44228) que afecta a las versiones 2.0-beta9 a 2.14.1 de Log4j. Un atacante remoto podr\u00eda aprovechar esta vulnerabilidad para tomar el control de un sistema afectado. Log4j es una utilidad de registro de c\u00f3digo abierto basada en Java ampliamente utilizada por aplicaciones empresariales y servicios en la nube.<\/p>\n\n\n\n<p>I<strong>I. Referencia a soluciones, herramientas e informaci\u00f3n<\/strong><\/p>\n\n\n\n<p>Se recomienda aplicar los parches correspondientes y actualizar Log4j de Apache a la versi\u00f3n 2.15.0 o superior.<\/p>\n\n\n\n<p><br><strong>Fuentes:<\/strong><br>https:\/\/www.incibe.es\/protege-tu-empresa\/avisos-seguridad\/vulnerabilidad-critica-apache-log4j<br>https:\/\/logging.apache.org\/log4j\/2.x\/security.html<\/p>\n\n\n\n<p><strong>Informaci\u00f3n de contacto<\/strong><br>CSIRT PANAMA<br>Computer Security Incident Response Team Autoridad Nacional para la Innovacion Gubernamental<br>E-Mail: info@cert.pa<br>Phone: +507 520-CERT (2378)<br>Web: https:\/\/cert.pa<br>Twitter: @CSIRTPanama<br>Key ID: 16F2B124<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CSIRT Panam\u00e1 Aviso 2021-12-13 Vulnerabilidad cr\u00edtica en Apache Log4j Gravedad: AltaFecha de publicaci\u00f3n: diciembre13, 2021\u00daltima revisi\u00f3n: diciembre 13, 2021Sitio web: logging.apache.orgSistemas Afectados: Todas las versiones de Apache log4j-core con versiones desde la 2.0-beta9 hasta la&#8230;<\/p>\n","protected":false},"author":4,"featured_media":1428,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[4],"tags":[],"class_list":["post-2965","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-avisos-de-seguridad"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/2965","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2965"}],"version-history":[{"count":1,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/2965\/revisions"}],"predecessor-version":[{"id":2966,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/2965\/revisions\/2966"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/media\/1428"}],"wp:attachment":[{"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2965"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2965"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2965"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}