Log4j is a critical vulnerability in a widely-used software that can have far-reaching and costly impacts. Organizations of all sizes, from small online retailers to the most recognized brands to government agencies, are impacted. One of AppOmni’s core values is to build trust with transparency, which includes offering information and perspective about security issues. Read on for our take on Log4j and what organizations can do to protect their systems.
What is Log4j?
Log4j2 is an open-source, Java-based logging framework developed by collaborators of the Apache Software Foundation. It’s popular with commercial software developers and runs on all major platforms, including Windows, Linux, and macOS. A critical vulnerability (CVE-2021-44228) impacting the Log4j2 utility was reported between late November and early December 2021. The flaw means attackers can take control of any system using the software, and the vulnerability is being exploited by bad actors worldwide.
How Are SaaS Applications Impacted?
SaaS apps along with many technologies are impacted including firewalls, servers, video conferencing platforms, and more are impacted by the Log4j vulnerability. SaaS applications are also impacted. SaaS vendors have Log4j as part of their platform, and are working to mitigate impacts to their customers. Visit CISA for a list of applications with their Log4j vulnerability status along with information on vendor updates.
Are third-party apps affected?
Third-party integrations into SaaS applications are also vulnerable. Many of these third-party solutions can read, write, and delete sensitive data. They can also access user groups, workspaces, or multiple areas in the corporate network. Many issues can arise with third-party apps, including uncertainty around knowing which apps are approved, what permissions an app has, and who can install an app. It’s also often unknown what users are doing with the data accessed by apps.
What are the potential vulnerabilities to SaaS applications?
There are a few potential Log4j vulnerabilities for SaaS applications:
- Nefarious actors could use Log4j to change access and/or security settings within SaaS applications. For example, by turning off encryption or giving someone access to data that they shouldn’t have.
- Data, including usernames and passwords, could be exported, deleted, or otherwise compromised.
- Data can also be compromised through third-party apps such as Data Loader in Salesforce, or other apps installed through application-specific marketplaces.
- And other Log4j-related vulnerabilities continue to be discovered.
The SaaS Security Checklist
Discover the critical components of a comprehensive SaaS security solution.
Related Resources
-
AppOmni Named a Leader in the 2024 GigaOm Radar for SSPM
This blog discusses why GigaOm identified AppOmni as a leader in SaaS Security Posture Management (SSPM) and all the capabilities the platform provides.
-
AppOmni and CrowdStrike Partner to Transform SaaS Security
Read the blog to see how CrowdStrike and AppOmni come together for a more secure SaaS environment for organizations.
-
Enterprise ServiceNow Knowledge Bases at Risk: Extensive Data Exposures Uncovered
Read the blog to learn about ServiceNow’s Knowledge Base data exposure risks and how to mitigate these issues.