Log4j is a critical vulnerability in a widely-used software that can have far-reaching and costly impacts. Organizations of all sizes, from small online retailers to the most recognized brands to government agencies, are impacted. One of AppOmni’s core values is to build trust with transparency, which includes offering information and perspective about security issues. Read on for our take on Log4j and what organizations can do to protect their systems.
What is Log4j?
Log4j2 is an open-source, Java-based logging framework developed by collaborators of the Apache Software Foundation. It’s popular with commercial software developers and runs on all major platforms, including Windows, Linux, and macOS. A critical vulnerability (CVE-2021-44228) impacting the Log4j2 utility was reported between late November and early December 2021. The flaw means attackers can take control of any system using the software, and the vulnerability is being exploited by bad actors worldwide.
How Are SaaS Applications Impacted?
SaaS apps along with many technologies are impacted including firewalls, servers, video conferencing platforms, and more are impacted by the Log4j vulnerability. SaaS applications are also impacted. SaaS vendors have Log4j as part of their platform, and are working to mitigate impacts to their customers. Visit CISA for a list of applications with their Log4j vulnerability status along with information on vendor updates.
Are third-party apps affected?
Third-party integrations into SaaS applications are also vulnerable. Many of these third-party solutions can read, write, and delete sensitive data. They can also access user groups, workspaces, or multiple areas in the corporate network. Many issues can arise with third-party apps, including uncertainty around knowing which apps are approved, what permissions an app has, and who can install an app. It’s also often unknown what users are doing with the data accessed by apps.
What are the potential vulnerabilities to SaaS applications?
There are a few potential Log4j vulnerabilities for SaaS applications:
- Nefarious actors could use Log4j to change access and/or security settings within SaaS applications. For example, by turning off encryption or giving someone access to data that they shouldn’t have.
- Data, including usernames and passwords, could be exported, deleted, or otherwise compromised.
- Data can also be compromised through third-party apps such as Data Loader in Salesforce, or other apps installed through application-specific marketplaces.
- And other Log4j-related vulnerabilities continue to be discovered.
The SaaS Security Checklist
Discover the critical components of a comprehensive SaaS security solution.
Related Resources
-
Know Before You Go: AppOmni at RSA Conference 2024
Meet AppOmni at RSA 2024, connect with our SaaS security experts, and learn how AppOmni helps organizations prevent SaaS data breaches and achieve secure productivity.
-
AppOmni Guidance on the Digital Operational Resilience Act (DORA)
Learn how traditional and non-traditional financial services institutions can comply with DORA requirements with AppOmni.
-
Sisense Customer Data Compromise: What to Know
Read about the Sisense data breach, implications of SaaS-to-SaaS connections (or third-party integrations), and how AppOmni can help.