{"id":9924,"date":"2021-12-18T23:00:57","date_gmt":"2021-12-18T14:00:57","guid":{"rendered":"https:\/\/www.secuavail.com\/kb\/?p=9924"},"modified":"2024-08-23T11:40:58","modified_gmt":"2024-08-23T02:40:58","slug":"utm-waf-and-cve-2021-44228","status":"publish","type":"post","link":"https:\/\/www.secuavail.com\/kb\/nw-device\/utm-waf-and-cve-2021-44228\/","title":{"rendered":"\u30102021\/12\/29\u66f4\u65b0\u3011Log4j\u306e\u8106\u5f31\u6027(CVE-2021-44228)\u306b\u5bfe\u3059\u308b\u5404UTM\/IPS\/WAF\/\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u306e\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066"},"content":{"rendered":"<p>\u203b\u672c\u8a18\u4e8b\u306e\u5185\u5bb9\u306f\u30012021\u5e7412\u670813\u65e5\u73fe\u5728\u306e\u516c\u958b\u60c5\u5831\u3092\u3082\u3068\u306b\u8a18\u8f09\u3057\u3066\u304a\u308a\u307e\u3059\u3002\u304a\u4f7f\u3044\u306e\u88fd\u54c1\u3067IPS\u6a5f\u80fd\u7b49\u304c\u5229\u7528\u3067\u304d\u308b\u30e9\u30a4\u30bb\u30f3\u30b9\u3067\u3042\u308b\u304b\u3001\u30b7\u30b0\u30cd\u30c1\u30e3\u7b49\u306e\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u65b9\u6cd5\u3084\u5177\u4f53\u7684\u306a\u691c\u77e5\u30fb\u9632\u5fa1\u306e\u8a2d\u5b9a\u65b9\u6cd5\u306b\u3064\u3044\u3066\u306f\u8cfc\u5165\u5143\u306e\u4ee3\u7406\u5e97\u69d8\u3084\u904b\u7528\u30fb\u4fdd\u5b88\u30d9\u30f3\u30c0\u30fc\u69d8\u3078\u304a\u554f\u3044\u5408\u308f\u305b\u304f\u3060\u3055\u3044\u3002<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82_2 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\"><p class=\"ez-toc-title\" style=\"cursor:inherit\">\u76ee\u6b21<\/p>\n<\/div><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.secuavail.com\/kb\/nw-device\/utm-waf-and-cve-2021-44228\/#Log4j%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6%E3%81%AE%E6%A6%82%E8%A6%81\" >Log4j\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\u306e\u6982\u8981<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.secuavail.com\/kb\/nw-device\/utm-waf-and-cve-2021-44228\/#%E5%90%84UTMIPSWAF%E3%83%95%E3%82%A1%E3%82%A4%E3%82%A2%E3%82%A6%E3%82%A9%E3%83%BC%E3%83%AB%E3%81%AE%E5%AF%BE%E5%BF%9C%E7%8A%B6%E6%B3%81%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6\" >\u5404UTM\/IPS\/WAF\/\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u306e\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.secuavail.com\/kb\/nw-device\/utm-waf-and-cve-2021-44228\/#Palo_Alto_Networks\" >Palo Alto Networks<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.secuavail.com\/kb\/nw-device\/utm-waf-and-cve-2021-44228\/#Fortinet\" >Fortinet<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.secuavail.com\/kb\/nw-device\/utm-waf-and-cve-2021-44228\/#F5_Networks\" >F5 Networks<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.secuavail.com\/kb\/nw-device\/utm-waf-and-cve-2021-44228\/#SonicWall\" >SonicWall<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.secuavail.com\/kb\/nw-device\/utm-waf-and-cve-2021-44228\/#WatchGuard_Technologies\" >WatchGuard Technologies<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/www.secuavail.com\/kb\/nw-device\/utm-waf-and-cve-2021-44228\/#A10_Networks\" >A10 Networks<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/www.secuavail.com\/kb\/nw-device\/utm-waf-and-cve-2021-44228\/#%E3%81%9D%E3%81%AE%E4%BB%96\" >\u305d\u306e\u4ed6<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/www.secuavail.com\/kb\/nw-device\/utm-waf-and-cve-2021-44228\/#AWS_WAF\" >AWS WAF<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/www.secuavail.com\/kb\/nw-device\/utm-waf-and-cve-2021-44228\/#Azure_WAF\" >Azure WAF<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/www.secuavail.com\/kb\/nw-device\/utm-waf-and-cve-2021-44228\/#%E6%9C%80%E5%BE%8C%E3%81%AB\" >\u6700\u5f8c\u306b<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"Log4j%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6%E3%81%AE%E6%A6%82%E8%A6%81\"><\/span>Log4j\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\u306e\u6982\u8981<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Java\u306e\u8457\u540d\u306a\u30ed\u30ae\u30f3\u30b0\u7528\u30e9\u30a4\u30d6\u30e9\u30ea\u3067\u3042\u308b\u300cApache Log4j\u300d\u306b\u5916\u90e8\u304b\u3089\u4efb\u610f\u306e\u30b3\u30fc\u30c9\u3092\u5b9f\u884c(RCE)\u3055\u308c\u308b\u53ef\u80fd\u6027\u306e\u3042\u308b\u8106\u5f31\u6027(\u901a\u79f0:Log4shell)\u304c\u5831\u544a\u3055\u308c\u307e\u3057\u305f\u3002<br \/>\nJava\u3067\u4f5c\u6210\u3055\u308c\u305f\u591a\u304f\u306e\u30d7\u30ed\u30b0\u30e9\u30e0\u3067\u5229\u7528\u3055\u308c\u3066\u304a\u308a\u3001\u307e\u305f\u5229\u7528\u3057\u3066\u3044\u308b\u30d5\u30ec\u30fc\u30e0\u30ef\u30fc\u30af\u3084\u30e9\u30a4\u30d6\u30e9\u30ea\u7b49\u3067\u9593\u63a5\u7684\u306b\u5229\u7528\u3055\u308c\u3066\u3044\u308b\u53ef\u80fd\u6027\u3082\u3042\u308a\u3001\u5f71\u97ff\u304c\u5e83\u7bc4\u56f2\u306b\u53ca\u3076\u3068\u8003\u3048\u3089\u308c\u307e\u3059\u3002<br \/>\n\u307e\u305f\u3001\u3059\u3067\u306b\u653b\u6483\u3082\u89b3\u6e2c\u3055\u308c\u3066\u3044\u308b\u3068\u3044\u3046\u60c5\u5831\u3082\u3042\u308a\u6ce8\u610f\u304c\u5fc5\u8981\u3067\u3059\u3002<\/p>\n<p>JPCERT\/CC\u304b\u3089\u306e\u6ce8\u610f\u559a\u8d77<br \/>\n<a href=\"https:\/\/www.jpcert.or.jp\/at\/2021\/at210050.html\" target=\"_blank\" rel=\"noopener\">Apache Log4j\u306e\u4efb\u610f\u306e\u30b3\u30fc\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027\uff08CVE-2021-44228\uff09\u306b\u95a2\u3059\u308b\u6ce8\u610f\u559a\u8d77<\/a><\/p>\n<p><span style=\"color: #0000ff;\">(2021\/12\/15\u8ffd\u8a18)<\/span><br \/>\n<span style=\"color: #0000ff;\">CVE-2021-44228\u306e\u5bfe\u5fdc\u7248\u3068\u3057\u3066\u30ea\u30ea\u30fc\u30b9\u3055\u308c\u305fLog4j 2.15.0\u306b\u306f\u3001\u30c7\u30d5\u30a9\u30eb\u30c8\u4ee5\u5916\u306e\u7279\u5b9a\u306e\u8a2d\u5b9a\u306b\u304a\u3044\u3066\u30b5\u30fc\u30d3\u30b9\u59a8\u5bb3(DoS)\u306e\u8106\u5f31\u6027(CVE-2021-45046)\u304c\u5b58\u5728\u3059\u308b\u3053\u3068\u304c\u5831\u544a\u3055\u308c\u3001\u5bfe\u7b56\u304c\u884c\u308f\u308c\u305f2.16.0\u304c\u516c\u958b\u3055\u308c\u3066\u304a\u308a\u307e\u3059\u3002<\/span><br \/>\n<span style=\"color: #0000ff;\">2.16.0\u3067\u306f\u3001\u3055\u3089\u306bLookup\u6a5f\u80fd\u304c\u524a\u9664\u3055\u308c\u3001JNDI\u304c\u30c7\u30d5\u30a9\u30eb\u30c8\u3067\u7121\u52b9\u3068\u306a\u3063\u3066\u304a\u308a\u307e\u3059\u306e\u3067\u30012.16.0\u3078\u306e\u66f4\u65b0\u3092\u304a\u3059\u3059\u3081\u3057\u307e\u3059\u3002<\/span><\/p>\n<p><span style=\"color: #0000ff;\">(2021\/12\/18\u8ffd\u8a18)<br \/>\nCVE-2021-45046\u306f\u3001\u30ab\u30c6\u30b4\u30ea\u304c\u30b5\u30fc\u30d3\u30b9\u59a8\u5bb3(DoS)\u304b\u3089\u3001\u5916\u90e8\u304b\u3089\u4efb\u610f\u306e\u30b3\u30fc\u30c9\u3092\u5b9f\u884c(RCE)\u306b\u5909\u66f4\u3055\u308cCVSS\u306e\u30b9\u30b3\u30a2\u304c9.0\u306b\u66f4\u65b0\u3055\u308c\u307e\u3057\u305f\u3002<\/span><br \/>\n<span style=\"color: #0000ff;\">Log4j 2.17.0\u304c\u30ea\u30ea\u30fc\u30b9\u3055\u308c\u307e\u3057\u305f\u30022.16.0\u3067\u306e\u4fee\u6b63\u306f\u4e0d\u5341\u5206\u3067\u3042\u308a\u3001\u30b5\u30fc\u30d3\u30b9\u59a8\u5bb3(DoS)\u306e\u8106\u5f31\u6027(CVE-2021-45105)\u304c\u5b58\u5728\u3057\u307e\u3059\u3002<\/span><\/p>\n<p><span style=\"color: #0000ff;\">(2021\/12\/29\u8ffd\u8a18)<br \/>\nLog4j 2.17.0\u306b<\/span><span style=\"color: #0000ff;\">\u65b0\u305f\u306b\u4efb\u610f\u306e\u30b3\u30fc\u30c9\u3092\u5b9f\u884c(RCE)\u3055\u308c\u308b\u53ef\u80fd\u6027\u306e\u3042\u308b\u8106\u5f31\u6027(CVE-2021-44832)\u304c\u5831\u544a\u3055\u308c\u307e\u3057\u305f\u3002<br \/>\n\u5bfe\u7b56\u7248\u3068\u3057\u3066Log4j 2.17.1\u304c\u30ea\u30ea\u30fc\u30b9\u3055\u308c\u307e\u3057\u305f\u3002<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"%E5%90%84UTMIPSWAF%E3%83%95%E3%82%A1%E3%82%A4%E3%82%A2%E3%82%A6%E3%82%A9%E3%83%BC%E3%83%AB%E3%81%AE%E5%AF%BE%E5%BF%9C%E7%8A%B6%E6%B3%81%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6\"><\/span>\u5404UTM\/IPS\/WAF\/\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u306e\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u96e3\u8aad\u5316\u7b49\u3092\u884c\u3046\u3053\u3068\u3067\u691c\u77e5\u30fb\u9632\u5fa1\u3092\u56de\u907f\u3067\u304d\u308b\u3068\u306e\u60c5\u5831\u3082\u3042\u308a\u3001\u6839\u672c\u7684\u306a\u5bfe\u7b56\u3068\u3057\u3066\u306f\u3001\u672c\u8106\u5f31\u6027\u3092\u4fee\u6b63\u3057\u305f\u30d0\u30fc\u30b8\u30e7\u30f3\u3078\u306e\u66f4\u65b0\u3068\u306a\u308a\u307e\u3059\u304c\u3001\u8106\u5f31\u6027\u306e\u7de9\u548c\u7b56\u3001\u4e00\u6642\u7684\u306a\u5bfe\u7b56\u3068\u3057\u3066\u5404UTM\/IPS\/WAF\/\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u7b49\u3067\u306e\u9632\u5fa1\u3082\u6709\u52b9\u3067\u3042\u308b\u3068\u8003\u3048\u3066\u304a\u308a\u3001\u5f53\u30b0\u30eb\u30fc\u30d7\u8abf\u67fb\u306b\u57fa\u3065\u304f\u5404\u30e1\u30fc\u30ab\u306e\u5bfe\u5fdc\u72b6\u6cc1\u3092\u307e\u3068\u3081\u307e\u3057\u305f\u3002<br \/>\n\u203bSSL\/TLS\u901a\u4fe1\u5185\u306b\u304a\u3051\u308b\u691c\u77e5\u30fb\u9632\u5fa1\u306b\u306f\u5fa9\u53f7\u5316\u3082\u4f75\u305b\u3066\u884c\u3046\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Palo_Alto_Networks\"><\/span>Palo Alto Networks<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Palo Alto Networks\u793e\u306e\u5bfe\u5fdc\u72b6\u6cc1\u306f\u4ee5\u4e0b\u306e\u901a\u308a\u3067\u3059\u3002<\/p>\n<ul>\n<li>Palo Alto Networks\u88fd\u54c1\u3078\u306e\u5f71\u97ff\n<ul>\n<li><a href=\"https:\/\/security.paloaltonetworks.com\/CVE-2021-44228\" target=\"_blank\" rel=\"noopener\">CVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228<\/a>\n<ul>\n<li><del>\u5f71\u97ff\u3092\u53d7\u3051\u308b\u30d7\u30ed\u30c0\u30af\u30c8\u306f\u73fe\u6642\u70b9\u3067\u7121\u3044\u3088\u3046\u3067\u3059\u3002<br \/>\n<\/del><span style=\"color: #0000ff;\">(2021\/12\/16\u8ffd\u8a18)<\/span><br \/>\n<span style=\"color: #0000ff;\">PAN-OS for Panorama 9.0.*, 9.1.*, 10.0.*\u306b\u304a\u3044\u3066\u3001\u5185\u90e8\u3067\u5229\u7528\u3055\u308c\u3066\u3044\u308bElasticsearch\u304c\u5f71\u97ff\u3092\u53d7\u3051\u308b\u3068\u306e\u767a\u8868\u304c\u3042\u308a\u307e\u3057\u305f\u30028.1 \u304a\u3088\u3073 10.1\u3067\u306f\u5f71\u97ff\u306e\u3042\u308bElasticsearch\u306f\u5229\u7528\u3055\u308c\u3066\u3044\u306a\u3044\u3068\u306e\u3053\u3068\u3067\u3059\u3002<\/span><\/li>\n<\/ul>\n<\/li>\n<li>\u5bfe\u5fdc\u3059\u308b\u30b7\u30b0\u30cd\u30c1\u30e3(\u4eca\u5f8c\u9806\u6b21\u8ffd\u52a0\u3055\u308c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002)\n<ul>\n<li>Apache Log4j Remote Code Execution Vulnerability(\u30b7\u30b0\u30cd\u30c1\u30e3ID:91991,91994,91995,<span style=\"color: #0000ff;\">92001<\/span>)\n<ul>\n<li>Applications and Threats\u306e\u30b3\u30f3\u30c6\u30f3\u30c48498(2021\/12\/09\u30ea\u30ea\u30fc\u30b9)\u4ee5\u964d\u3067\u5bfe\u5fdc<\/li>\n<li>\u305d\u306e\u5f8c8499\u300184500\u3067\u8ffd\u52a0\u3001\u66f4\u65b0\u4e2d\u3002<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<li>\u8abf\u67fb\u8a18\u4e8b\u306a\u3069\n<ul>\n<li><a href=\"https:\/\/unit42.paloaltonetworks.com\/apache-log4j-vulnerability-cve-2021-44228\/\" target=\"_blank\" rel=\"noopener\">Apache log4j Vulnerability CVE-2021-4428: Analysis and Mitigations (paloaltonetworks.com)<\/a>\n<ul>\n<li>\u8105\u5a01\u30a4\u30f3\u30c6\u30ea\u30b8\u30a7\u30f3\u30b9\u30c1\u30fc\u30e0\u300cUnit 42\u300d\u306b\u3088\u308b\u30d6\u30ed\u30b0\u3002\n<ul>\n<li>(\u65e5\u672c\u8a9e\u8a33)<a href=\"https:\/\/unit42.paloaltonetworks.jp\/apache-log4j-vulnerability-cve-2021-44228\/\" target=\"_blank\" rel=\"noopener\">\u8105\u5a01\u306b\u95a2\u3059\u308b\u60c5\u5831: Apache Log4j\u306b\u65b0\u305f\u306a\u8106\u5f31\u6027(CVE-2021-44228) \u5b9f\u969b\u306e\u60aa\u7528\u3082\u78ba\u8a8d<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3><span class=\"ez-toc-section\" id=\"Fortinet\"><\/span>Fortinet<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Fortinet\u793e\u306e\u5bfe\u5fdc\u72b6\u6cc1\u306f\u4ee5\u4e0b\u306e\u901a\u308a\u3067\u3059\u3002<\/p>\n<ul>\n<li>Fortinet\u88fd\u54c1\u3078\u306e\u5f71\u97ff\n<ul>\n<li><a href=\"https:\/\/www.fortiguard.com\/psirt\/FG-IR-21-245\" target=\"_blank\" rel=\"noopener\">Apache log4j2 log messages substitution (CVE-2021-44228)<\/a>\n<ul>\n<li>FortiOS(FortiGate\u3068FortiWiFi)\u306b\u306f\u5f71\u97ff\u306f\u7121\u3044\u3088\u3046\u3067\u3059\u304c\u3001\u4e00\u90e8\u5f71\u97ff\u3092\u53d7\u3051\u308b\u30d7\u30ed\u30c0\u30af\u30c8\u304c\u5b58\u5728\u3057\u73fe\u5728\u4fee\u6b63\u4e2d\u3068\u3055\u308c\u3066\u3044\u307e\u3059\u3002\u8a73\u7d30\u306f\u4e0a\u8a18\u30ea\u30f3\u30af\u3092\u3054\u53c2\u7167\u304f\u3060\u3055\u3044\u3002<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<li>\u5bfe\u5fdc\u3059\u308b\u30b7\u30b0\u30cd\u30c1\u30e3(\u4eca\u5f8c\u9806\u6b21\u8ffd\u52a0\u3055\u308c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002)\n<ul>\n<li>Apache.Log4j.Error.Log.Remote.Code.Execution(\u30b7\u30b0\u30cd\u30c1\u30e3ID:51006)\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>IPS 19.215(2021\/12\/10\u30ea\u30ea\u30fc\u30b9)\u4ee5\u964d\u3067\u5bfe\u5fdc\n<ul>\n<li>IPS\u6a5f\u80fd\u306fFortiGate\u3001FortiADC\u3001FortiProxy\u7b49\u3067\u5bfe\u5fdc\u3002<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<li>\u8abf\u67fb\u8a18\u4e8b\u306a\u3069\n<ul>\n<li><a href=\"https:\/\/www.fortiguard.com\/outbreak-alert\/log4j2-vulnerability\" target=\"_blank\" rel=\"noopener\">Log4j2 Vulnerability<\/a>\n<ul>\n<li>Fortinet\u793e\u306eOutbreak Alerts\u3002<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3><span class=\"ez-toc-section\" id=\"F5_Networks\"><\/span>F5 Networks<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>F5 Networks\u793e\u306e\u5bfe\u5fdc\u72b6\u6cc1\u306f\u4ee5\u4e0b\u306e\u901a\u308a\u3067\u3059\u3002<\/p>\n<ul>\n<li>F5 Networks\u88fd\u54c1\u3078\u306e\u5f71\u97ff\n<ul>\n<li><a href=\"https:\/\/support.f5.com\/csp\/article\/K19026212\" target=\"_blank\" rel=\"noopener\">K19026212: Apache Log4j2 Remote Code Execution vulnerability CVE-2021-44228<\/a>\n<ul>\n<li>\u5f71\u97ff\u3092\u53d7\u3051\u308b\u30d7\u30ed\u30c0\u30af\u30c8\u306f\u73fe\u6642\u70b9\u3067\u7121\u3044\u3088\u3046\u3067\u3059\u3002<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<li>\u5bfe\u5fdc\u3059\u308b\u30b7\u30b0\u30cd\u30c1\u30e3(\u4eca\u5f8c\u9806\u6b21\u8ffd\u52a0\u3055\u308c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002)\n<ul>\n<li>BIG-IP ASM\/Advanced WAF and NGINX App Protect\n<ul>\n<li>\u00a0JNDI Injection (200104768 &amp; 200104769)\n<ul>\n<li>2021\/12\/10\u4ee5\u964d\u306e\u30b7\u30b0\u30cd\u30c1\u30e3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3067\u5bfe\u5fdc\u3002<br \/>\n\u65e2\u5b58\u3067\u4e00\u822c\u7684\u306aJNDI\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306b\u5bfe\u5fdc\u3059\u308b\u30b7\u30b0\u30cd\u30c1\u30e3\u3042\u308a\u3002<\/li>\n<li>iRule\u306b\u3088\u308b\u7de9\u548c\u7b56\u306b\u3064\u3044\u3066\u306f\u3001\u4e0a\u8a18K19026212\u3092\u3054\u53c2\u7167\u304f\u3060\u3055\u3044\u3002<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3><span class=\"ez-toc-section\" id=\"SonicWall\"><\/span>SonicWall<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>SonicWall\u793e\u306e\u5bfe\u5fdc\u72b6\u6cc1\u306f\u4ee5\u4e0b\u306e\u901a\u308a\u3067\u3059\u3002<\/p>\n<ul>\n<li>SonicWall\u88fd\u54c1\u3078\u306e\u5f71\u97ff\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li><a href=\"https:\/\/psirt.global.sonicwall.com\/vuln-detail\/SNWLID-2021-0032\" target=\"_blank\" rel=\"noopener\">APACHE LOG4J REMOTE CODE EXECUTION VULNERABILITY - \"LOG4SHELL\" CVE-2021-44228<\/a>\n<ul>\n<li>\u73fe\u6642\u70b9\u3067\u306f\u4e00\u90e8\u5f71\u97ff\u8abf\u67fb\u4e2d(Under Review)\u306e\u30d7\u30ed\u30c0\u30af\u30c8\u304c\u3042\u308a\u307e\u3059\u304c\u3001\u8abf\u67fb\u4e2d\u4ee5\u5916\u306e\u3082\u306e\u3067\u306f\u5f71\u97ff\u306f\u7121\u3044\u3088\u3046\u3067\u3059\u3002<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<li>\u5bfe\u5fdc\u3059\u308b\u30b7\u30b0\u30cd\u30c1\u30e3(\u4eca\u5f8c\u9806\u6b21\u8ffd\u52a0\u3055\u308c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002)\n<ul>\n<li>Apache Log4j2 JNDI Log Messages Remote Code Execution(\u30b7\u30b0\u30cd\u30c1\u30e3ID:2307)\n<ul>\n<li>2021\/12\/10\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u4ee5\u964d\u3067\u5bfe\u5fdc\u3002<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3><span class=\"ez-toc-section\" id=\"WatchGuard_Technologies\"><\/span>WatchGuard Technologies<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>WatchGuard Technologies\u793e\u306e\u5bfe\u5fdc\u72b6\u6cc1\u306f\u4ee5\u4e0b\u306e\u901a\u308a\u3067\u3059\u3002<\/p>\n<ul>\n<li>WatchGuard Technologies\u88fd\u54c1\u3078\u306e\u5f71\u97ff<br \/>\n<a href=\"https:\/\/www.secplicity.org\/2021\/12\/10\/critical-rce-vulnerability-in-log4js\/\" target=\"_blank\" rel=\"noopener\">Critical RCE Vulnerability in Log4J2<\/a><br \/>\n\u8abf\u67fb\u3092\u7d99\u7d9a\u4e2d\u3068\u306e\u3053\u3068\u3067\u3059\u304c\u3001\u73fe\u6642\u70b9\u3067Firebox, WatchGuard System Manager and Dimension\u306b\u304a\u3044\u3066\u5f71\u97ff\u3092\u53d7\u3051\u308b\u30d7\u30ed\u30c0\u30af\u30c8\u306f\u7121\u3044\u3088\u3046\u3067\u3059\u3002<\/li>\n<li>\u5bfe\u5fdc\u3059\u308b\u30b7\u30b0\u30cd\u30c1\u30e3(\u4eca\u5f8c\u9806\u6b21\u8ffd\u52a0\u3055\u308c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002)\n<ul>\n<li>WEB Apache log4j Remote Code Execution -1.u (CVE-2021-44228) (\u30b7\u30b0\u30cd\u30c1\u30e3ID:1230268)<br \/>\n<span style=\"font-size: 14px;\">WEB Apache log4j Remote Code Execution -1.h (CVE-2021-44228) (\u30b7\u30b0\u30cd\u30c1\u30e3ID:1230269)<\/span><span style=\"font-size: 14px;\"><br \/>\n<\/span><span style=\"font-size: 14px;\">WEB Apache log4j Remote Code Execution -2.u (CVE-2021-44228) (\u30b7\u30b0\u30cd\u30c1\u30e3ID:1230274)<br \/>\n<\/span><span style=\"font-size: 14px;\">WEB Apache log4j Remote Code Execution -2.h (CVE-2021-44228) (\u30b7\u30b0\u30cd\u30c1\u30e3ID:1230275)<\/span><\/p>\n<ul>\n<li><span style=\"font-size: 14px;\">\u30b7\u30b0\u30cd\u30c1\u30e3\u30d0\u30fc\u30b8\u30e7\u30f318.188\u4ee5\u964d\u30014.1232\u4ee5\u964d\u3067\u5bfe\u5fdc<\/span><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<li>\u8abf\u67fb\u8a18\u4e8b\u306a\u3069\n<ul>\n<li>\u300cWatchGuard Technologies\u88fd\u54c1\u3078\u306e\u5f71\u97ff\u300d\u306b\u8a18\u8f09\u3057\u305f\u30ea\u30f3\u30af\u3092\u3054\u53c2\u7167\u304f\u3060\u3055\u3044\u3002<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3><span class=\"ez-toc-section\" id=\"A10_Networks\"><\/span>A10 Networks<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>A10 Networks\u793e\u306e\u5bfe\u5fdc\u72b6\u6cc1\u306f\u4ee5\u4e0b\u306e\u901a\u308a\u3067\u3059\u3002<\/p>\n<ul>\n<li>A10 Networks\u793e\u88fd\u54c1\u3078\u306e\u5f71\u97ff\n<ul>\n<li><a href=\"https:\/\/support.a10networks.com\/support\/security_advisory\/log4j-cve-2021-44228-cve-2021-45046\/\" target=\"_blank\" rel=\"noopener\">LOG4J - CVE-2021-44228, CVE-2021-45046<\/a>\n<ul>\n<li>\u73fe\u6642\u70b9\u3067\u306f\u3001A10 Thunder\u306f\u3058\u3081\u5404\u88fd\u54c1\u5f71\u97ff\u306f\u306a\u3044\u3068\u3055\u308c\u3066\u3044\u307e\u3059\u3002<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<li>\u5bfe\u5fdc\u3059\u308b\u30b7\u30b0\u30cd\u30c1\u30e3(\u4eca\u5f8c\u9806\u6b21\u8ffd\u52a0\u3055\u308c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002)\n<ul>\n<li>\u7d99\u7d9a\u8abf\u67fb\u3092\u884c\u3044aFleX\u306b\u3088\u308b\u7de9\u548c\u7b56\u306b\u3064\u3044\u3066\u4e0a\u8a18\u30a2\u30c9\u30d0\u30a4\u30b6\u30ea\u3067\u66f4\u65b0\u3059\u308b\u3068\u767a\u8868\u3057\u3066\u3044\u307e\u3059\u3002<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2><span class=\"ez-toc-section\" id=\"%E3%81%9D%E3%81%AE%E4%BB%96\"><\/span>\u305d\u306e\u4ed6<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>AWS WAF\u3001Azure WAF\u306b\u3064\u304d\u307e\u3057\u3066\u306f\u4ee5\u4e0b\u306e\u901a\u308a\u3067\u3059\u3002<\/p>\n<h3><span class=\"ez-toc-section\" id=\"AWS_WAF\"><\/span>AWS WAF<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>AWSManagedRulesKnownBadInputsRuleSet\u306b\u3066\u30b7\u30b0\u30cd\u30c1\u30e3\u8ffd\u52a0\u6e08\u307f\u3068\u767a\u8868\u3057\u3066\u3044\u307e\u3059\u3002<br \/>\n\u53c2\u8003\uff1a<a href=\"https:\/\/aws.amazon.com\/jp\/security\/security-bulletins\/AWS-2021-005\/\" target=\"_blank\" rel=\"noopener\">Apache Log4j2 Issue (CVE-2021-44228)<\/a><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Azure_WAF\"><\/span>Azure WAF<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Microsoft Security Response Center\u306e\u30d6\u30ed\u30b0(\u4e0b\u8a18\u53c2\u7167)\u306b\u3066\u3001WAF\u306e\u30de\u30cd\u30fc\u30b8\u30c9\u30eb\u30fc\u30eb\u306e\u5f37\u5316\u306b\u53d6\u308a\u7d44\u3093\u3067\u3044\u308b\u3068\u767a\u8868\u3057\u3066\u3044\u307e\u3059\u3002<br \/>\n\u53c2\u8003\uff1a<a href=\"https:\/\/msrc-blog.microsoft.com\/2021\/12\/11\/microsofts-response-to-cve-2021-44228-apache-log4j2\/\" target=\"_blank\" rel=\"noopener\">Microsoft\u2019s Response to CVE-2021-44228 Apache Log4j 2<\/a><\/p>\n<p><span style=\"color: #0000ff;\">(2021\/12\/15\u8ffd\u8a18)<\/span><br \/>\n<span style=\"color: #0000ff;\">\u4ee5\u4e0b\u306e\u30ac\u30a4\u30c0\u30f3\u30b9\u3067\u3001Default Rule Set (DRS) versions 1.0 and 1.1\u306e\u30eb\u30fc\u30eb\uff1a944240\u306b\u3066\u5bfe\u5fdc\u3057\u305f\u306e\u767a\u8868\u304c\u3042\u308a\u307e\u3057\u305f\u3002\u8a73\u7d30\u306b\u3064\u3044\u3066\u306f\u4ee5\u4e0b\u306e\u30ea\u30f3\u30af\u3092\u3054\u53c2\u7167\u304f\u3060\u3055\u3044\u3002<\/span><\/p>\n<p><a href=\"https:\/\/www.microsoft.com\/security\/blog\/2021\/12\/11\/guidance-for-preventing-detecting-and-hunting-for-cve-2021-44228-log4j-2-exploitation\/\" target=\"_blank\" rel=\"noopener\">Guidance for preventing, detecting, and hunting for CVE-2021-44228 Log4j 2 exploitation<\/a><\/p>\n<h2><span class=\"ez-toc-section\" id=\"%E6%9C%80%E5%BE%8C%E3%81%AB\"><\/span>\u6700\u5f8c\u306b<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u6839\u672c\u7684\u306a\u5bfe\u7b56\u3068\u3057\u3066\u306f\u3001\u8106\u5f31\u6027\u306b\u5bfe\u5fdc\u3057\u305flog4j\u3078\u306e\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3068\u306a\u308a\u307e\u3059\u304c\u3001\u5404UTM\u3084WAF\u306b\u3088\u308b\u7de9\u548c\u306b\u3064\u3044\u3066\u3082\u4e00\u5b9a\u306e\u52b9\u679c\u304c\u5f97\u3089\u308c\u308b\u3068\u8003\u3048\u3089\u308c\u307e\u3059\u306e\u3067\u3001\u3054\u53c2\u8003\u306b\u306a\u308c\u3070\u5e78\u3044\u3067\u3059\u3002<\/p>\n<p>\u307e\u305f\u3001\u5916\u90e8\u3078\u306e\u901a\u4fe1(\u30a2\u30a6\u30c8\u30d0\u30a6\u30f3\u30c9\u65b9\u5411)\u3092\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u7b49\u3067\u5236\u5fa1\u3057\u3066\u3044\u308c\u3070\u3001\u4e07\u304c\u4e00\u672c\u4ef6\u306e\u8106\u5f31\u6027\u3092\u7a81\u3044\u305f\u653b\u6483\u3092\u53d7\u3051\u305f\u5834\u5408\u306e\u5f71\u97ff\u3092\u7de9\u548c\u3067\u304d\u308b\u53ef\u80fd\u6027\u3082\u3042\u308a\u307e\u3059\u3002<\/p>\n<p>\u203b\u672c\u4ef6\u306f\u3001\u5916\u90e8\u304b\u3089\u306e\u30b3\u30fc\u30c9\u306e\u5b9f\u884c\u306bldap\u304c\u7528\u3044\u3089\u308c\u308b\u3053\u3068\u304c\u78ba\u8a8d\u3055\u308c\u3066\u304a\u308a\u3001\u5916\u90e8\u3078\u306e\u4e0d\u8981\u306aldap\u901a\u4fe1\u3092\u906e\u65ad\u3059\u308b\u3053\u3068\u304c\u7de9\u548c\u7b56\u306e\u4e00\u3064\u306b\u306a\u308b\u3068\u8003\u3048\u3089\u308c\u307e\u3059\u3002<br \/>\n\u3053\u308c\u3092\u6a5f\u306b\u3001\u30b5\u30fc\u30d0\u304b\u3089\u306e\u30a2\u30a6\u30c8\u30d0\u30a6\u30f3\u30c9\u901a\u4fe1\u306e\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u306b\u3064\u3044\u3066\u898b\u76f4\u3057\u3066\u307f\u308b\u3053\u3068\u3082\u304a\u3059\u3059\u3081\u3057\u307e\u3059\u3002<\/p>\n<p>\u6700\u5f8c\u307e\u3067\u304a\u8aad\u307f\u3044\u305f\u3060\u304d\u3042\u308a\u304c\u3068\u3046\u3054\u3056\u3044\u307e\u3057\u305f\uff01<br \/>\n\u7686\u69d8\u306e\u304a\u5f79\u306b\u305f\u3066\u307e\u3059\u3068\u5e78\u3044\u3067\u3059\u3002<\/p>\n<p>\u3010\u66f4\u65b0\u5c65\u6b74\u3011<br \/>\n2021\/12\/13 \u65b0\u898f\u516c\u958b<br \/>\n2021\/12\/13 \u8aa4\u5b57\u4fee\u6b63<br \/>\n2021\/12\/14 WatchGuard Technologies\u793e\u306e\u5bfe\u5fdc\u30b7\u30b0\u30cd\u30c1\u30e3\u306b\u3064\u3044\u3066\u8a18\u8f09<br \/>\n2021\/12\/15 CVE-2021-45046\u306b\u3064\u3044\u3066\u306e\u60c5\u5831\u3092\u8ffd\u8a18\u304a\u3088\u3073Azure WAF\u306e\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066\u66f4\u65b0<br \/>\n2021\/12\/16 Palo Alto Networks\u793e\u306ePanorama\u3078\u306e\u5f71\u97ff\u304a\u3088\u3073\u5bfe\u5fdc\u30b7\u30b0\u30cd\u30c1\u30e3ID\uff1a92001\u3092\u8ffd\u52a0<br \/>\n2021\/12\/16 A10 Networks\u793e\u306b\u3064\u3044\u3066\u60c5\u5831\u3092\u8ffd\u8a18<br \/>\n2021\/12\/18 CVE-2021-45046\u306eCVSS\u30b9\u30b3\u30a2\u66f4\u65b0\u304a\u3088\u30732.17.0\u306e\u30ea\u30ea\u30fc\u30b9\u3068\u65b0\u305f\u306b\u5831\u544a\u3055\u308c\u305f\u8106\u5f31\u6027(CVE-2021-45105)\u3092\u8ffd\u52a0<br \/>\n2021\/12\/29 CVE-2021-44832\u306b\u3064\u3044\u3066\u8ffd\u52a0<\/p>\n","protected":false},"excerpt":{"rendered":"\u203b\u672c\u8a18\u4e8b\u306e\u5185\u5bb9\u306f\u30012021\u5e7412\u670813\u65e5\u73fe\u5728\u306e\u516c\u958b\u60c5\u5831\u3092\u3082\u3068\u306b\u8a18\u8f09\u3057\u3066\u304a\u308a\u307e\u3059\u3002\u304a\u4f7f\u3044\u306e\u88fd\u54c1\u3067IPS\u6a5f\u80fd\u7b49\u304c\u5229\u7528\u3067\u304d\u308b\u30e9\u30a4\u30bb\u30f3\u30b9\u3067\u3042\u308b\u304b\u3001\u30b7\u30b0\u30cd\u30c1\u30e3\u7b49\u306e\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u65b9\u6cd5\u3084\u5177\u4f53\u7684\u306a\u691c\u77e5\u30fb\u9632\u5fa1\u306e\u8a2d\u5b9a\u65b9\u6cd5\u306b\u3064\u3044\u3066\u306f\u8cfc\u5165\u5143\u306e\u4ee3\u7406 [&hellip;]","protected":false},"author":16,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[49,55,56,59,68,58],"tags":[],"class_list":["post-9924","post","type-post","status-publish","format-standard","hentry","category-nw-device","category-paloalto","category-fortigate","category-big-ip","category-sonicwall","category-aws-azure"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.secuavail.com\/kb\/wp-json\/wp\/v2\/posts\/9924","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.secuavail.com\/kb\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.secuavail.com\/kb\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.secuavail.com\/kb\/wp-json\/wp\/v2\/users\/16"}],"replies":[{"embeddable":true,"href":"https:\/\/www.secuavail.com\/kb\/wp-json\/wp\/v2\/comments?post=9924"}],"version-history":[{"count":38,"href":"https:\/\/www.secuavail.com\/kb\/wp-json\/wp\/v2\/posts\/9924\/revisions"}],"predecessor-version":[{"id":16887,"href":"https:\/\/www.secuavail.com\/kb\/wp-json\/wp\/v2\/posts\/9924\/revisions\/16887"}],"wp:attachment":[{"href":"https:\/\/www.secuavail.com\/kb\/wp-json\/wp\/v2\/media?parent=9924"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.secuavail.com\/kb\/wp-json\/wp\/v2\/categories?post=9924"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.secuavail.com\/kb\/wp-json\/wp\/v2\/tags?post=9924"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}