Apache Log4j Installed (Linux / Unix)

info Nessus Plugin ID 156000

Synopsis

Apache Log4j, a logging API, is installed on the remote Linux / Unix host.

Description

One or more instances of Apache Log4j, a logging API, are installed on the remote Linux / Unix Host.

The plugin timeout can be set to a custom value other than the plugin's default of 45 minutes via the 'timeout.156000' scanner setting in Nessus 8.15.1 or later.

Note, this plugin runs certain commands differently if the scan is configured to use the 'Attempt Least Privilege' option. If enabled, scan times are expected to increase, especially on hosts with many files.

Please see https://docs.tenable.com/nessus/Content/SettingsAdvanced.htm#Custom for more information.

See Also

https://logging.apache.org/log4j/2.x/

Plugin Details

Severity: Info

ID: 156000

File Name: apache_log4j_nix_installed.nbin

Version: 1.268

Type: local

Agent: windows, macosx, unix

Family: Misc.

Published: 12/10/2021

Updated: 7/15/2025

Asset Inventory: true

Supported Sensors: Nessus Agent, Nessus

Vulnerability Information

CPE: cpe:/a:apache:log4j

Required KB Items: Host/local_checks_enabled, Host/uname

Reference Information

IAVA: 0001-A-0650

IAVT: 0001-T-0941