Apache Log4j JAR Detection (Windows)

info Nessus Plugin ID 156001

Synopsis

Apache Log4j is installed on the remote Windows host.

Description

One or more instances of Apache Log4j, a logging API, are installed on the remote Windows Host.

- Powershell version 5 or greater is required for this plugin.

- If the 'Perform thorough tests' setting is enabled, this plugin will inspect the manifest and properties files of the detected Java archive files.

- The plugin timeout can be set to a custom value other than the plugin's default of 60 minutes via the 'timeout.156001' scanner setting in Nessus 8.15.1 or later.

Please see https://docs.tenable.com/nessus/Content/SettingsAdvanced.htm#Custom for more information.

See Also

https://logging.apache.org/log4j/2.x/

Plugin Details

Severity: Info

ID: 156001

File Name: apache_log4j_win_installed.nbin

Version: 1.33

Type: local

Agent: windows

Family: Misc.

Published: 12/10/2021

Updated: 5/18/2022

Asset Inventory: true

Supported Sensors: Nessus Agent

Vulnerability Information

CPE: cpe:/a:apache:log4j

Required KB Items: SMB/Registry/Enumerated, SMB/WMI/Available

Reference Information

IAVA: 0001-A-0650

IAVT: 0001-T-0941