Looking behind the immediate pain of Java’s now infamous logging library Log4j:
- How do the vulnerabilities work and how to exploint them? Also, how critical are they in reality?
- Why is it relatively complex to detect and evaluate both for custom and off the shelf software?
- What it means for a widely used product like Elasticsearch?
- How can you monitor exploitation attempts?
PS: Full blog post for Log4Shell and Elasticsearch.