A zero-day exploit affecting the Apache Log4j version from 2.0-beta9 to 2.14.1 was made public on December 9, 2021, as to which JNDI features used in the configuration, log messages, and parameters do not protect against attacker-controlled LDAP and other …
The post Guidance for reducing Apache Log4j security vulnerability (CVE-2021-44228) risk with Citrix WAF first appeared on Citrix Blogs.