nicolas
/
demo-rhacs
mirror of https://github.com/nmasse-itix/demo-rhacs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
A demo of Red Hat Advanced Cluster Security
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
116 KiB
 
 
Tree: 7f052e2eb0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7f052e2eb0'
${ noResults }
demo-rhacs/policy/log4shell.json

70 lines
3.0 KiB
Raw Blame History

{
"policies": [
{
"id": "7f0ef11c-f9b1-4af1-9181-e24b1c27285c",
"name": "Log4Shell",
"description": "Alert on deployments with images containing the Log4Shell vulnerabilities (CVE-2021-44228 and CVE-2021-45046). There are flaws in the Java logging library Apache Log4j in versions from 2.0-beta9 to 2.15.0, excluding 2.12.2.",
"rationale": "These vulnerabilities allows a remote attacker to execute code on the server if the system logs an attacker-controlled string value with the attacker's JNDI LDAP server lookup.",
"remediation": "Update the log4j libary to version 2.16.0 (for Java 8 or later), 2.12.2 (for Java 7) or later. If not possible to upgrade, then remove the JndiLookup class from the classpath: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class and annotate the image with cve.log4shell.remediation=applied.",
"disabled": false,
"categories": [
"Vulnerability Management"
],
"fields": null,
"lifecycleStages": [
"BUILD",
"DEPLOY"
],
"eventSource": "NOT_APPLICABLE",
"whitelists": [],
"exclusions": [],
"scope": [],
"severity": "CRITICAL_SEVERITY",
"enforcementActions": [
"FAIL_BUILD_ENFORCEMENT"
],
"notifiers": [
"27197fcf-5d2c-4fb6-a9bd-9e755f739944"
],
"lastUpdated": "2022-02-21T14:19:19.206939932Z",
"SORTName": "",
"SORTLifecycleStage": "",
"SORTEnforcement": false,
"policyVersion": "1.1",
"policySections": [
{
"sectionName": "",
"policyGroups": [
{
"fieldName": "CVE",
"booleanOperator": "OR",
"negate": false,
"values": [
{
"value": "CVE-2021-44228"
},
{
"value": "CVE-2021-45046"
}
]
},
{
"fieldName": "Required Image Label",
"booleanOperator": "OR",
"negate": false,
"values": [
{
"value": "cve.log4shell.remediation=applied"
}
]
}
]
}
],
"mitreAttackVectors": [],
"criteriaLocked": false,
"mitreVectorsLocked": false,
"isDefault": false
}
]
}