This indicates an attack attempt to exploit a Denial of Service Vulnerability in Apache Log4j.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote attacker could exploit these vulnerabilities by sending a crafted request to the target server. Successful exploitation could result in a denial-of-service condition.

description-logoOutbreak Alert

A 0-day exploit was discovered on a popular Java library Log4j2 that can result to a Remote Code Execution (RCE). This is a widely deployed library, and while systems protected by Fortinet Security Fabric are secured by the protections below, all systems need to upgrade ASAP as this is 10.0 severity. Due to the high visibility and attention, subsequent vulnerabilities have since emerged

View the full Outbreak Alert Report

affected-products-logoAffected Products

Apache Log4j 2.0-beta9 prior to 2.17.0

Impact logoImpact

Denial of Service: Remote attackers can crash vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.

Telemetry logoTelemetry


IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2022-01-19 19.244 Sig Added
2021-12-23 19.225 Sig Added
2021-12-23 19.225 Default_action:pass:drop
2021-12-21 19.223