{"id":158293,"date":"2021-12-23T14:58:53","date_gmt":"2021-12-23T14:58:53","guid":{"rendered":"https:\/\/onedesk.com\/onedesk-and-the-log4j-sicherheitsluecke\/"},"modified":"2021-12-23T14:59:11","modified_gmt":"2021-12-23T14:59:11","slug":"onedesk-and-the-log4j-sicherheitsluecke","status":"publish","type":"post","link":"https:\/\/onedesk.com\/de\/onedesk-and-the-log4j-sicherheitsluecke\/","title":{"rendered":"OneDesk und die Log4j-Sicherheitsl\u00fccke"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Eine Zero-Day-Schwachstelle mit Auswirkungen auf Version 2.0&lt; = 2.14.1 des Apache Log4j 2-Pakets wurde am 9. Dezember der \u00d6ffentlichkeit bekannt gegeben. (Weitere Informationen finden Sie im <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-44228\">CVE<\/a> .)<\/p>\n\n<p class=\"wp-block-paragraph\">Apache hat eine neue <a href=\"https:\/\/logging.apache.org\/log4j\/2.x\/security.html\">Log4j-Version<\/a> ver\u00f6ffentlicht, um die Schwachstelle zu beheben. Versionen dieser Bibliothek vor 2.15.0 sind anf\u00e4llig f\u00fcr Angriffe mit Remotecodeausf\u00fchrung. Weitere Informationen zu der Sicherheitsanf\u00e4lligkeit finden Sie im CVE.<\/p>\n\n<p class=\"wp-block-paragraph\">Wir haben unsere Cloud-SaaS-Plattform untersucht und die Verwendung betroffener log4j-Bibliotheken sowohl in unserem eigenen Code als auch in abh\u00e4ngigen Diensten best\u00e4tigt. Wir k\u00f6nnen versichern, dass die Sicherheitsanf\u00e4lligkeit aufgrund unterschiedlicher, bereits in der Umgebung vorhandener Schutzma\u00dfnahmen nicht ausgenutzt werden konnte.<\/p>\n\n<p class=\"wp-block-paragraph\">In weniger als 6 Stunden, nachdem wir auf diese Schwachstelle aufmerksam geworden waren, haben wir die behobene Bibliothek in unseren eigenen Code integriert (die Ver\u00f6ffentlichung ist geplant) und wir haben die Gegenma\u00dfnahmen von <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-44228\">Mitre.org<\/a> live angewendet<\/p>\n\n<p class=\"wp-block-paragraph\">Wir haben auch die Erkennungsregeln f\u00fcr unsere WAF angepasst und beobachten st\u00e4ndig auf Missbrauchsmuster.<\/p>\n\n<p class=\"wp-block-paragraph\">Am Samstagmorgen hatten wir Fixes f\u00fcr unsere On-Premise-Version von OneDesk ver\u00f6ffentlicht und begannen, unsere On-Premise-Kunden mit ma\u00dfgeschneiderten Ma\u00dfnahmen zur Minderung in ihren eigenen Umgebungen zu kontaktieren.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Eine Zero-Day-Schwachstelle mit Auswirkungen auf Version 2.0&lt; = 2.14.1 des Apache Log4j 2-Pakets wurde am 9. Dezember der \u00d6ffentlichkeit bekannt gegeben. (Weitere Informationen finden Sie im CVE .) Apache hat eine neue Log4j-Version ver\u00f6ffentlicht, um die Schwachstelle zu beheben. Versionen dieser Bibliothek vor 2.15.0 sind anf\u00e4llig f\u00fcr Angriffe mit Remotecodeausf\u00fchrung. Weitere Informationen zu der Sicherheitsanf\u00e4lligkeit [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"tpgb_global_settings":"","_crdt_document":"","inline_featured_image":false,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[9368],"tags":[],"class_list":["post-158293","post","type-post","status-publish","format-standard","hentry","category-unkategorisiert"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>OneDesk und die Log4j-Sicherheitsl\u00fccke | OneDesk-Software<\/title>\n<meta name=\"description\" content=\"OneDesk ist Helpdesk und Projektmanagement in einem. Erfahren Sie hier, wie OneDesk auf die Log4j-Sicherheitsl\u00fccke reagiert hat.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/onedesk.com\/de\/onedesk-and-the-log4j-sicherheitsluecke\/\" \/>\n<meta property=\"og:locale\" content=\"de_DE\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"OneDesk und die Log4j-Sicherheitsl\u00fccke | OneDesk-Software\" \/>\n<meta property=\"og:description\" content=\"OneDesk ist Helpdesk und Projektmanagement in einem. Erfahren Sie hier, wie OneDesk auf die Log4j-Sicherheitsl\u00fccke reagiert hat.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/onedesk.com\/de\/onedesk-and-the-log4j-sicherheitsluecke\/\" \/>\n<meta property=\"og:site_name\" content=\"OneDesk\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/OneDeskApp\" \/>\n<meta property=\"article:published_time\" content=\"2021-12-23T14:58:53+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-12-23T14:59:11+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/onedesk.com\/wp-content\/uploads\/2020\/04\/OneDesk-Logo.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"800\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"server.admin@onedesk.com\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@OneDeskApp\" \/>\n<meta name=\"twitter:site\" content=\"@OneDeskApp\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"server.admin@onedesk.com\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"OneDesk und die Log4j-Sicherheitsl\u00fccke | OneDesk-Software","description":"OneDesk ist Helpdesk und Projektmanagement in einem. Erfahren Sie hier, wie OneDesk auf die Log4j-Sicherheitsl\u00fccke reagiert hat.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/onedesk.com\/de\/onedesk-and-the-log4j-sicherheitsluecke\/","og_locale":"de_DE","og_type":"article","og_title":"OneDesk und die Log4j-Sicherheitsl\u00fccke | OneDesk-Software","og_description":"OneDesk ist Helpdesk und Projektmanagement in einem. Erfahren Sie hier, wie OneDesk auf die Log4j-Sicherheitsl\u00fccke reagiert hat.","og_url":"https:\/\/onedesk.com\/de\/onedesk-and-the-log4j-sicherheitsluecke\/","og_site_name":"OneDesk","article_publisher":"https:\/\/www.facebook.com\/OneDeskApp","article_published_time":"2021-12-23T14:58:53+00:00","article_modified_time":"2021-12-23T14:59:11+00:00","og_image":[{"width":1280,"height":800,"url":"https:\/\/onedesk.com\/wp-content\/uploads\/2020\/04\/OneDesk-Logo.png","type":"image\/png"}],"author":"server.admin@onedesk.com","twitter_card":"summary_large_image","twitter_creator":"@OneDeskApp","twitter_site":"@OneDeskApp","twitter_misc":{"Written by":"server.admin@onedesk.com","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/onedesk.com\/de\/onedesk-and-the-log4j-sicherheitsluecke\/#article","isPartOf":{"@id":"https:\/\/onedesk.com\/de\/onedesk-and-the-log4j-sicherheitsluecke\/"},"author":{"name":"server.admin@onedesk.com","@id":"https:\/\/onedesk.com\/de\/#\/schema\/person\/5b1c9037f7136dadc6dc47cc4c40a58b"},"headline":"OneDesk und die Log4j-Sicherheitsl\u00fccke","datePublished":"2021-12-23T14:58:53+00:00","dateModified":"2021-12-23T14:59:11+00:00","mainEntityOfPage":{"@id":"https:\/\/onedesk.com\/de\/onedesk-and-the-log4j-sicherheitsluecke\/"},"wordCount":196,"commentCount":0,"publisher":{"@id":"https:\/\/onedesk.com\/de\/#organization"},"articleSection":["Unkategorisiert"],"inLanguage":"de-DE","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/onedesk.com\/de\/onedesk-and-the-log4j-sicherheitsluecke\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/onedesk.com\/de\/onedesk-and-the-log4j-sicherheitsluecke\/","url":"https:\/\/onedesk.com\/de\/onedesk-and-the-log4j-sicherheitsluecke\/","name":"OneDesk und die Log4j-Sicherheitsl\u00fccke | OneDesk-Software","isPartOf":{"@id":"https:\/\/onedesk.com\/de\/#website"},"datePublished":"2021-12-23T14:58:53+00:00","dateModified":"2021-12-23T14:59:11+00:00","description":"OneDesk ist Helpdesk und Projektmanagement in einem. Erfahren Sie hier, wie OneDesk auf die Log4j-Sicherheitsl\u00fccke reagiert hat.","inLanguage":"de-DE","potentialAction":[{"@type":"ReadAction","target":["https:\/\/onedesk.com\/de\/onedesk-and-the-log4j-sicherheitsluecke\/"]}]},{"@type":"WebSite","@id":"https:\/\/onedesk.com\/de\/#website","url":"https:\/\/onedesk.com\/de\/","name":"OneDesk","description":"Projektmanagement- und Helpdesk-Software","publisher":{"@id":"https:\/\/onedesk.com\/de\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/onedesk.com\/de\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"de-DE"},{"@type":"Organization","@id":"https:\/\/onedesk.com\/de\/#organization","name":"OneDesk","url":"https:\/\/onedesk.com\/de\/","logo":{"@type":"ImageObject","inLanguage":"de-DE","@id":"https:\/\/onedesk.com\/de\/#\/schema\/logo\/image\/","url":"https:\/\/onedesk.com\/wp-content\/uploads\/2016\/01\/white-logo-small.png","contentUrl":"https:\/\/onedesk.com\/wp-content\/uploads\/2016\/01\/white-logo-small.png","width":207,"height":40,"caption":"OneDesk"},"image":{"@id":"https:\/\/onedesk.com\/de\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/OneDeskApp","https:\/\/x.com\/OneDeskApp","https:\/\/www.instagram.com\/onedeskapp\/","https:\/\/www.linkedin.com\/company\/onedesk-inc-1","https:\/\/www.pinterest.com\/onedesk\/","https:\/\/www.youtube.com\/user\/OneDeskApp"]},{"@type":"Person","@id":"https:\/\/onedesk.com\/de\/#\/schema\/person\/5b1c9037f7136dadc6dc47cc4c40a58b","name":"server.admin@onedesk.com","image":{"@type":"ImageObject","inLanguage":"de-DE","@id":"https:\/\/secure.gravatar.com\/avatar\/a37d6b270be81ecbf4ab9ca7260f2d1ee4d0295343706f0648e9d7a0d75243d3?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/a37d6b270be81ecbf4ab9ca7260f2d1ee4d0295343706f0648e9d7a0d75243d3?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/a37d6b270be81ecbf4ab9ca7260f2d1ee4d0295343706f0648e9d7a0d75243d3?s=96&d=mm&r=g","caption":"server.admin@onedesk.com"},"url":"https:\/\/onedesk.com\/de\/author\/server-adminonedesk-com\/"}]}},"jetpack_featured_media_url":"","tpgb_featured_images":null,"tpgb_post_meta_info":{"get_date":"December 23, 2021","get_modified_date":"December 23, 2021","category_list":{"category":[{"term_id":9368,"name":"Unkategorisiert","slug":"unkategorisiert","term_group":0,"term_taxonomy_id":9368,"taxonomy":"category","description":"","parent":0,"count":4,"filter":"raw","term_order":"0"}],"post_tag":false,"post_format":false},"author_name":"server.admin@onedesk.com","author_url":"https:\/\/onedesk.com\/de\/author\/server-adminonedesk-com\/","author_email":"server.admin@onedesk.com","author_website":"","author_description":"","author_facebook":"","author_twitter":"","author_instagram":"","author_role":["administrator"],"author_firstname":"","author_lastname":"","user_login":"server.admin@onedesk.com","author_avatar":"<img alt='' src='https:\/\/secure.gravatar.com\/avatar\/a37d6b270be81ecbf4ab9ca7260f2d1ee4d0295343706f0648e9d7a0d75243d3?s=200&#038;d=mm&#038;r=g' srcset='https:\/\/secure.gravatar.com\/avatar\/a37d6b270be81ecbf4ab9ca7260f2d1ee4d0295343706f0648e9d7a0d75243d3?s=400&#038;d=mm&#038;r=g 2x' class='avatar avatar-200 photo' height='200' width='200' decoding='async'\/>","author_avatar_url":"https:\/\/secure.gravatar.com\/avatar\/a37d6b270be81ecbf4ab9ca7260f2d1ee4d0295343706f0648e9d7a0d75243d3?s=96&d=mm&r=g","comment_count":0,"post_likes":0,"post_views":0},"tpgb_post_category":{"category":"<a href=\"https:\/\/onedesk.com\/de\/category\/unkategorisiert\/\" alt=\"Unkategorisiert\"  class=\"category-unkategorisiert\">Unkategorisiert<\/a> "},"jetpack_shortlink":"https:\/\/wp.me\/pfpPaI-Fb7","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/onedesk.com\/de\/wp-json\/wp\/v2\/posts\/158293","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/onedesk.com\/de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/onedesk.com\/de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/onedesk.com\/de\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/onedesk.com\/de\/wp-json\/wp\/v2\/comments?post=158293"}],"version-history":[{"count":2,"href":"https:\/\/onedesk.com\/de\/wp-json\/wp\/v2\/posts\/158293\/revisions"}],"predecessor-version":[{"id":158298,"href":"https:\/\/onedesk.com\/de\/wp-json\/wp\/v2\/posts\/158293\/revisions\/158298"}],"wp:attachment":[{"href":"https:\/\/onedesk.com\/de\/wp-json\/wp\/v2\/media?parent=158293"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/onedesk.com\/de\/wp-json\/wp\/v2\/categories?post=158293"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/onedesk.com\/de\/wp-json\/wp\/v2\/tags?post=158293"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}