Detect and Mitigate the Log4j2 Remote Code Execution Flaw with JD Cloud Tools

Log4j2 has been disclosed to contain a critical remote code execution vulnerability that can be exploited with a single crafted request, affecting thousands of open‑source projects and the majority of enterprise systems.

Free Vulnerability Scanning

JD Cloud provides a free online scanner at https://threatscanner-console.jdcloud.com/jsecscanner/overview . Users can create a scan task, select the Log4j2 remote code execution option, choose assets, and run the scan to quickly identify vulnerable services.

Rapid Defense with Web Application Firewall

JD Cloud's Web Application Firewall (WAF) has released updated rules that block Log4j2 payloads in URLs, request bodies, and headers. Users can enable the normal or strict rule set in the WAF console to protect their domains.

Starshield (Cloudflare) Protection

Starshield’s security acceleration team has added three dedicated rules for Log4j2—covering Headers, Body, and URI—within the Specials rule set. Enabling these rules on the Starshield console instantly hardens sites against Log4j2 variants.

Vulnerability Fix Recommendations

1. Identify Java applications : Check whether applications include

log4j-api

and

log4j-core

JARs (e.g., Apache Solr, Flink, Druid, Dubbo, Spring‑Boot). Upgrade to the latest Log4j2 version (e.g., 2.16.0) from the official release page.

2. Immediate mitigation :

Set JVM parameter

-Dlog4j2.formatMsgNoLookups=true

.

Configure

log4j2.formatMsgNoLookups=true

in Log4j2 settings.

Set environment variable

FORMAT_MESSAGES_PATTERN_DISABLE_LOOKUPS=true

. (Requires Log4j2 ≥ 2.10.)

3. Upgrade JDK : Move to JDK 6u11, 7u201, 8u191, or 11.0.1 and later to limit JNDI‑related exploits.

Following these steps helps organizations quickly assess impact, apply defensive rules, and remediate the Log4j2 vulnerability across their cloud workloads.