CRS and Log4j / Log4Shell / CVE-2021-44228
This is an evolving blog post with infos about the role of CRS in defending against the log4j vulnerabilities that threatens quite all logging JAVA applications. We believe the mitigations and rules suggested below will have you covered up to and including CVE-2021-45105.In January 2022, we have consolidated our knowledge into a pull request with …