Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

263EF054-554A-53DB-B4B4-43AF73AA38C4

HistoryNov 13, 2023 - 4:57 p.m.

Vulners
/
Githubexploit
/
Exploit for Deserialization of Untrusted Data in Apache Log4J

Exploit for Deserialization of Untrusted Data in Apache Log4J

2023-11-1316:57:22

302

apache log4j

cve-2021-44228

remote access

vulnerability

reconnaissance

nmap

proof of concept

input manipulation

jndi syntax

java package

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

AI Score

9.8

Confidence

High

EPSS

0.965

Percentile

99.6%

JSON

Log4j Vulnerability - CVE-2021-44228 :green_book:

**Int…

This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.

rapid7blog 5

redhat 2

qualysblog 3

githubexploit 83

suse 3

ibm 64

debian 1

kitploit 2

nessus 7

mssecure 1

hivepro 2

hackerone 2

msrc 1

ics 2

impervablog 1

freebsd 1

github 2

openvas 1

kaspersky 1

qt 1

metasploit 1

osv 1

wordfence 1

mmpc 2

zdt 1

cisa 2

exploitdb 1

ubuntu 1

threatpost 3

fedora 1

thn 1

rapid7blog

Using InsightVM to Find Apache Log4j CVE-2021-44228

2021-12-14 14:17:29

Test for Log4Shell With InsightAppSec Using New Functionality

2021-12-22 21:50:50

5 Security Projects That Are Giving Back

2022-01-04 18:44:58

redhat

(RHSA-2021:5138) Critical: Red Hat AMQ Streams 1.8.4 release and security update

2021-12-14 21:45:43

(RHSA-2021:5140) Low: Red Hat JBoss Enterprise Application Platform 7.4 security update

2021-12-15 02:55:01

qualysblog

Log4Shell Exploit Detection and Response with Qualys Multi-Vector EDR

2021-12-14 23:55:59

What’s Next After Log4Shell?

2023-02-22 03:36:56

How to Make Log4Shell Remediation Quick & Effective

2022-01-11 16:58:48

githubexploit

Exploit for Expression Language Injection in Apache Log4J

2021-12-15 02:31:14

Exploit for Deserialization of Untrusted Data in Apache Log4J

2021-12-14 08:21:11

Exploit for Expression Language Injection in Apache Log4J

2021-12-15 22:30:34

suse

Security update for log4j (important)

2021-12-15 00:00:00

Security update for logback (important)

2021-12-17 00:00:00

Security update for log4j (important)

2021-12-15 00:00:00

ibm

Security Bulletin: Vulnerability in Apache Log4j (CVE-2021-44228) affects MaaS360 Enterprise Gateway

2021-12-17 13:57:26

Security Bulletin: Vulnerability in Apache Log4j affects IBM Spectrum Scale (CVE-2021-44228)

2021-12-22 18:58:03

Security Bulletin: Security vulnerability has been identified in Apache Log4j library shipped with IBM License Metric Tool v9 (CVE-2021-44228).

2021-12-17 09:37:53

debian

[SECURITY] [DLA 2842-1] apache-log4j2 security update

2021-12-12 15:09:37

kitploit

Log4J-Detect - Script To Detect The "Log4j" Java Library Vulnerability (CVE-2021-44228) For A List Of URLs With Multithreading

2022-01-06 11:30:00

CVE-Vulnerability-Information-Downloader - Downloads Information From NIST (CVSS), First.Org (EPSS), And CISA (Exploited Vulnerabilities) And Combines Them Into One List

2023-02-25 11:30:00

nessus

Apache JSPWiki Log4Shell Direct Check (CVE-2021-44228)

2022-01-07 00:00:00

VMware vRealize Operations Manager Log4Shell Direct Check (CVE-2021-44228) (VMSA-2021-0028)

2022-01-21 00:00:00

MobileIron Core Log4Shell Direct Check (CVE-2021-44228)

2022-01-21 00:00:00

mssecure

Build a stronger cybersecurity team through diversity and training

2022-01-20 17:00:00

hivepro

Deep Panda deploys new rootkit “Fire Chili” by exploiting Log4shell in VMware horizon

2022-04-05 12:57:28

Lazarus’s Operation Blacksmith Deploys Novel Dlang RATs

2023-12-13 06:46:17

hackerone

U.S. Dept Of Defense: LOGJ4 VUlnerability [HtUS]

2022-07-04 14:01:23

Acronis: [CVE-2021-44228] Arbitrary Code Execution on ng01-cloud.acronis.com

2022-01-25 07:33:15

msrc

Microsoft’s Response to CVE-2021-44228 Apache Log4j 2

2021-12-12 08:00:00

ics

Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester

2022-11-25 12:00:00

Sensormatic PowerManage (Update A)

2022-03-08 12:00:00

impervablog

How We’re Protecting Customers & Staying Ahead of CVE-2021-44228

2021-12-11 02:31:39

freebsd

openhab -- log4j remote code injection

2021-12-10 00:00:00

github

Critical vulnerability in log4j may affect generated PEAR projects

2021-12-16 21:01:51

Using GitHub’s security features to help identify Log4j exposure in your codebase

2021-12-14 19:46:00

openvas

openSUSE: Security Advisory for logback (openSUSE-SU-2021:4109-1)

2022-02-01 00:00:00

kaspersky

KLA12393 RCE vulnerability in Microsoft System Center

2021-12-16 00:00:00

The Qt Company Products Are Not Affected by CVE-2021-44228 (Log4j vulnerability)

2021-12-15 00:00:00

metasploit

UniFi Network Application Unauthenticated JNDI Injection RCE (via Log4Shell)

2022-01-19 22:51:31

osv

Apache Log4j Remote Code Execution

2021-12-14 21:07:14

wordfence

Analyzing Attack Data and Trends Targeting Log4J

2022-08-02 14:06:05

mmpc

MERCURY and DEV-1084: Destructive attack on hybrid environment

2023-04-07 16:00:00

Build a stronger cybersecurity team through diversity and training

2022-01-20 17:00:00

zdt

MobileIron Log4Shell Remote Command Execution Exploit

2022-08-04 00:00:00

cisa

Apache Releases Log4j Version 2.15.0 to Address Critical RCE Vulnerability Under Exploitation

2021-12-10 00:00:00

Ivanti Updates Log4j Advisory with Security Updates for Multiple Products

2022-01-14 00:00:00

exploitdb

Apache Log4j2 2.14.1 - Information Disclosure

2021-12-14 00:00:00

ubuntu

Apache Log4j 2 vulnerability

2021-12-17 00:00:00

threatpost

Conti Ransomware Gang Has Full Log4Shell Attack Chain

2021-12-20 22:11:30

FTC to Go After Companies that Ignore Log4j

2022-01-05 19:00:03

The Log4j Vulnerability Puts Pressure on the Security World

2022-01-18 20:21:04

fedora

[SECURITY] Fedora 34 Update: jansi-2.1.1-4.fc34

2021-12-22 01:14:26

thn

NHS Warns of Hackers Targeting Log4j Flaws in VMware Horizon

2022-01-08 07:04:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

AI Score

9.8

Confidence

High

EPSS

0.965

Percentile

99.6%

JSON

Related for 263EF054-554A-53DB-B4B4-43AF73AA38C4

Exploit for Deserialization of Untrusted Data in Apache Log4J

Log4j Vulnerability - CVE-2021-44228 :green_book:

**Int…

Related