Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Exploit for Deserialization of Untrusted Data in Apache Log4J

🗓️ 14 Dec 2021 22:05:50Type 
githubexploit
 githubexploit👁 272 Views

Exploit for Improper Input Validation in Apache Log4J. Repository with altered scripts related to CVE-2021-44228 ported to EDR environments. Scripts modified for compatibility with additional technologies' requirements. Palo Alto's Cortex XDR scripts rendered compatible by implementing incompatible Python modules and exposing an `xdr` entry point. Documentation of the `xdr` function's expected input and outputs can be found in each script. Two scripts to scan the filesystem for Log4j2 files vulnerable to Log4Shell (CVE-2021-44228) and check for exploitation attempts in local log files

Show more
Related
ReporterTitlePublishedViews
Family
Tenable Nessus		FreeBSD : graylog -- include log4j patches (3fadd7e4-f8fb-45a0-a218-8fd6423c338f)
13 Dec 202100:00
nessus
Tenable Nessus		Ubuntu 16.04 ESM : Apache Log4j 2 vulnerability (USN-5192-2)
17 Dec 202100:00
nessus
Tenable Nessus		VMware vCenter Log4Shell Direct Check (CVE-2021-44228) (VMSA-2021-0028)
13 Dec 202100:00
nessus
Tenable Nessus		FreeBSD : OpenSearch -- Log4Shell (4b1ac5a3-5bd4-11ec-8602-589cfc007716)
13 Dec 202100:00
nessus
Tenable Nessus		Cisco SD-WAN vManage Log4j Remote Code Execution (cisco-sa-apache-log4j-qRuKNEbd)
16 May 202200:00
nessus
Tenable Nessus		VMware Horizon Log4Shell Direct Check (CVE-2021-44228) (VMSA-2021-0028)
7 Jan 202200:00
nessus
Tenable Nessus		openSUSE 15 Security Update : log4j (openSUSE-SU-2021:1586-1)
17 Dec 202100:00
nessus
Tenable Nessus		openSUSE 15 Security Update : log4j (openSUSE-SU-2021:3999-1)
17 Dec 202100:00
nessus
Tenable Nessus		openSUSE 15 Security Update : logback (openSUSE-SU-2021:4109-1)
18 Dec 202100:00
nessus
Tenable Nessus		openSUSE 15 Security Update : logback (openSUSE-SU-2021:1613-1)
25 Dec 202100:00
nessus
Rows per page

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
14 Dec 2021 22:50Current
10High risk
Vulners AI Score10
CVSS29.3
CVSS310
EPSS0.97112
cve-2021-44228log4j2log4shelledrcortex xdrpython moduleslog filesexploitation attempts
272
.json
Report