Lucene search
58EF8145-CD0F-540D-BD38-E3B6679A607CHistoryMay 28, 2024 - 1:40 p.m.
Exploit for Deserialization of Untrusted Data in Apache Log4J
2024-05-2813:40:20
60
apache log4j
improper input validation
cve-2021-44228
proof-of-concept
vulnerable application
docker
java version
account requirement
disclaimer
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
0.976 High
EPSS
Percentile
100.0%
log4j-shell-poc
A Proof-Of-Concept for the recently found CVE-…
This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.
Related
nessus
nessus
Cisco SD-WAN vManage Log4j Remote Code Execution (cisco-sa-apache-log4j-qRuKNEbd)
2022-05-16 00:00:00
VMware Horizon Log4Shell Direct Check (CVE-2021-44228) (VMSA-2021-0028)
2022-01-07 00:00:00
VMware vCenter Log4Shell Direct Check (CVE-2021-44228) (VMSA-2021-0028)
2021-12-13 00:00:00
packetstorm
packetstorm
MobileIron Log4Shell Remote Command Execution
2022-08-03 00:00:00
Intel Data Center Manager 5.1 Local Privilege Escalation
2022-12-09 00:00:00
Log4Shell HTTP Header Injection
2022-01-12 00:00:00
ibm
ibm
Security Bulletin: Content Manager OnDemand for Multiplatforms is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-44228)
2022-07-13 12:39:40
cisa_kev
cisa_kev
Apache Log4j2 Remote Code Execution Vulnerability
2021-12-10 00:00:00
githubexploit
githubexploit
Exploit for Improper Input Validation in Apache Log4J
2021-12-21 08:13:35
Exploit for Expression Language Injection in Apache Log4J
2021-12-14 14:51:26
Exploit for Deserialization of Untrusted Data in Apache Log4J
2021-12-24 19:26:36
osv
osv
Critical vulnerability in log4j may affect generated PEAR projects
2021-12-16 21:01:51
hivepro
hivepro
Iranian hackers leveraged Log4Shell to penetrate US federal agency
2022-11-17 12:28:57
msrc
msrc
CVE-2021-44228 Apache Log4j 2 に対するマイクロソフトの対応
2021-12-12 08:00:00
Microsoft’s Response to CVE-2021-44228 Apache Log4j 2
2021-12-12 05:28:18
trellix
trellix
Log4J and The Memory That Knew Too Much
2022-01-19 00:00:00
mssecure
mssecure
MERCURY and DEV-1084: Destructive attack on hybrid environment
2023-04-07 16:00:00
talosblog
talosblog
How CVSS 4.0 changes (or doesn’t) the way we see vulnerability severity
2024-02-21 13:54:48
rapid7blog
rapid7blog
Metasploit Framework 6.4 Released
2024-03-25 13:33:28
[Security Nation] Mike Hanley of GitHub on the Log4j Vulnerability
2022-01-19 21:47:30
3 Reasons to Join Rapid7’s Cloud Security Summit
2022-03-09 17:06:13
openvas
openvas
Debian: Security Advisory (DLA-2842-1)
2021-12-13 00:00:00
openSUSE: Security Advisory for logback (openSUSE-SU-2021:1613-1)
2022-02-01 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: log4j-2.16.0-1.fc34
2021-12-22 01:14:26
kaspersky
kaspersky
KLA12395 RCE vulnerability in Microsoft SQL Server
2021-12-16 00:00:00
KLA12390 RCE vulnerability in Apache Log4j
2021-12-10 00:00:00
KLA12392 RCE vulnerability in Microsoft Azure
2021-12-16 00:00:00
threatpost
threatpost
The 5 Most-Wanted Threatpost Stories of 2021
2021-12-27 18:57:24
Wormhole Crypto Platform: 'Funds Are Safe' After $314M Heist
2022-02-03 18:28:14
Medusa Malware Joins Flubot's Android Distribution Network
2022-02-07 22:13:29
qualysblog
qualysblog
Log4Shell – Follow This Multi-Layered Approach for Detection and Remediation
2021-12-28 18:00:00
Qualys Study Reveals How Enterprises Responded to Log4Shell
2022-03-18 13:00:00
impervablog
impervablog
Analytics Are Essential for Effective Database Security
2022-01-13 15:23:02
Continuing to Stay Ahead of CVE-2021-44228: Addressing Your Top Questions
2021-12-14 22:55:49
hackerone
hackerone
U.S. Dept Of Defense: ███ ████████ running a vulnerable log4j
2021-12-31 00:55:49
U.S. Dept Of Defense: ██████████ running a vulnerable log4j
2021-12-11 00:16:38
veracode
veracode
Remote Code Execution (RCE)
2021-12-10 15:09:45
cve
cve
CVE-2021-44228
2021-12-10 10:15:09
wallarmlab
wallarmlab
Update on Log4Shell (CVE-2021-44228)
2021-12-10 20:22:36
5 things you must know about Log4Shell
2021-12-11 01:22:39
trendmicroblog
trendmicroblog
Patch Now: Apache Log4j Vulnerability Called Log4Shell Actively Exploited
2021-12-13 00:00:00
redhat
redhat
akamaiblog
akamaiblog
cisa
cisa
amd
amd
AMD Response to Log4j (Log4Shell) Vulnerability
2021-12-15 00:00:00
zdt
zdt
VMware vCenter Server Unauthenticated Log4Shell JNDI Injection Remote Code Execution Exploit
2022-01-20 00:00:00
Apache Log4j2 2.14.1 - Information Disclosure Exploit
2021-12-14 00:00:00
mageia
mageia
Updated log4j packages fix security vulnerability
2021-12-11 04:02:37
metasploit
metasploit
VMware vCenter Server Unauthenticated JNDI Injection RCE (via Log4Shell)
2022-01-12 20:34:45
f5
f5
K19026212 : Apache Log4j2 Remote Code Execution vulnerability CVE-2021-44228
2021-12-10 00:00:00
thn
thn
freebsd
freebsd
bastillion -- log4j vulnerability
2021-12-10 00:00:00
serviio -- affected by log4j vulnerability
2021-12-13 00:00:00
malwarebytes
malwarebytes
What SMBs can do to protect against Log4Shell attacks
2021-12-15 20:59:31
suse
suse
Security update for log4j (important)
2021-12-13 00:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
0.976 High
EPSS
Percentile
100.0%
Related for 58EF8145-CD0F-540D-BD38-E3B6679A607C