Lucene search

604B2FE5-9DF8-5C70-878D-2CCFAA39A6C1

HistoryJan 05, 2022 - 4:13 a.m.

Exploit for Deserialization of Untrusted Data in Apache Log4J

2022-01-0504:13:59

187

9 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

JSON

docker image build -t attacker-web dockers/attacker-web/
docker …

This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.

nessus

Apache Log4j 2.x < 2.16.0 RCE (MacOS) (deprecated)

2021-12-17 00:00:00

Ubuntu 20.04 LTS : Apache Log4j 2 vulnerability (USN-5197-1)

2021-12-15 00:00:00

Amazon Linux 2 : java-1.8.0-amazon-corretto (ALASCORRETTO8-2021-001)

2022-05-02 00:00:00

githubexploit

Exploit for Deserialization of Untrusted Data in Apache Log4J

2021-12-15 09:01:37

Exploit for Expression Language Injection in Apache Log4J

2021-12-18 11:43:56

Exploit for Expression Language Injection in Apache Log4J

2021-12-15 05:48:53

freebsd

OpenSearch -- Log4Shell

2021-12-14 00:00:00

graylog -- remote code execution in log4j from user-controlled log input

2021-11-14 00:00:00

cnvd

Apache log4j2 denial of service vulnerability

2021-12-16 00:00:00

kaspersky

KLA12391 RCE vulnerability in Apache Log4j

2021-12-14 00:00:00

osv

apache-log4j2 - security update

2021-12-16 00:00:00

Incomplete fix for Apache Log4j vulnerability

2021-12-14 18:01:28

CVE-2021-45046

2021-12-14 19:15:07

checkpoint_advisories

Apache Log4j Remote Code Execution (CVE-2021-44228; CVE-2021-45046)

2021-12-10 00:00:00

ibm

Security Bulletin: Multiple vulnerabilities in Apache log4j affect the IBM WebSphere Application Server and IBM WebSphere Application Server Liberty which are bundled in IBM WebSphere Hybrid Edition (CVE-2021-4104, CVE-2021-45046)

2022-01-05 21:21:18

Security Bulletin: Apache Log4j Vulnerability Affects IBM Secure Proxy (CVE-2021-44228)

2021-12-21 04:01:02

Security Bulletin: Multiple Vulnerabilities in Apache Log4j affect IBM Db2 Web Query for i

2021-12-21 17:06:21

redos

ROS-20211223-01

2021-12-23 00:00:00

fortinet

Apache log4j2 log messages substitution (CVE-2021-44228)

2021-12-12 00:00:00

securelist

CVE-2021-44228 vulnerability in Apache Log4j library

2021-12-13 14:10:21

Answering Log4Shell-related questions

2021-12-20 15:45:30

talosblog

Quarterly Report: Incident Response Trends in Q2 2022

2022-07-26 14:03:00

Quarterly Report: Incident Response Trends in Q3 2022

2022-10-25 12:00:00

vmware

VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)

2021-12-10 00:00:00

VMware Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228, CVE-2021-45046)

2021-12-10 00:00:00

VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)

2021-12-10 00:00:00

redhat

(RHSA-2021:5108) Critical: OpenShift Container Platform 4.8.z security update

2021-12-14 14:18:30

(RHSA-2021:5106) Critical: OpenShift Container Platform 4.6.z security update

2021-12-16 06:06:42

(RHSA-2021:5094) Moderate: OpenShift Container Platform 3.11.z security update

2021-12-14 05:40:01

nuclei

Apache Log4j2 - Remote Code Injection

2021-12-23 15:41:50

openvas

Debian: Security Advisory (DSA-5022-1)

2021-12-17 00:00:00

Apache Log4j 2.0.x Multiple Vulnerabilities (SMTP, Log4Shell) - Active Check

2022-01-20 00:00:00

Elastic Elasticsearch Multiple Log4j Vulnerabilities (ESA-2021-31, Log4Shell) - Active Check

2022-07-29 00:00:00

amazon

Critical: java-1.8.0-openjdk, java-1.7.0-openjdk, java-1.6.0-openjdk

2021-12-17 17:39:00

Critical: java-17-amazon-corretto, java-11-amazon-corretto, java-1.8.0-openjdk, java-1.7.0-openjdk

2021-12-17 18:12:00

Critical: aws-kinesis-agent

2021-12-16 00:11:00

gentoo

Ubiquiti UniFi: remote code execution via bundled log4j

2023-10-26 00:00:00

prion

Default configuration

2021-12-14 19:15:00

Authorization

2022-08-24 16:15:00

Race condition

2022-06-17 13:15:00

veracode

Denial Of Service (DoS)

2021-12-15 00:30:50

suse

Security update for log4j (important)

2021-12-20 00:00:00

Security update for log4j (important)

2021-12-17 00:00:00

thn

Researchers Uncover New Drokbk Malware that Uses GitHub as a Dead Drop Resolver

2022-12-09 11:25:00

Second Log4j Vulnerability (CVE-2021-45046) Discovered — New Patch Released

2021-12-15 05:26:00

Hackers Begin Exploiting Second Log4j Vulnerability as a Third Flaw Emerges

2021-12-16 06:24:00

cve

CVE-2021-45046

2021-12-14 19:15:00

CVE-2021-4125

2022-08-24 16:15:00

redhatcve

CVE-2021-45046

2022-05-07 14:27:31

threatpost

APT ‘Aquatic Panda’ Targets Universities with Log4Shell Exploit Tools

2021-12-30 16:16:23

mssecure

MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations

2022-08-25 16:00:00

intel

Intel® Product Advisory for Apache Log4j2 Vulnerabilities (CVE-2021-44228 & CVE-2021-45046)

2022-01-12 00:00:00

ubuntu

Apache Log4j 2 vulnerability

2021-12-15 00:00:00

typo3

Statement on Recent log4j/log4shell Vulnerabilities (CVE-2021-44228)

2021-12-16 00:00:00

debiancve

CVE-2021-45046

2021-12-14 19:15:00

kitploit

Log4J-Detector - Detects Log4J versions on your file-system within any application that are vulnerable to CVE-2021-44228 and CVE-2021-45046

2021-12-20 04:38:00

log4j-scan - A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts

2021-12-20 11:30:00

rapid7blog

How to Protect Your Applications Against Log4Shell With tCell

2021-12-15 14:58:14

impervablog

Log4Shell log4j Remote Code Execution – The COVID of the Internet

2022-01-06 16:41:56

malwarebytes

[Update: CISA issues Log4j vulnerabilities scanner] Log4j zero-day “Log4Shell” arrives just in time to ruin your weekend

2021-12-10 18:03:28

mmpc

MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations

2022-08-25 16:00:00

github

Remote code injection in Log4j

2021-12-10 00:40:56

Incomplete fix for Apache Log4j vulnerability

2021-12-14 18:01:28

cisa_kev

Apache Log4j2 Deserialization of Untrusted Data Vulnerability

2023-05-01 00:00:00

mageia

Updated log4j packages fix security vulnerability

2021-12-19 15:26:08

K32171392 : Apache Log4j2 vulnerability CVE-2021-45046

2021-12-16 00:00:00

huawei

Security Advisory - Apache log4j2 remote code execution vulnerabilities in some Huawei products

2021-12-15 00:00:00

ubuntucve

CVE-2021-45046

2021-12-14 00:00:00

debian

[SECURITY] [DSA 5022-1] apache-log4j2 security update

2021-12-16 10:29:17

attackerkb

CVE-2021-45046

2021-12-14 00:00:00

CVE-2021-44228 (Log4Shell)

2022-02-08 00:00:00

fedora

[SECURITY] Fedora 34 Update: log4j-2.17.0-1.fc34

2021-12-27 00:56:30

avleonov

Log4j “Log4Shell” RCE explained (CVE-2021-44228)

2021-12-26 22:07:17

qualysblog

How to Discover Log4Shell Vulnerabilities in Running Containers & Images

2021-12-27 19:39:34

symantec

Symantec Security Advisory for Log4j Vulnerability

2021-12-11 01:06:47

9 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

JSON

Exploit for Deserialization of Untrusted Data in Apache Log4J

Related