Lucene search

Exploit for Deserialization of Untrusted Data in Apache Log4J

🗓️ 16 Jan 2022 16:19:39Type

Apache Log4J exploit for log4shell injection, vulnerable to CVE-2021-44228. log4stdin.jar uses Maven artefacts log4j-api 2.14.1 and log4j-core 2.14.1, allowing JNDI injection point.

Reporter	Title	Published	Views	Family All 200
Tenable Nessus	FreeBSD : graylog -- include log4j patches (3fadd7e4-f8fb-45a0-a218-8fd6423c338f)	13 Dec 202100:00	–	nessus
Tenable Nessus	Ubuntu 16.04 ESM : Apache Log4j 2 vulnerability (USN-5192-2)	17 Dec 202100:00	–	nessus
Tenable Nessus	VMware vCenter Log4Shell Direct Check (CVE-2021-44228) (VMSA-2021-0028)	13 Dec 202100:00	–	nessus
Tenable Nessus	FreeBSD : OpenSearch -- Log4Shell (4b1ac5a3-5bd4-11ec-8602-589cfc007716)	13 Dec 202100:00	–	nessus
Tenable Nessus	VMware Horizon Log4Shell Direct Check (CVE-2021-44228) (VMSA-2021-0028)	7 Jan 202200:00	–	nessus
Tenable Nessus	Cisco SD-WAN vManage Log4j Remote Code Execution (cisco-sa-apache-log4j-qRuKNEbd)	16 May 202200:00	–	nessus
IBM Security Bulletins	Security Bulletin: IBM Insurance Information Warehouse is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-44228)	30 Dec 202118:32	–	ibm
IBM Security Bulletins	Security Bulletin: Content Manager OnDemand for Multiplatforms is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-44228)	13 Jul 202212:39	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Apache Log4j affects IBM Data Risk Manager (CVE-2021-44228)	16 Dec 202104:28	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in SANNav Software used by IBM b-type SAN directors and switches.	20 Dec 202121:32	–	ibm

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

16 Jan 2022 16:39Current

10High risk

Vulners AI Score10

CVSS29.3

CVSS310

EPSS0.97112