Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
githubexploitFA2E2C3F-6F4C-5B17-ABFC-FC95FA17C474
HistoryApr 15, 2023 - 12:47 p.m.

Exploit for Expression Language Injection in Apache Log4J

2023-04-1512:47:39
119
apache log4j
exploit
resource consumption
fork bomb
cve-2021-44228
jre.

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

10

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

AI Score

10

Confidence

High

EPSS

0.965

Percentile

99.6%

JSON

log4j-exploit-with-fork-bomb

💣💥💀 Proof of Concept: пример запу…

This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.

Related

githubexploit 80
suse 3
github 2
openvas 1
ibm 64
impervablog 1
redhat 2
qualysblog 3
rapid7blog 5
debian 1
kitploit 2
nessus 6
mssecure 1
hivepro 3
hackerone 2
msrc 1
ics 2
mmpc 2
zdt 1
wordfence 1
exploitdb 1
osv 2
metasploit 1
qt 1
kaspersky 1
freebsd 1
cisa 2
ubuntu 1
threatpost 3
fedora 1
thn 2
githubexploit
githubexploit
Exploit for Expression Language Injection in Apache Log4J
2021-12-13 00:14:45
Exploit for Expression Language Injection in Apache Log4J
2021-12-19 17:53:31
Exploit for Deserialization of Untrusted Data in Apache Log4J
2022-12-30 02:46:33
suse
suse
Security update for log4j (important)
2021-12-15 00:00:00
Security update for log4j (important)
2021-12-15 00:00:00
Security update for logback (important)
2021-12-17 00:00:00
github
github
Critical vulnerability in log4j may affect generated PEAR projects
2021-12-16 21:01:51
Using GitHub’s security features to help identify Log4j exposure in your codebase
2021-12-14 19:46:00
openvas
openvas
openSUSE: Security Advisory for logback (openSUSE-SU-2021:4109-1)
2022-02-01 00:00:00
ibm
ibm
Security Bulletin: IBM Cloud Transformation Advisor is affected by Apache Log4j vulnerability (CVE-2021-44228)
2022-12-05 19:00:57
Security Bulletin: Vulnerability in Apache Log4j (CVE-2021-44228) affects MaaS360 Enterprise Gateway
2021-12-17 13:57:26
Security Bulletin: Vulnerability in Apache Log4j affects IBM Spectrum Scale (CVE-2021-44228)
2021-12-22 18:58:03
impervablog
impervablog
How We’re Protecting Customers & Staying Ahead of CVE-2021-44228
2021-12-11 02:31:39
redhat
redhat
(RHSA-2021:5138) Critical: Red Hat AMQ Streams 1.8.4 release and security update
2021-12-14 21:45:43
(RHSA-2021:5140) Low: Red Hat JBoss Enterprise Application Platform 7.4 security update
2021-12-15 02:55:01
qualysblog
qualysblog
Log4Shell Exploit Detection and Response with Qualys Multi-Vector EDR
2021-12-14 23:55:59
What’s Next After Log4Shell?
2023-02-22 03:36:56
How to Make Log4Shell Remediation Quick & Effective
2022-01-11 16:58:48
rapid7blog
rapid7blog
Test for Log4Shell With InsightAppSec Using New Functionality
2021-12-22 21:50:50
5 Security Projects That Are Giving Back
2022-01-04 18:44:58
Using InsightVM to Find Apache Log4j CVE-2021-44228
2021-12-14 14:17:29
debian
debian
[SECURITY] [DLA 2842-1] apache-log4j2 security update
2021-12-12 15:09:37
kitploit
kitploit
Log4J-Detect - Script To Detect The "Log4j" Java Library Vulnerability (CVE-2021-44228) For A List Of URLs With Multithreading
2022-01-06 11:30:00
CVE-Vulnerability-Information-Downloader - Downloads Information From NIST (CVSS), First.Org (EPSS), And CISA (Exploited Vulnerabilities) And Combines Them Into One List
2023-02-25 11:30:00
nessus
nessus
Apache JSPWiki Log4Shell Direct Check (CVE-2021-44228)
2022-01-07 00:00:00
VMware vRealize Operations Manager Log4Shell Direct Check (CVE-2021-44228) (VMSA-2021-0028)
2022-01-21 00:00:00
MobileIron Core Log4Shell Direct Check (CVE-2021-44228)
2022-01-21 00:00:00
mssecure
mssecure
Build a stronger cybersecurity team through diversity and training
2022-01-20 17:00:00
hivepro
hivepro
Deep Panda deploys new rootkit “Fire Chili” by exploiting Log4shell in VMware horizon
2022-04-05 12:57:28
Lazarus’s Operation Blacksmith Deploys Novel Dlang RATs
2023-12-13 06:46:17
Monti ransomware infiltrates networks via the well-known Log4Shell
2022-09-16 10:51:13
hackerone
hackerone
U.S. Dept Of Defense: LOGJ4 VUlnerability [HtUS]
2022-07-04 14:01:23
Acronis: [CVE-2021-44228] Arbitrary Code Execution on ng01-cloud.acronis.com
2022-01-25 07:33:15
msrc
msrc
Microsoft’s Response to CVE-2021-44228 Apache Log4j 2
2021-12-12 08:00:00
ics
ics
Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester
2022-11-25 12:00:00
Sensormatic PowerManage (Update A)
2022-03-08 12:00:00
mmpc
mmpc
MERCURY and DEV-1084: Destructive attack on hybrid environment
2023-04-07 16:00:00
Build a stronger cybersecurity team through diversity and training
2022-01-20 17:00:00
zdt
zdt
MobileIron Log4Shell Remote Command Execution Exploit
2022-08-04 00:00:00
wordfence
wordfence
Analyzing Attack Data and Trends Targeting Log4J
2022-08-02 14:06:05
exploitdb
exploitdb
Apache Log4j2 2.14.1 - Information Disclosure
2021-12-14 00:00:00
osv
osv
Apache Log4j Remote Code Execution
2021-12-14 21:07:14
apache-log4j2 - security update
2021-12-12 00:00:00
metasploit
metasploit
UniFi Network Application Unauthenticated JNDI Injection RCE (via Log4Shell)
2022-01-19 22:51:31
qt
qt
The Qt Company Products Are Not Affected by CVE-2021-44228 (Log4j vulnerability)
2021-12-15 00:00:00
kaspersky
kaspersky
KLA12393 RCE vulnerability in Microsoft System Center
2021-12-16 00:00:00
freebsd
freebsd
openhab -- log4j remote code injection
2021-12-10 00:00:00
cisa
cisa
Apache Releases Log4j Version 2.15.0 to Address Critical RCE Vulnerability Under Exploitation
2021-12-10 00:00:00
Ivanti Updates Log4j Advisory with Security Updates for Multiple Products  
2022-01-14 00:00:00
ubuntu
ubuntu
Apache Log4j 2 vulnerability
2021-12-17 00:00:00
threatpost
threatpost
Conti Ransomware Gang Has Full Log4Shell Attack Chain
2021-12-20 22:11:30
FTC to Go After Companies that Ignore Log4j
2022-01-05 19:00:03
The Log4j Vulnerability Puts Pressure on the Security World
2022-01-18 20:21:04
fedora
fedora
[SECURITY] Fedora 34 Update: jansi-2.1.1-4.fc34
2021-12-22 01:14:26
thn
thn
NHS Warns of Hackers Targeting Log4j Flaws in VMware Horizon
2022-01-08 07:04:00
Iranian Hackers Exploiting Unpatched Log4j 2 Bugs to Target Israeli Organizations
2022-08-27 03:23:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

10

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

AI Score

10

Confidence

High

EPSS

0.965

Percentile

99.6%

JSON
Related for FA2E2C3F-6F4C-5B17-ABFC-FC95FA17C474
githubexploit80suse3github2openvas1ibm64impervablog1redhat2qualysblog3rapid7blog5debian1kitploit2nessus6mssecure1hivepro3hackerone2msrc1ics2mmpc2zdt1wordfence1exploitdb1osv2metasploit1qt1kaspersky1freebsd1cisa2ubuntu1threatpost3fedora1thn2