Lucene search

Basic search
Lucene search
Search by product

Vendors

Products

Microsoft Security Response CenterMSRC:9783BD8B3A34301D0C5C34D252854BDF

HistoryDec 12, 2021 - 8:00 a.m.

CVE-2021-44228 Apache Log4j 2 に対するマイクロソフトの対応

2021-12-1208:00:00

Microsoft Security Response Center

link

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.976 High

EPSS

Percentile

100.0%

JSON

本ブログは、Microsoft’s Response to CVE-2021-44228 Apache Log4j 2 の抄訳版です。最新の情報は、元記事を参照してください。

ibm 51

cisa 1

githubexploit 44

threatpost 44

msrc 2

nessus 13

trendmicroblog 1

cisa_kev 1

redhat 3

akamaiblog 1

packetstorm 4

hackerone 2

rapid7blog 9

veracode 1

impervablog 3

talosblog 1

kaspersky 2

wallarmlab 1

mssecure 1

hivepro 1

fedora 1

qualysblog 1

trellix 1

openvas 3

amd 1

cve 1

osv 1

malwarebytes 1

suse 1

thn 1

f5 1

ibm

Security Bulletin: Apache Log4j vulnerability impacts IBM Watson Knowledge Catalog in Cloud Pak for Data (CVE-2021-44228)

2022-03-21 11:39:47

Security Bulletin: Apache Log4j Vulnerability Affects IBM Sterling Control Center (CVE-2021-44228)

2021-12-17 18:27:06

Security Bulletin: IBM Netcool Agile Service Manager is affected by a vulnerability in Apache Log4j (CVE-2021-44228)

2021-12-23 18:45:10

cisa

Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems

2022-06-23 00:00:00

githubexploit

Exploit for Deserialization of Untrusted Data in Apache Log4J

2022-01-27 07:07:30

Exploit for Deserialization of Untrusted Data in Apache Log4J

2021-12-20 10:40:32

Exploit for Improper Input Validation in Apache Log4J

2021-12-21 08:13:35

threatpost

UK Cops Collar 7 Suspected Lapsus$ Gang Members

2022-03-24 21:23:30

Tax-Season Scammers Spoof Fintechs, Including Stash, Public

2022-03-24 13:00:16

DarkHotel APT Targets Wynn, Macao Hotels to Rip Off Guest Data

2022-03-18 18:53:40

msrc

Microsoft’s Response to CVE-2021-44228 Apache Log4j 2

2021-12-12 05:28:18

Microsoft’s Response to CVE-2021-44228 Apache Log4j 2

2021-12-12 08:00:00

nessus

VMware Horizon Log4Shell Direct Check (CVE-2021-44228) (VMSA-2021-0028)

2022-01-07 00:00:00

VMware vCenter Log4Shell Direct Check (CVE-2021-44228) (VMSA-2021-0028)

2021-12-13 00:00:00

Cisco SD-WAN vManage Log4j Remote Code Execution (cisco-sa-apache-log4j-qRuKNEbd)

2022-05-16 00:00:00

trendmicroblog

Patch Now: Apache Log4j Vulnerability Called Log4Shell Actively Exploited

2021-12-13 00:00:00

cisa_kev

Apache Log4j2 Remote Code Execution Vulnerability

2021-12-10 00:00:00

redhat

(RHSA-2021:5093) Critical: Red Hat build of Eclipse Vert.x 4.1.5 SP1 security update

2021-12-14 15:57:34

(RHSA-2021:5130) Critical: Red Hat Integration Camel-K 1.6.2 release and security update

2021-12-14 17:51:25

(RHSA-2021:5126) Critical: Red Hat Integration Camel Extensions for Quarkus GA security update

2021-12-14 16:15:45

akamaiblog

Threat Intelligence on Log4j CVE: Key Findings and Their Implications

2021-12-17 19:30:00

packetstorm

Intel Data Center Manager 5.1 Local Privilege Escalation

2022-12-09 00:00:00

MobileIron Log4Shell Remote Command Execution

2022-08-03 00:00:00

Log4Shell HTTP Header Injection

2022-01-12 00:00:00

hackerone

U.S. Dept Of Defense: ██████████ running a vulnerable log4j

2021-12-11 00:16:38

U.S. Dept Of Defense: ███ ████████ running a vulnerable log4j

2021-12-31 00:55:49

rapid7blog

What's New in InsightVM and Nexpose: Q1 2022 in Review

2022-04-19 17:52:17

3 Reasons to Join Rapid7’s Cloud Security Summit

2022-03-09 17:06:13

Log4Shell Makes Its Appearance in Hacker Chatter: 4 Observations

2021-12-14 21:05:17

veracode

Remote Code Execution (RCE)

2021-12-10 15:09:45

impervablog

Continuing to Stay Ahead of CVE-2021-44228: Addressing Your Top Questions

2021-12-14 22:55:49

Analytics Are Essential for Effective Database Security

2022-01-13 15:23:02

2021 in Review, Part 3: 5 Things Security Professionals Were Discussing this Year

2021-12-30 13:26:47

talosblog

How CVSS 4.0 changes (or doesn’t) the way we see vulnerability severity

2024-02-21 13:54:48

kaspersky

KLA12395 RCE vulnerability in Microsoft SQL Server

2021-12-16 00:00:00

KLA12392 RCE vulnerability in Microsoft Azure

2021-12-16 00:00:00

wallarmlab

Update on Log4Shell (CVE-2021-44228)

2021-12-10 20:22:36

mssecure

MERCURY and DEV-1084: Destructive attack on hybrid environment

2023-04-07 16:00:00

hivepro

Iranian hackers leveraged Log4Shell to penetrate US federal agency

2022-11-17 12:28:57

fedora

[SECURITY] Fedora 34 Update: log4j-2.16.0-1.fc34

2021-12-22 01:14:26

qualysblog

Log4Shell – Follow This Multi-Layered Approach for Detection and Remediation

2021-12-28 18:00:00

trellix

Log4J and The Memory That Knew Too Much

2022-01-19 00:00:00

openvas

openSUSE: Security Advisory for logback (openSUSE-SU-2021:1613-1)

2022-02-01 00:00:00

Debian: Security Advisory (DLA-2842-1)

2021-12-13 00:00:00

Apache Struts 2.5.x Log4j RCE Vulnerability (Log4Shell) - Version Check

2021-12-13 00:00:00

amd

AMD Response to Log4j (Log4Shell) Vulnerability

2021-12-15 00:00:00

cve

CVE-2021-44228

2021-12-10 10:15:00

osv

Critical vulnerability in log4j may affect generated PEAR projects

2021-12-16 21:01:51

malwarebytes

What SMBs can do to protect against Log4Shell attacks

2021-12-15 20:59:31

suse

Security update for log4j (important)

2021-12-13 00:00:00

thn

China suspends deal with Alibaba for not sharing Log4j 0-day first with the government

2021-12-22 11:53:00

K19026212 : Apache Log4j2 Remote Code Execution vulnerability CVE-2021-44228

2021-12-10 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.976 High

EPSS

Percentile

100.0%

JSON

Related for MSRC:9783BD8B3A34301D0C5C34D252854BDF