The Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.1-13 didn’t mimic the permissions of the JVM being patched, allowing it to escalate privileges.

Affected configurations

NVD

Node

linuxlinux_kernelMatch-

AND

amazonlog4jhotpatchRange<1.1-13

References

alas.aws.amazon.com/AL2/ALAS-2021-1732.html

alas.aws.amazon.com/ALAS-2021-1554.html

unit42.paloaltonetworks.com/aws-log4shell-hot-patch-vulnerabilities

amazon 2

nessus 14

prion 2

cvelist 2

cve 3

nvd 1

ibm 45

githubexploit 39

kaspersky 3

threatpost 37

trellix 1

osv 1

hivepro 1

msrc 2

impervablog 4

cisa_kev 1

rapid7blog 9

cisa 1

openvas 6

mssecure 1

redhat 4

hackerone 2

amd 1

fedora 1

trendmicroblog 1

packetstorm 3

talosblog 1

akamaiblog 1

qualysblog 1

veracode 1

wallarmlab 1

ics 1

nuclei 1

suse 1

mageia 1

freebsd 2

malwarebytes 1

amazon

Important: log4j-cve-2021-44228-hotpatch

2021-12-22 21:17:00

Important: log4j-cve-2021-44228-hotpatch

2021-12-22 21:18:00

nessus

Amazon Linux AMI : log4j-cve-2021-44228-hotpatch (ALAS-2021-1554)

2021-12-23 00:00:00

Amazon Linux 2 : log4j-cve-2021-44228-hotpatch (ALAS-2021-1732)

2021-12-23 00:00:00

Amazon Linux 2 : log4j-cve-2021-44228-hotpatch (ALAS-2022-1773)

2022-04-19 00:00:00

prion

Code injection

2022-04-19 23:15:00

Design/Logic Flaw

2022-04-19 23:15:00

cvelist

CVE-2021-3100 Log4j hot patch package privilege escalation

2022-04-19 00:00:00

CVE-2022-0070 Log4j hot patch package privilege escalation

2022-04-19 00:00:00

cve

CVE-2021-3100

2022-04-19 23:15:13

CVE-2022-0070

2022-04-19 23:15:13

CVE-2021-44228

2021-12-10 10:15:09

nvd

CVE-2022-0070

2022-04-19 23:15:13

ibm

Security Bulletin: IBM Maximo Application Suite is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-44228)

2022-02-23 18:56:25

Security Bulletin: The Apache Log4j (CVE-2021-44228) vulnerability affects z/TPF and TPF Operations Server

2021-12-20 20:53:23

Security Bulletin: IBM Security Directory Integrator NOT Affected by CVE-2021-44228 Exploit

2021-12-16 04:19:55

githubexploit

Exploit for Improper Input Validation in Apache Log4J

2021-12-22 15:15:12

Exploit for Expression Language Injection in Apache Log4J

2021-12-14 14:51:26

Exploit for Deserialization of Untrusted Data in Apache Log4J

2021-12-14 22:19:29

kaspersky

KLA12390 RCE vulnerability in Apache Log4j

2021-12-10 00:00:00

KLA12392 RCE vulnerability in Microsoft Azure

2021-12-16 00:00:00

KLA12395 RCE vulnerability in Microsoft SQL Server

2021-12-16 00:00:00

threatpost

Medusa Malware Joins Flubot's Android Distribution Network

2022-02-07 22:13:29

Samsung Confirms Lapsus$ Ransomware Hit, Source Code Leak

2022-03-07 19:28:36

Russia Issues Its Own TLS Certs

2022-03-11 18:34:34

trellix

Log4J and The Memory That Knew Too Much

2022-01-19 00:00:00

osv

Critical vulnerability in log4j may affect generated PEAR projects

2021-12-16 21:01:51

hivepro

Iranian hackers leveraged Log4Shell to penetrate US federal agency

2022-11-17 12:28:57

msrc

Microsoft’s Response to CVE-2021-44228 Apache Log4j 2

2021-12-12 05:28:18

CVE-2021-44228 Apache Log4j 2 に対するマイクロソフトの対応

2021-12-12 08:00:00

impervablog

Continuing to Stay Ahead of CVE-2021-44228: Addressing Your Top Questions

2021-12-14 22:55:49

Analytics Are Essential for Effective Database Security

2022-01-13 15:23:02

2021 in Review, Part 3: 5 Things Security Professionals Were Discussing this Year

2021-12-30 13:26:47

cisa_kev

Apache Log4j2 Remote Code Execution Vulnerability

2021-12-10 00:00:00

rapid7blog

Metasploit Framework 6.4 Released

2024-03-25 13:33:28

3 Reasons to Join Rapid7’s Cloud Security Summit

2022-03-09 17:06:13

[Security Nation] Mike Hanley of GitHub on the Log4j Vulnerability

2022-01-19 21:47:30

cisa

Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems

2022-06-23 00:00:00

openvas

Debian: Security Advisory (DLA-2842-1)

2021-12-13 00:00:00

openSUSE: Security Advisory for logback (openSUSE-SU-2021:1613-1)

2022-02-01 00:00:00

Fedora: Security Advisory for jansi (FEDORA-2021-66d6c484f3)

2021-12-23 00:00:00

mssecure

MERCURY and DEV-1084: Destructive attack on hybrid environment

2023-04-07 16:00:00

redhat

(RHSA-2021:5093) Critical: Red Hat build of Eclipse Vert.x 4.1.5 SP1 security update

2021-12-14 15:57:34

(RHSA-2021:5130) Critical: Red Hat Integration Camel-K 1.6.2 release and security update

2021-12-14 17:51:25

(RHSA-2021:5126) Critical: Red Hat Integration Camel Extensions for Quarkus GA security update

2021-12-14 16:15:45

hackerone

U.S. Dept Of Defense: ███ ████████ running a vulnerable log4j

2021-12-31 00:55:49

U.S. Dept Of Defense: ██████████ running a vulnerable log4j

2021-12-11 00:16:38

amd

AMD Response to Log4j (Log4Shell) Vulnerability

2021-12-15 00:00:00

fedora

[SECURITY] Fedora 34 Update: log4j-2.16.0-1.fc34

2021-12-22 01:14:26

trendmicroblog

Patch Now: Apache Log4j Vulnerability Called Log4Shell Actively Exploited

2021-12-13 00:00:00

packetstorm

MobileIron Log4Shell Remote Command Execution

2022-08-03 00:00:00

Log4Shell HTTP Header Injection

2022-01-12 00:00:00

Intel Data Center Manager 5.1 Local Privilege Escalation

2022-12-09 00:00:00

talosblog

How CVSS 4.0 changes (or doesn’t) the way we see vulnerability severity

2024-02-21 13:54:48

akamaiblog

Threat Intelligence on Log4j CVE: Key Findings and Their Implications

2021-12-17 19:30:00

qualysblog

Log4Shell – Follow This Multi-Layered Approach for Detection and Remediation

2021-12-28 18:00:00

veracode

Remote Code Execution (RCE)

2021-12-10 15:09:45

wallarmlab

Update on Log4Shell (CVE-2021-44228)

2021-12-10 20:22:36

ics

Karakurt Data Extortion Group

2023-12-12 12:00:00

nuclei

Apache Log4j2 Remote Code Injection

2021-12-11 19:26:50

suse

Security update for log4j (important)

2021-12-13 00:00:00

mageia

Updated log4j packages fix security vulnerability

2021-12-11 04:02:37

freebsd

bastillion -- log4j vulnerability

2021-12-10 00:00:00

serviio -- affected by log4j vulnerability

2021-12-13 00:00:00

malwarebytes

What SMBs can do to protect against Log4Shell attacks

2021-12-15 20:59:31

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

8.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

0.976 High

EPSS

Percentile

100.0%

JSON

Related for NVD:CVE-2021-3100

amazon2 nessus14 prion2 cvelist2 cve3 nvd1 ibm45 githubexploit39 kaspersky3 threatpost37 trellix1 osv1 hivepro1 msrc2 impervablog4 cisa_kev1 rapid7blog9 cisa1 openvas6 mssecure1 redhat4 hackerone2 amd1 fedora1 trendmicroblog1 packetstorm3 talosblog1 akamaiblog1 qualysblog1 veracode1 wallarmlab1 ics1 nuclei1 suse1 mageia1 freebsd2 malwarebytes1