Lucene search
K

5 matches found

The Hacker News
The Hacker News
added 2022/04/21 12:20 p.m.64 views

Amazon's Hotpatch for Log4j Flaw Found Vulnerable to Privilege Escalation Bug

The "hotpatch" released by Amazon Web Services AWS in response to the Log4Shell vulnerabilities could be leveraged for container escape and privilege escalation, allowing an attacker to seize control of the underlying host. "Aside from containers, unprivileged processes can also exploit the patch...

8.8CVSS1AI score0.00385EPSS
Exploits4
NVD
NVD
added 2022/04/19 11:15 p.m.26 views

CVE-2022-0070

Incomplete fix for CVE-2021-3100. The Apache Log4j hotpatch package starting with log4j-cve-2021-44228-hotpatch-1.1-16 will now explicitly mimic the Linux capabilities and cgroups of the target Java process that the hotpatch is applied to...

8.8CVSS0.00374EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/04/19 10:15 p.m.32 views

CVE-2022-0070 Log4j hot patch package privilege escalation

Incomplete fix for CVE-2021-3100. The Apache Log4j hotpatch package starting with log4j-cve-2021-44228-hotpatch-1.1-16 will now explicitly mimic the Linux capabilities and cgroups of the target Java process that the hotpatch is applied to...

8.8CVSS8.5AI score0.00374EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/04/19 12:0 a.m.217 views

Amazon Linux 2 : log4j-cve-2021-44228-hotpatch (ALAS-2022-1773)

The version of log4j-cve-2021-44228-hotpatch installed on the remote host is prior to 1.1-16. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1773 advisory. The Apache Log4j hotpatch package starting with log4j-cve-2021-44228-hotpatch-1.1-16 will now explicitly mimic...

10CVSS7.5AI score0.99999EPSS
Exploits353References3
Amazon
Amazon
added 2022/04/19 12:0 a.m.166 views

Important: log4j-cve-2021-44228-hotpatch

Issue Overview: The Apache Log4j hotpatch package starting with log4j-cve-2021-44228-hotpatch-1.1-16 will now explicitly mimic the Linux capabilities and cgroups of the target Java process that the hotpatch is applied to. In order to mimic the Linux capabilities of the target process, Amazon Linu...

10CVSS8.4AI score0.99999EPSS
Exploits353
Rows per page
Query Builder