Akamai has been monitoring the rapidly evolving developments of CVE-2021-44228. We have been working closely with our customers and internal application teams to mitigate the risks posed by the threat of unauthorized remote code execution. This includes deploying an update to our existing Apache WAF rules to include mitigation for this Zero Day CVE, and updating the Log4j library to version 2.15.0 or later.

kitploit 2

threatpost 43

qualysblog 2

rapid7blog 2

malwarebytes 1

hackerone 2

ibm 46

osv 5

mscve 1

cisa 3

nessus 9

suse 1

impervablog 2

redhat 2

kaspersky 1

thn 5

debiancve 1

vmware 2

ubuntu 1

githubexploit 45

fedora 1

zdt 3

openvas 9

prion 1

veeam 1

packetstorm 1

wallarmlab 1

akamaiblog 1

cvelist 1

hivepro 1

nvd 1

metasploit 1

trellix 1

kitploit

Ox4Shell - Deobfuscate Log4Shell Payloads With Ease

2022-08-24 12:30:00

NodeSecurityShield - A Developer And Security Engineer Friendly Package For Securing NodeJS Applications

2022-05-14 21:30:00

threatpost

Zenly Social-Media App Bugs Allow Account Takeover

2022-02-24 20:07:34

Microsoft Takedown Domains Used in Cyberattack Against Ukraine

2022-04-11 17:26:25

Roaming Mantis Expands Android Backdoor to Europe

2022-02-07 17:32:14

qualysblog

Put SecOps in the Driver’s Seat with Custom Assessment and Remediation

2022-05-20 13:00:00

Detect Exploitation Attempts With Qualys XDR (Beta)

2021-12-14 23:55:43

rapid7blog

3 Takeaways From the 2022 Verizon Data Breach Investigations Report

2022-05-31 13:22:17

Being Naughty to See Who Was Nice: Machine Learning Attacks on Santa’s List

2022-01-14 14:46:41

malwarebytes

CISA Log4Shell warning: Patch VMware Horizon installations immediately

2022-06-27 09:54:58

hackerone

Acronis: [CVE-2021-44228] nps.acronis.com is vulnerable to the recent log4shell 0-day

2021-12-13 23:42:16

U.S. Dept Of Defense: Log4Shell: RCE 0-day exploit on █████████

2021-12-16 18:32:13

ibm

Security Bulletin: IBM App Connect Enterprise Certified Container Designer Authoring operands and Integration Server operands that use the JDBC connector may be vulnerable to remote code execution due to CVE-2021-44228

2022-01-31 13:23:43

Security Bulletin: Apache log4j Vulnerability Affects IBM Sterling Global Mailbox (CVE-2021-44228)

2022-01-19 16:20:26

Security Bulletin: Vulnerability in Apache Log4j (CVE-2021-44228) affects Power HMC

2022-01-10 12:57:48

osv

CVE-2021-44228

2021-12-10 10:15:09

apache-log4j2 - security update

2021-12-11 00:00:00

apache-log4j2 - security update

2021-12-12 00:00:00

mscve

Apache Log4j Remote Code Execution Vulnerability

2021-12-16 08:00:00

cisa

CISA Issues ED 22-02 Directing Federal Agencies to Mitigate Apache Log4j Vulnerabilities

2021-12-17 00:00:00

CISA Creates Webpage for Apache Log4j Vulnerability CVE-2021-44228

2021-12-13 00:00:00

Ivanti Updates Log4j Advisory with Security Updates for Multiple Products

2022-01-14 00:00:00

nessus

openSUSE 15 Security Update : log4j (openSUSE-SU-2021:1577-1)

2021-12-17 00:00:00

Apache Log4j < 2.15.0 Remote Code Execution (Windows)

2021-12-10 00:00:00

Ubuntu 18.04 LTS / 20.04 LTS : Apache Log4j 2 vulnerability (USN-5192-1)

2021-12-14 00:00:00

suse

Security update for logback (important)

2021-12-24 00:00:00

impervablog

2021 in Review, Part 1: 5 Cybersecurity Topics that Made News

2021-12-28 14:08:23

2021 in Review, Part 4: 5 Cybersecurity Topics to Watch in 2022

2022-01-04 10:44:57

redhat

(RHSA-2022:0082) Critical: Red Hat Process Automation Manager 7.11.1 security update

2022-01-11 10:28:38

(RHSA-2021:5132) Critical: Red Hat Data Grid 8.2.2 security update

2021-12-14 20:00:47

kaspersky

KLA12442 RCE vulnerability in LibreOffice

2021-12-16 00:00:00

thn

Iranian Hackers Exploit Log4j Vulnerability to Deploy PowerShell Backdoor

2022-01-13 08:37:00

Extremely Critical Log4J Vulnerability Leaves Much of the Internet at Risk

2021-12-11 04:18:00

Chinese APT Hackers Used Log4Shell Exploit to Target Academic Institution

2021-12-30 10:07:00

debiancve

CVE-2021-44228

2021-12-10 10:15:09

vmware

VMware Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)

2021-12-10 00:00:00

VMware Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)

2021-12-10 00:00:00

ubuntu

Apache Log4j 2 vulnerability

2021-12-14 00:00:00

githubexploit

Exploit for Deserialization of Untrusted Data in Apache Log4J

2021-12-14 22:50:05

Exploit for Deserialization of Untrusted Data in Apache Log4J

2021-12-17 18:45:19

Exploit for Deserialization of Untrusted Data in Apache Log4J

2021-12-14 05:24:52

fedora

[SECURITY] Fedora 35 Update: log4j-2.15.0-1.fc35

2021-12-13 17:13:00

zdt

Apache Log4j 2 - Remote Code Execution Exploit

2021-12-14 00:00:00

AD Manager Plus 7122 - Remote Code Execution Vulnerability

2023-04-02 00:00:00

Log4Shell HTTP Header Injection Exploit

2022-01-13 00:00:00

openvas

Fedora: Security Advisory for log4j (FEDORA-2021-f0f501d01f)

2021-12-15 00:00:00

Apache JSPWiki 2.11.0 Log4j RCE Vulnerability (Log4Shell) - Version Check

2021-12-20 00:00:00

Ubuntu: Security Advisory (USN-5192-1)

2021-12-15 00:00:00

prion

Default configuration

2021-12-10 10:15:00

veeam

Log4j Vulnerability (CVE-2021-44228)

2021-12-13 00:00:00

packetstorm

Apache Log4j2 2.14.1 Remote Code Execution

2021-12-14 00:00:00

wallarmlab

5 things you need to know about Log4Shell (CVE-2021-44228)

2021-12-10 20:40:07

akamaiblog

Our Journey to Detect Log4j-Vulnerable Machines

2021-12-27 19:30:00

cvelist

CVE-2021-44228 Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints

2021-12-10 00:00:00

hivepro

Monti ransomware infiltrates networks via the well-known Log4Shell

2022-09-16 10:51:13

nvd

CVE-2021-44228

2021-12-10 10:15:09

metasploit

Log4Shell HTTP Header Injection

2021-12-29 14:10:07

trellix

Log4J and The Memory That Knew Too Much

2022-01-19 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

0.976 High

EPSS

Percentile

100.0%

JSON

Related for AKAMAIBLOG:65F0FA2139A357151F74FA41EF42B50F