Lucene search
AkamaiAKAMAIBLOG:B0985AEDEB4DAED26BDA30B9488D329DHistoryDec 10, 2021 - 9:00 p.m.
CVE-2021-44228 - Zero Day Vulnerability in Apache Log4j that allows remote code execution (RCE)
2021-12-1021:00:00
Akamai
www.akamai.com
189
cve-2021-44228
apache log4j
remote code execution
akamai
vulnerability
customer exposure
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
10
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS
0.965
Percentile
99.6%
See how Akamai helped open-source logging library Log4j fight against a critical unauthenticated remote code execution (RCE) vulnerability and reduce customer exposure.
Related
trendmicroblog
trendmicroblog
Patch Now: Apache Log4j Vulnerability Called Log4Shell Actively Exploited
2021-12-13 00:00:00
githubexploit
githubexploit
Exploit for Expression Language Injection in Apache Log4J
2021-12-12 15:29:20
Exploit for Expression Language Injection in Apache Log4J
2021-12-13 18:35:16
Exploit for Expression Language Injection in Apache Log4J
2021-12-14 19:29:11
threatpost
threatpost
Where the Latest Log4Shell Attacks Are Coming From
2021-12-13 19:00:01
What the Log4Shell Bug Means for SMBs: Experts Weigh In
2021-12-14 17:54:47
The 5 Most-Wanted Threatpost Stories of 2021
2021-12-27 18:57:24
nessus
nessus
VMware vCenter Log4Shell Direct Check (CVE-2021-44228) (VMSA-2021-0028)
2021-12-13 00:00:00
FreeBSD : graylog -- include log4j patches (3fadd7e4-f8fb-45a0-a218-8fd6423c338f)
2021-12-13 00:00:00
FreeBSD : OpenSearch -- Log4Shell (4b1ac5a3-5bd4-11ec-8602-589cfc007716)
2021-12-13 00:00:00
redhat
redhat
rapid7blog
rapid7blog
Log4Shell Makes Its Appearance in Hacker Chatter: 4 Observations
2021-12-14 21:05:17
3 Reasons to Join Rapid7’s Cloud Security Summit
2022-03-09 17:06:13
Metasploit Framework 6.4 Released
2024-03-25 13:33:28
ibm
ibm
Security Bulletin: IBM Security Verify Privilege Products NOT Affected by CVE-2021-44228 Exploit
2021-12-13 13:37:26
Security Bulletin: IBM Security Directory Integrator NOT Affected by CVE-2021-44228 Exploit
2021-12-16 04:19:55
Security Bulletin: Vulnerability exists in Watson Explorer (CVE-2021-44228)
2021-12-16 13:28:20
qualysblog
qualysblog
Log4Shell – Follow This Multi-Layered Approach for Detection and Remediation
2021-12-28 18:00:00
Detect Exploitation Attempts With Qualys XDR (Beta)
2021-12-14 23:55:43
packetstorm
packetstorm
Log4Shell HTTP Header Injection
2022-01-12 00:00:00
Intel Data Center Manager 5.1 Local Privilege Escalation
2022-12-09 00:00:00
MobileIron Log4Shell Remote Command Execution
2022-08-03 00:00:00
impervablog
impervablog
Analytics Are Essential for Effective Database Security
2022-01-13 15:23:02
Continuing to Stay Ahead of CVE-2021-44228: Addressing Your Top Questions
2021-12-14 22:55:49
hackerone
hackerone
U.S. Dept Of Defense: ███ ████████ running a vulnerable log4j
2021-12-31 00:55:49
U.S. Dept Of Defense: ██████████ running a vulnerable log4j
2021-12-11 00:16:38
amd
amd
AMD Response to Log4j (Log4Shell) Vulnerability
2021-12-15 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2021-12-10 15:09:45
cisa
cisa
CISA Creates Webpage for Apache Log4j Vulnerability CVE-2021-44228
2021-12-13 00:00:00
cisa_kev
cisa_kev
Apache Log4j2 Remote Code Execution Vulnerability
2021-12-10 00:00:00
osv
osv
Critical vulnerability in log4j may affect generated PEAR projects
2021-12-16 21:01:51
log4j-2.13.2-2.1 on GA media
2024-06-15 00:00:00
apache-log4j2 - security update
2021-12-11 00:00:00
hivepro
hivepro
Iranian hackers leveraged Log4Shell to penetrate US federal agency
2022-11-17 12:28:57
msrc
msrc
CVE-2021-44228 Apache Log4j 2 に対するマイクロソフトの対応
2021-12-12 08:00:00
Microsoft’s Response to CVE-2021-44228 Apache Log4j 2
2021-12-12 05:28:18
trellix
trellix
Log4J and The Memory That Knew Too Much
2022-01-19 00:00:00
mssecure
mssecure
MERCURY and DEV-1084: Destructive attack on hybrid environment
2023-04-07 16:00:00
wallarmlab
wallarmlab
Update on Log4Shell (CVE-2021-44228)
2021-12-10 20:22:36
5 things you need to know about Log4Shell (CVE-2021-44228)
2021-12-10 20:40:07
fedora
fedora
[SECURITY] Fedora 34 Update: log4j-2.16.0-1.fc34
2021-12-22 01:14:26
[SECURITY] Fedora 35 Update: log4j-2.15.0-1.fc35
2021-12-13 17:13:00
talosblog
talosblog
How CVSS 4.0 changes (or doesn’t) the way we see vulnerability severity
2024-02-21 13:54:48
openvas
openvas
Debian: Security Advisory (DLA-2842-1)
2021-12-13 00:00:00
openSUSE: Security Advisory for logback (openSUSE-SU-2021:1613-1)
2022-02-01 00:00:00
Fedora: Security Advisory for log4j (FEDORA-2021-f0f501d01f)
2021-12-15 00:00:00
akamaiblog
akamaiblog
kaspersky
kaspersky
KLA12392 RCE vulnerability in Microsoft Azure
2021-12-16 00:00:00
KLA12390 RCE vulnerability in Apache Log4j
2021-12-10 00:00:00
KLA12395 RCE vulnerability in Microsoft SQL Server
2021-12-16 00:00:00
cve
cve
CVE-2021-44228
2021-12-10 10:15:09
ubuntu
ubuntu
Apache Log4j 2 vulnerability
2021-12-14 00:00:00
zdt
zdt
Apache Log4j 2 - Remote Code Execution Exploit
2021-12-14 00:00:00
prion
prion
Default configuration
2021-12-10 10:15:00
cvelist
cvelist
thn
thn
SASE Threat Report: 8 Key Findings for Enterprise Security
2024-06-03 10:56:00
Extremely Critical Log4J Vulnerability Leaves Much of the Internet at Risk
2021-12-11 04:18:00
debiancve
debiancve
CVE-2021-44228
2021-12-10 10:15:09
vmware
vmware
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
10
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS
0.965
Percentile
99.6%
Related for AKAMAIBLOG:B0985AEDEB4DAED26BDA30B9488D329D