Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
githubexploitB5D61CFC-8A10-5D92-B72B-D002C1D7AF33
HistoryDec 14, 2021 - 10:27 p.m.

Exploit for Deserialization of Untrusted Data in Apache Log4J

2021-12-1422:27:14
14
apache log4j
deserialization
python scanner
vulnerabilities
file-system
shaded jars
class files
java archives

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

10

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

AI Score

8

Confidence

Low

EPSS

0.973

Percentile

99.9%

JSON

log4shell-finder - Fastest file system scanner for log4j insta…

This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.

Related

githubexploit 17
nessus 37
redhat 31
ibm 62
f5 1
openvas 12
mageia 1
arista 1
qualysblog 3
thn 3
rapid7blog 1
osv 5
ubuntu 1
oraclelinux 3
amazon 4
suse 3
almalinux 1
attackerkb 1
paloalto 1
citrix 1
debian 1
rocky 1
github 2
cisco 1
cert 1
checkpoint_security 1
gentoo 1
centos 1
atlassian 1
githubexploit
githubexploit
Exploit for Deserialization of Untrusted Data in Apache Log4J
2021-12-14 22:27:14
Exploit for Expression Language Injection in Apache Log4J
2021-12-11 11:18:46
Exploit for Deserialization of Untrusted Data in Apache Log4J
2022-01-29 14:26:55
nessus
nessus
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.4.4 (RHSA-2022:1296)
2022-04-12 00:00:00
RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.4.4 (RHSA-2022:1297)
2022-04-12 00:00:00
GLSA-202402-16 : Apache Log4j: Multiple Vulnerabilities
2024-02-18 00:00:00
redhat
redhat
(RHSA-2022:1296) Low: Red Hat JBoss Enterprise Application Platform 7.4.4 security update
2022-04-11 12:43:56
(RHSA-2022:1299) Low: Red Hat JBoss Enterprise Application Platform 7.4.4 security update
2022-04-11 12:57:11
(RHSA-2022:1297) Low: Red Hat JBoss Enterprise Application Platform 7.4.4 security update
2022-04-11 12:43:59
ibm
ibm
IBM Sterling B2B Integrator and Sterling Filegateway NOT Affected by CVE-2021-4104, CVE-2021- 44832, CVE-2019-17571, CVE-2022-23307, CVE-2022-23305, CVE-2022-23302 and CVE-2020-9488 Exploit
2022-03-03 20:50:59
Security Bulletin: Multiple vulnerabilities in Apache Log4j affect IBM Application Performance Management products
2023-09-25 08:35:10
Security Bulletin: IBM InfoSphere Information Server may be affected by vulnerabilities in Apache log4j 1.x version
2022-10-14 22:13:39
f5
f5
K34002344 : Overview of Log4j vulnerabilities (2021 and 2022)
2022-02-01 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2023-0141)
2023-04-17 00:00:00
ILIAS < 5.4.26, 6.x < 6.14, 7.x < 7.5 ilServer Multiple Log4j Vulnerabilities
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-5998-1)
2023-04-06 00:00:00
mageia
mageia
Updated davmail packages fix security vulnerability
2023-04-15 22:03:44
arista
arista
Security Advisory 0070
2021-12-12 00:00:00
qualysblog
qualysblog
Is Your Web Application Exploitable By Log4Shell Vulnerability?
2021-12-15 17:06:36
New Options Profiles for Log4Shell Detection
2021-12-20 17:33:11
CVE-2021-44228: Apache Log4j2 Zero-Day Exploited in the Wild (Log4Shell)
2021-12-10 19:30:11
thn
thn
New Apache Log4j Update Released to Patch Newly Discovered Vulnerability
2021-12-29 04:59:00
Microsoft Warns of Continued Attacks Exploiting Apache Log4j Vulnerabilities
2022-01-05 05:12:00
New Local Attack Vector Expands the Attack Surface of Log4j Vulnerability
2021-12-18 12:18:00
rapid7blog
rapid7blog
Widespread Exploitation of Critical Remote Code Execution in Apache Log4j
2021-12-10 15:30:00
osv
osv
apache-log4j1.2 vulnerabilities
2023-04-05 21:26:34
apache-log4j1.2 - security update
2022-01-31 00:00:00
Important: parfait:0.5 security update
2022-01-26 14:27:19
ubuntu
ubuntu
Apache Log4j vulnerabilities
2023-04-05 00:00:00
oraclelinux
oraclelinux
log4j security update
2022-05-23 00:00:00
parfait:0.5 security update
2022-01-27 00:00:00
log4j security update
2022-02-08 00:00:00
amazon
amazon
Medium: log4j
2022-01-18 21:37:00
Important: log4j
2022-01-18 20:15:00
Important: log4j
2022-02-15 22:54:00
suse
suse
Security update for kafka (important)
2022-02-16 00:00:00
Security update for log4j12 (important)
2022-01-28 00:00:00
Security update for log4j (important)
2022-01-27 00:00:00
almalinux
almalinux
Important: parfait:0.5 security update
2022-01-26 14:27:19
attackerkb
attackerkb
CVE-2019-17571
2019-12-20 00:00:00
paloalto
paloalto
Impact of Log4j Vulnerabilities CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, and CVE-2021-44832
2021-12-10 21:45:00
citrix
citrix
Citrix Security Advisory for CVE-2021-44228, CVE-2021-45046, CVE-2021-45105 and CVE-2021-44832.
2021-12-11 17:15:50
debian
debian
[SECURITY] [DLA 2905-1] apache-log4j1.2 security update
2022-01-31 14:24:44
rocky
rocky
parfait:0.5 security update
2022-01-26 14:27:19
github
github
GitHub’s response to Log4j vulnerability CVE-2021-44228
2021-12-13 19:06:34
Security Advisory for "Log4Shell"
2022-01-21 23:25:04
cisco
cisco
Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021
2021-12-10 18:45:00
cert
cert
Apache Log4j allows insecure JNDI lookups
2021-12-15 00:00:00
checkpoint_security
checkpoint_security
Check Point's response to Apache Log4j Remote Code Execution
2021-12-10 11:28:03
gentoo
gentoo
Apache Log4j: Multiple Vulnerabilities
2024-02-18 00:00:00
centos
centos
log4j security update
2022-02-07 16:47:44
atlassian
atlassian
Crowd: Multiple vulnerabilities in log4j < 1.2.7-atlassian-16
2022-05-18 08:53:01

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

10

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

AI Score

8

Confidence

Low

EPSS

0.973

Percentile

99.9%

JSON
Related for B5D61CFC-8A10-5D92-B72B-D002C1D7AF33
githubexploit17nessus37redhat31ibm62f51openvas12mageia1arista1qualysblog3thn3rapid7blog1osv5ubuntu1oraclelinux3amazon4suse3almalinux1attackerkb1paloalto1citrix1debian1rocky1github2cisco1cert1checkpoint_security1gentoo1centos1atlassian1