Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

BFBBD550-B2CF-524B-87F6-D0A8980CDFD3

HistoryDec 13, 2021 - 4:14 a.m.

Vulners
/
Githubexploit
/
Exploit for Expression Language Injection in Apache Log4J

Exploit for Expression Language Injection in Apache Log4J

2021-12-1304:14:18

409

linux

windows

vulnerability

log4j

script

security

cve-2021-44228

java

hash checking

lunasec.io

powershell

server

client

jar/war/ear

sha256 hashes

exploit

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

AI Score

9.8

Confidence

High

EPSS

0.965

Percentile

99.6%

JSON

log4j_checker_beta - Linux, macOS and Windows Scripts

If you …

This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.

githubexploit 96

nessus 9

suse 1

ibm 40

ubuntu 1

threatpost 9

fedora 1

hackerone 4

thn 3

rapid7blog 3

cisa 1

mmpc 1

packetstorm 3

zdt 1

kitploit 1

metasploit 1

hivepro 1

osv 3

trellix 1

openvas 4

nvd 1

wallarmlab 1

freebsd 1

github 1

trendmicroblog 1

redhat 3

impervablog 2

kaspersky 3

akamaiblog 1

qualysblog 1

githubexploit

Exploit for Deserialization of Untrusted Data in Apache Log4J

2021-12-15 05:19:13

Exploit for Expression Language Injection in Apache Log4J

2021-12-15 13:14:34

Exploit for Expression Language Injection in Apache Log4J

2021-12-14 21:47:04

nessus

FreeBSD : serviio -- affected by log4j vulnerability (1ea05bb8-5d74-11ec-bb1e-001517a2e1a4)

2021-12-15 00:00:00

Cisco Identity Services Log4j Engine Remote Code Execution (cisco-sa-apache-log4j-qRuKNEbd)

2022-05-02 00:00:00

Amazon Linux 2 : log4j-cve-2021-44228-hotpatch (ALAS-2022-1806)

2022-06-16 00:00:00

suse

Security update for log4j (important)

2021-12-12 00:00:00

ibm

Security Bulletin: Vulnerability in Apache Log4j addressed in IBM Spectrum Conductor

2022-01-07 16:23:40

Security Bulletin: IBM Security Verify Governance Products NOT Affected by CVE-2021-44228 Exploit

2022-04-04 21:53:13

Security Bulletin: Is Blueworks Live affected by CVE-2021-44228 (Log4j Vulnerability)?

2021-12-17 17:30:47

ubuntu

Apache Log4j 2 vulnerability

2021-12-17 00:00:00

threatpost

Conti Ransomware Gang Has Full Log4Shell Attack Chain

2021-12-20 22:11:30

FTC to Go After Companies that Ignore Log4j

2022-01-05 19:00:03

The Log4j Vulnerability Puts Pressure on the Security World

2022-01-18 20:21:04

fedora

[SECURITY] Fedora 34 Update: jansi-2.1.1-4.fc34

2021-12-22 01:14:26

hackerone

U.S. Dept Of Defense: Log4Shell: RCE 0-day exploit on █████████

2021-12-16 18:32:13

MTN Group: Remote code injection in Log4j on http://mtn1app.mtncameroon.net - CVE-2021-44228

2021-12-14 03:55:04

Acronis: [forum.acronis.com] JNDI Code Injection due an outdated log4j component

2021-12-19 06:07:01

thn

NHS Warns of Hackers Targeting Log4j Flaws in VMware Horizon

2022-01-08 07:04:00

Iranian Hackers Exploiting Unpatched Log4j 2 Bugs to Target Israeli Organizations

2022-08-27 03:23:00

Last Years Open Source - Tomorrow's Vulnerabilities

2022-11-01 12:04:00

rapid7blog

Being Naughty to See Who Was Nice: Machine Learning Attacks on Santa’s List

2022-01-14 14:46:41

Log4Shell 2 Months Later: Security Strategies for the Internet's New Normal

2022-02-17 18:00:00

Log4Shell Makes Its Appearance in Hacker Chatter: 4 Observations

2021-12-14 21:05:17

cisa

Ivanti Updates Log4j Advisory with Security Updates for Multiple Products

2022-01-14 00:00:00

mmpc

Build a stronger cybersecurity team through diversity and training

2022-01-20 17:00:00

packetstorm

UniFi Network Application Unauthenticated Log4Shell Remote Code Execution

2022-01-24 00:00:00

Apache Log4j2 2.14.1 Information Disclosure

2021-12-14 00:00:00

Log4Shell HTTP Header Injection

2022-01-12 00:00:00

zdt

UniFi Network Application Unauthenticated Log4Shell Remote Code Execution Exploit

2022-01-24 00:00:00

kitploit

NodeSecurityShield - A Developer And Security Engineer Friendly Package For Securing NodeJS Applications

2022-05-14 21:30:00

metasploit

Log4Shell HTTP Header Injection

2021-12-29 14:10:07

hivepro

Monti ransomware infiltrates networks via the well-known Log4Shell

2022-09-16 10:51:13

osv

apache-log4j2 - security update

2021-12-12 00:00:00

apache-log4j2 vulnerability

2021-12-17 12:46:46

apache-log4j2 vulnerability

2021-12-14 13:39:20

trellix

Log4J and The Memory That Knew Too Much

2022-01-19 00:00:00

openvas

Fedora: Security Advisory for log4j (FEDORA-2021-66d6c484f3)

2021-12-23 00:00:00

Apache JSPWiki 2.11.0 Log4j RCE Vulnerability (Log4Shell) - Active Check

2021-12-20 00:00:00

Opencast < 9.10, 10.x < 10.6 Log4j RCE Vulnerability (GHSA-mf4f-j588-5xm8, Log4Shell)

2022-09-12 00:00:00

nvd

CVE-2021-44228

2021-12-10 10:15:09

wallarmlab

Log4j 0day mitigation update CVE-2021-44228

2021-12-10 20:56:40

freebsd

graylog -- include log4j patches

2021-12-10 00:00:00

github

Apache Log4j Remote Code Execution

2021-12-14 21:07:14

trendmicroblog

Patch Now: Apache Log4j Vulnerability Called Log4Shell Actively Exploited

2021-12-13 00:00:00

redhat

(RHSA-2021:5126) Critical: Red Hat Integration Camel Extensions for Quarkus GA security update

2021-12-14 16:15:45

(RHSA-2021:5093) Critical: Red Hat build of Eclipse Vert.x 4.1.5 SP1 security update

2021-12-14 15:57:34

(RHSA-2021:5130) Critical: Red Hat Integration Camel-K 1.6.2 release and security update

2021-12-14 17:51:25

impervablog

Continuing to Stay Ahead of CVE-2021-44228: Addressing Your Top Questions

2021-12-14 22:55:49

Analytics Are Essential for Effective Database Security

2022-01-13 15:23:02

kaspersky

KLA12390 RCE vulnerability in Apache Log4j

2021-12-10 00:00:00

KLA12392 RCE vulnerability in Microsoft Azure

2021-12-16 00:00:00

KLA12395 RCE vulnerability in Microsoft SQL Server

2021-12-16 00:00:00

akamaiblog

Threat Intelligence on Log4j CVE: Key Findings and Their Implications

2021-12-17 19:30:00

qualysblog

Log4Shell – Follow This Multi-Layered Approach for Detection and Remediation

2021-12-28 18:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

AI Score

9.8

Confidence

High

EPSS

0.965

Percentile

99.6%

JSON

Related for BFBBD550-B2CF-524B-87F6-D0A8980CDFD3