Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

FB83113C-AABD-5893-8DDE-332B57F4FDD4

HistoryDec 12, 2021 - 2:05 p.m.

Vulners
/
Githubexploit
/
Exploit for Expression Language Injection in Apache Log4J

Exploit for Expression Language Injection in Apache Log4J

2021-12-1214:05:05

453

log4j

improper input validation

cve-2021-44228

log4shell

log4j rce

security responders

affected components

affected apps

vendors

internal risk

external risk

patching

monitoring.

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

AI Score

9.9

Confidence

High

EPSS

0.965

Percentile

99.6%

JSON

log4j-log4shell-affected

Lists of affected components and affe…

This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.

githubexploit 96

nessus 9

suse 1

ibm 40

ubuntu 1

threatpost 9

fedora 1

hackerone 4

thn 3

rapid7blog 3

cisa 1

mmpc 1

packetstorm 3

zdt 1

kitploit 1

metasploit 1

hivepro 1

osv 3

trellix 1

openvas 4

nvd 1

wallarmlab 1

freebsd 1

github 1

trendmicroblog 1

redhat 3

impervablog 2

kaspersky 3

akamaiblog 1

qualysblog 1

githubexploit

Exploit for Deserialization of Untrusted Data in Apache Log4J

2021-12-15 05:19:13

Exploit for Expression Language Injection in Apache Log4J

2021-12-15 13:14:34

Exploit for Expression Language Injection in Apache Log4J

2021-12-14 21:47:04

nessus

FreeBSD : serviio -- affected by log4j vulnerability (1ea05bb8-5d74-11ec-bb1e-001517a2e1a4)

2021-12-15 00:00:00

Cisco Identity Services Log4j Engine Remote Code Execution (cisco-sa-apache-log4j-qRuKNEbd)

2022-05-02 00:00:00

Amazon Linux 2 : log4j-cve-2021-44228-hotpatch (ALAS-2022-1806)

2022-06-16 00:00:00

suse

Security update for log4j (important)

2021-12-12 00:00:00

ibm

Security Bulletin: Vulnerability in Apache Log4j addressed in IBM Spectrum Conductor

2022-01-07 16:23:40

Security Bulletin: IBM Security Verify Governance Products NOT Affected by CVE-2021-44228 Exploit

2022-04-04 21:53:13

Security Bulletin: Is Blueworks Live affected by CVE-2021-44228 (Log4j Vulnerability)?

2021-12-17 17:30:47

ubuntu

Apache Log4j 2 vulnerability

2021-12-17 00:00:00

threatpost

Conti Ransomware Gang Has Full Log4Shell Attack Chain

2021-12-20 22:11:30

FTC to Go After Companies that Ignore Log4j

2022-01-05 19:00:03

The Log4j Vulnerability Puts Pressure on the Security World

2022-01-18 20:21:04

fedora

[SECURITY] Fedora 34 Update: jansi-2.1.1-4.fc34

2021-12-22 01:14:26

hackerone

U.S. Dept Of Defense: Log4Shell: RCE 0-day exploit on █████████

2021-12-16 18:32:13

MTN Group: Remote code injection in Log4j on http://mtn1app.mtncameroon.net - CVE-2021-44228

2021-12-14 03:55:04

Acronis: [forum.acronis.com] JNDI Code Injection due an outdated log4j component

2021-12-19 06:07:01

thn

NHS Warns of Hackers Targeting Log4j Flaws in VMware Horizon

2022-01-08 07:04:00

Iranian Hackers Exploiting Unpatched Log4j 2 Bugs to Target Israeli Organizations

2022-08-27 03:23:00

Last Years Open Source - Tomorrow's Vulnerabilities

2022-11-01 12:04:00

rapid7blog

Being Naughty to See Who Was Nice: Machine Learning Attacks on Santa’s List

2022-01-14 14:46:41

Log4Shell 2 Months Later: Security Strategies for the Internet's New Normal

2022-02-17 18:00:00

Log4Shell Makes Its Appearance in Hacker Chatter: 4 Observations

2021-12-14 21:05:17

cisa

Ivanti Updates Log4j Advisory with Security Updates for Multiple Products

2022-01-14 00:00:00

mmpc

Build a stronger cybersecurity team through diversity and training

2022-01-20 17:00:00

packetstorm

UniFi Network Application Unauthenticated Log4Shell Remote Code Execution

2022-01-24 00:00:00

Apache Log4j2 2.14.1 Information Disclosure

2021-12-14 00:00:00

Log4Shell HTTP Header Injection

2022-01-12 00:00:00

zdt

UniFi Network Application Unauthenticated Log4Shell Remote Code Execution Exploit

2022-01-24 00:00:00

kitploit

NodeSecurityShield - A Developer And Security Engineer Friendly Package For Securing NodeJS Applications

2022-05-14 21:30:00

metasploit

Log4Shell HTTP Header Injection

2021-12-29 14:10:07

hivepro

Monti ransomware infiltrates networks via the well-known Log4Shell

2022-09-16 10:51:13

osv

apache-log4j2 - security update

2021-12-12 00:00:00

apache-log4j2 vulnerability

2021-12-17 12:46:46

apache-log4j2 vulnerability

2021-12-14 13:39:20

trellix

Log4J and The Memory That Knew Too Much

2022-01-19 00:00:00

openvas

Fedora: Security Advisory for log4j (FEDORA-2021-66d6c484f3)

2021-12-23 00:00:00

Apache JSPWiki 2.11.0 Log4j RCE Vulnerability (Log4Shell) - Active Check

2021-12-20 00:00:00

Opencast < 9.10, 10.x < 10.6 Log4j RCE Vulnerability (GHSA-mf4f-j588-5xm8, Log4Shell)

2022-09-12 00:00:00

nvd

CVE-2021-44228

2021-12-10 10:15:09

wallarmlab

Log4j 0day mitigation update CVE-2021-44228

2021-12-10 20:56:40

freebsd

graylog -- include log4j patches

2021-12-10 00:00:00

github

Apache Log4j Remote Code Execution

2021-12-14 21:07:14

trendmicroblog

Patch Now: Apache Log4j Vulnerability Called Log4Shell Actively Exploited

2021-12-13 00:00:00

redhat

(RHSA-2021:5126) Critical: Red Hat Integration Camel Extensions for Quarkus GA security update

2021-12-14 16:15:45

(RHSA-2021:5093) Critical: Red Hat build of Eclipse Vert.x 4.1.5 SP1 security update

2021-12-14 15:57:34

(RHSA-2021:5130) Critical: Red Hat Integration Camel-K 1.6.2 release and security update

2021-12-14 17:51:25

impervablog

Continuing to Stay Ahead of CVE-2021-44228: Addressing Your Top Questions

2021-12-14 22:55:49

Analytics Are Essential for Effective Database Security

2022-01-13 15:23:02

kaspersky

KLA12390 RCE vulnerability in Apache Log4j

2021-12-10 00:00:00

KLA12392 RCE vulnerability in Microsoft Azure

2021-12-16 00:00:00

KLA12395 RCE vulnerability in Microsoft SQL Server

2021-12-16 00:00:00

akamaiblog

Threat Intelligence on Log4j CVE: Key Findings and Their Implications

2021-12-17 19:30:00

qualysblog

Log4Shell – Follow This Multi-Layered Approach for Detection and Remediation

2021-12-28 18:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

AI Score

9.9

Confidence

High

EPSS

0.965

Percentile

99.6%

JSON

Related for FB83113C-AABD-5893-8DDE-332B57F4FDD4