Apache Log4j 2.0.x Multiple Vulnerabilities (HTTP Web Root, Log4Shell) - Active Check CVE-2021-44228CVE-2021-45046
- Severity
- CVSSv3 Score
- 9
- Vulnerability description
- Not available
- Risk description
- Not available
- Recommendation
- Not available
- References
- https://www.cisa.gov/known-exploited-vulnerabilities-cataloghttps://logging.apache.org/log4j/2.x/security.htmlhttps://issues.apache.org/jira/browse/LOG4J2-3198https://issues.apache.org/jira/browse/LOG4J2-3201https://github.com/apache/logging-log4j2/pull/607https://github.com/apache/logging-log4j2/pull/608https://github.com/advisories/GHSA-jfh8-c2jp-5v3qhttps://www.openwall.com/lists/oss-security/2021/12/10/1https://www.lunasec.io/docs/blog/log4j-zero-day/https://www.lunasec.io/docs/blog/log4j-zero-day-update-on-cve-2021-45046/https://www.cyberkendra.com/2021/12/worst-log4j-rce-zeroday-dropped-on.htmlhttps://github.com/YfryTchsGD/Log4jAttackSurfacehttp://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.htmlhttps://github.com/tangxiaofeng7/apache-log4j-pochttps://github.com/0x0021h/apache-log4j-rcehttps://securitylab.github.com/advisories/GHSL-2021-1054_GHSL-2021-1055_log4j2/
- Codename
- Not available
- Detectable with
- Network Scanner
- Scan engine
- OpenVAS
- Exploitable with Sniper
- No
- CVE Published
- Dec 10, 2021
- Detection added at
- Software Type
- Not available
- Vendor
- Not available
- Product
- Not available
Detect this vulnerability now!
Check your clients' targets (or your own) for this vulnerability and thousands more! Get proof for validation with our ethical hacking toolkit.