#TB211201SU – Apache Log4j Vulnerability

  • Version #TB211201SU
  • Download 103
  • File Size 100 KB
  • File Count 1
  • Create Date December 6, 2021
  • Last Updated March 14, 2022

Reference #: TB211201SU

Title: Apache Log4j Vulnerability

Date: December 16, 2021

Description:
On December 10, 2021, notice of a critical remote code vulnerability was published concerning the Apache Log4j library. Vulnerable versions include Apache Log4j2 2.0-beta9 through 2.12.1 and 2.13.0 through 2.15.0. The vulnerability is specific to log4j-core and does not extend to log4net, log4cxx, or other Apache Logging Services. Bad actors may use log messages or log message parameters to execute arbitrary code on the targeted server. Salient Systems is in the process of assessing potential impact to its products. Follow the links in the following sections for more detailed information on the vulnerability.

Vulnerability ID: CVE-2021-44228

Issue Summary:
Apache Publication: Apache Log4j Remote Code Execution
CVE Details: CVE-2021-44228


Download