#TB211201SU – Apache Log4j Vulnerability

Reference #: TB211201SU

Title: Apache Log4j Vulnerability

Date: December 16, 2021

On December 10, 2021, notice of a critical remote code vulnerability was published concerning the Apache Log4j library. Vulnerable versions include Apache Log4j2 2.0-beta9 through 2.12.1 and 2.13.0 through 2.15.0. The vulnerability is specific to log4j-core and does not extend to log4net, log4cxx, or other Apache Logging Services. Bad actors may use log messages or log message parameters to execute arbitrary code on the targeted server. Salient Systems is in the process of assessing potential impact to its products. Follow the links in the following sections for more detailed information on the vulnerability.

Vulnerability ID: CVE-2021-44228

Issue Summary:
Apache Publication: Apache Log4j Remote Code Execution
CVE Details: CVE-2021-44228

Learn more by clicking the link below or downloading.

Leave a comment