Tags RSS Feed
- INHALTE -
New Log4j Vulnerability
Fourth log4j rce Vulnerability discovered, again puts whole internet on Risk.
label security   logging   schedule 40 s.

Was erzählt man so

taking the whole internet back to the same situation
This is the third RCE and fourth vulnerability in the Log4j library
Today, the Apache security team has released another version of the Apache Log4J (version 2.17.1) fixing CVE-2021-44832, a newly discovered Remote Code Execution bug.
This is another bad situation for most of the users, but we strongly recommend everyone get their system updated to fix this critical issue.
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack.

Wen betriffts?

All versions from 2.0-alpha7 to 2.17.0, excluding 2.3.2 and 2.12.4

Applications using only the log4j-API JAR file without the log4j-core JAR file are not impacted

Verfügbare Scanner

Log4j Scanner by CISA gov Log4jScanner by Google Local Log4j Vul Scanner by Hilko Bengen Full hunt Log4j Scan by Mazin Ahmed

More: https://www.cyberkendra.com/2021/12/fourth-log4j-rce-vulnerability.html

Zuletzt bearbeitet am 06.03.2023

best practice
never touch a running system
Tags RSS Feed
Hugo Theme Diary von Rise
Adaptiert von Makito's Journal.

© whatever
- INHALTE -