RedLegg CTI

2 min read

Critical Vulnerability Bulletin Update for Log4J

https://www.redlegg.com/hubfs/Theme-2024/overlay-red.png featured image

TABLE OF CONTENTS

By: RedLegg Blog

LOG4J Remote Code Execution Vulnerability (Update)

Identifier: CVE-2021-44228 and CVE-2021-45046

Exploit or POC: YES.

Update:

https://nvd.nist.gov/vuln/detail/CVE-2021-44228https://nvd.nist.gov/vuln/detail/CVE-2021-45046 (Updated reference)

https://nvd.nist.gov/vuln/detail/CVE-2021-45046

Description: CVE-2021-44228 allows an attacker to remotely execute code on the widely used logging library (Log4j). Log4J, between versions 2.0 and 2.15.0 are all affected by CVE-2021-44228 . https://nvd.nist.gov/vuln/detail/CVE-2021-45046

Mitigation recommendation: The only current mitigation is patching LOG4J to version 2.16.0. NIST has determined previous mitigation methods were incomplete and are undergoing additional analysis.

Similar Blogs

Hands around a Ouija board
Threat Intelligence RedLegg CTI

Summoning Cyber Awareness: Exorcising the Malevolent Realm...

EXECUTIVE SUMMARY RedLegg would like to recognize the efforts instituted by the Cybersecurity &...

Read More
96 Bravo Critical Security Bulletin
RedLegg CTI

Patch Tuesday - August 2023

*Important note: These are not the only vulnerabilities that have been recently released; however,...

Read More
Emergency Security Bulletin | RedLegg | 96Bravo
Threat Intelligence RedLegg CTI

Emergency Security Bulletin - Citrix ADC and Citrix Gateway

About: RedLegg will occasionally communicate vulnerabilities released outside the usual release...

Read More
Connect with Us
(312) 757-4941
Contact Us
©2024, RedLegg | Privacy Policy