Thứ Ba, Tháng Tám 9, 2022
  • Home
  • Health
  • News
  • Software
  • Tech
  • Travel
  • Gen Z
NATuts
  • Home
  • Health
  • News
  • Software
  • Tech
  • Travel
  • Gen Z
No Result
View All Result
NATuts
  • Home
  • Health
  • News
  • Software
  • Tech
  • Travel
  • Gen Z
No Result
View All Result
NATuts
No Result
View All Result
Home Tech

How dangerous is the Log4j vulnerability?

12 Tháng Mười Hai, 2021
in Tech
0
How dangerous is the Log4j vulnerability?
602
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Các bài viết liên quan:

Download 3DVista Virtual Tour 2019

Download 3DVista Virtual Tour 2019

8 Tháng Tám, 2022
Nha Trang Stone Bridge Port

Nha Trang Stone Bridge Port

8 Tháng Tám, 2022
Taiwan is about to rehearse the anti-occupation of the island

Taiwan is about to rehearse the anti-occupation of the island

8 Tháng Tám, 2022
Instructions for using SMS OTP V3 spam tool

Instructions for using SMS OTP V3 spam tool

8 Tháng Tám, 2022
How to Do Venmo Identity Verification [2022 Guide]

How to Do Venmo Identity Verification [2022 Guide]

8 Tháng Tám, 2022
Meta disrupts cyber espionage in South Asia Facebook abuse

Meta disrupts cyber espionage in South Asia Facebook abuse

8 Tháng Tám, 2022

On December 9, 2021, a remote code execution (RCE) vulnerability in Apache log4j 2 was identified and identified with the code CVE-2021-44228. Public Proof of Mining (PoC) has been released and shows that mining is extremely easy to do. By sending a malicious request to a system vulnerable to Log4j an attacker can manipulate that system to download and then execute malicious code. Since this exploit has only been discovered recently, there are still many servers, whether physical or Cloud environments, that have yet to be patched. Like many high-severity RCE exploits, so far a large-scale hacker scan has begun on the internet with the aim of finding and exploiting unpatched systems. To fix the vulnerability from Log4j, you need to upgrade to the latest version of Apache log4j 2 (2.15.0-rc2) for all systems.

sorry log4j

Log4j is a Java library and although the programming language is less popular with consumers these days, it is still very widely used in enterprise systems and web applications.

Currently, almost all Java applications use the Log4j library. Log4j is developed by the Apache Foundation and is widely used by both enterprise applications and cloud services.

Web applications and products from Apple, Amazon, Cloudflare, Twitter, and Steam are all vulnerable to RCE attacks that target this vulnerability.

Apache Log4j version affected

Apache Log4j 2.x <= 2.15.0-rc1

Affected software

Apache log4j 2 is an open source Java-based logging module, used in many Java applications around the world. Compared to the initial log4j 1.X release, log4j 2 resolved the issues with the previous release and provided a plugin architecture for users. On August 5, 2015, log4j 2 became major release and all users of previous log4j versions are recommended to upgrade to log4j 2. Apache log4j 2 is widely used in many popular software applications , such as Apache Struts, ElasticSearch, Redis, Kafka and others.

A significant number of Java based applications are using log4j as a logging utility and are very vulnerable to this CVE attack. Statistically, at least the following software may be affected:

  • Apache Struts
  • Apache Solr
  • Apache Druid
  • Apache Flink
  • ElasticSearch
  • Flume
  • Apache Dubbo
  • Logstash
  • Kafka
  • Spring-Boot-starter-log4j2

List of companies whose products are affected

You can click on each company name to see an image of the evidence of the Log4j . bug

Currently, there are some github pages sharing PoC, how to exploit Log4j vulnerability – CVE-2021-44228, if you want to research, you can find here

Previous Post

Download the latest TechSmith Camtasia Full, Detailed Installation Instructions

Next Post

Download Retouch Pro Panel 2

Admin Natuts

Admin Natuts

Related Posts

Instructions for using SMS OTP V3 spam tool

Instructions for using SMS OTP V3 spam tool

8 Tháng Tám, 2022
How to Do Venmo Identity Verification [2022 Guide]

How to Do Venmo Identity Verification [2022 Guide]

8 Tháng Tám, 2022
Meta disrupts cyber espionage in South Asia Facebook abuse

Meta disrupts cyber espionage in South Asia Facebook abuse

8 Tháng Tám, 2022
Instructions to install Outline VPN on Ubuntu

Instructions to install Outline VPN on Ubuntu

7 Tháng Tám, 2022
What is Conhost.exe and why is it running on my computer

What is Conhost.exe and why is it running on my computer

7 Tháng Tám, 2022
How to make the background transparent in Canva

How to make the background transparent in Canva

7 Tháng Tám, 2022
Load More
Next Post
Download Retouch Pro Panel 2

Download Retouch Pro Panel 2

Trả lời Hủy

Email của bạn sẽ không được hiển thị công khai. Các trường bắt buộc được đánh dấu *

Bài viết mới

Download 3DVista Virtual Tour 2019
Software

Download 3DVista Virtual Tour 2019

8 Tháng Tám, 2022
Nha Trang Stone Bridge Port
Travel

Nha Trang Stone Bridge Port

8 Tháng Tám, 2022
Taiwan is about to rehearse the anti-occupation of the island
News

Taiwan is about to rehearse the anti-occupation of the island

8 Tháng Tám, 2022
Instructions for using SMS OTP V3 spam tool
Tech

Instructions for using SMS OTP V3 spam tool

8 Tháng Tám, 2022
How to Do Venmo Identity Verification [2022 Guide]
Tech

How to Do Venmo Identity Verification [2022 Guide]

8 Tháng Tám, 2022
Meta disrupts cyber espionage in South Asia Facebook abuse
Tech

Meta disrupts cyber espionage in South Asia Facebook abuse

8 Tháng Tám, 2022
W3Schools

Ads

Contact: [email protected]

DMCA.com Protection Status

Categories

  • Android
  • Cạm bẫy tâm lí
  • Chưa được phân loại
  • Đồ họa
  • Đời sống
  • Gen Z
  • Health
  • iOS
  • Kĩ năng mềm
  • News
  • Nhà mạng
  • Phần mềm
  • Phần mềm đồ họa
  • Review sách
  • Software
  • Tech
  • Thiết kế ảnh
  • Thiết kế video
  • Thủ thuật
  • Travel
  • Văn hóa Nam Bộ
  • Văn học
  • Window

Browse by Tag

ai là triệu phú android Apple browser Bullet Journal bản thân Chỉnh ảnh data domain download du lịch fshare game game show hosting HÌNH XĂM IKEA ios khuyến mãi kinh doanh kiến thức kiểm tra pin lừa đảo messenger miễn phí mua sắm Máy ảnh mạng mồi tiềm thức network nghệ thuật nhà Trần quảng cáo review tháp phân tầng xã hội tiếng anh tiện ích Trần Thủ Độ tên miền từ vựng viettel word xã hội Đơn giản đánh bạc

Recent News

Download 3DVista Virtual Tour 2019

Download 3DVista Virtual Tour 2019

8 Tháng Tám, 2022
Nha Trang Stone Bridge Port

Nha Trang Stone Bridge Port

8 Tháng Tám, 2022

Trang tin nóng hổi - vừa thổi vừa xem

No Result
View All Result
  • Home
  • Health
  • News
  • Software
  • Tech
  • Travel
  • Gen Z

Trang tin nóng hổi - vừa thổi vừa xem