Important notice
On December 18th, Log4j version 2.17.0 was released to address open vulnerabilities. It is highly recommended to update your systems as soon as possible.
History of the Log4j library vulnerabilities
CVE-2021-44228 (initial vulnerability) – partly fixed in 2.15.0
CVE-2021-45046 (present in Log4j 2.15.0) – fixed in 2.16.0
CVE-2021-45105 (present in Log4j 2.16.0) – fixed in 2.17.0
The summary of the Log4Shell situation
On December 9th, a Chinese researcher posted his now monumental discovery on Twitter: there was a Remote Code Execution vulnerability in the popular Apache Log4j library. This library is used in millions of commercial and open-source applications. Ranked a 10/10 in terms of severity, CVE-2021-44228 or Log4Shell is capable of giving attackers full control over the targeted systems.
The exploit takes advantage of Apache’s Java Naming and Directory Interface (JNDI), which provides programmers a way to easily process remote commands and remote objects by calling external objects. However, with Log4Shell, attackers can inject their own code into the JNDI lookup command – code that will then be executed on the targeted system.
How an attack is carried out with the Log4Shell vulnerability
Attackers have been seen using the vulnerability in numerous ways, one of which is to execute XMRig, an infamous cryptominer. Another is to execute the Kinsing malware – ..
Support the originator by clicking the read the rest link below.
