Back Icon Back

cloud destinations

Ragavan


Date

Dec 2021


Topics

  • Log4j
  • Logging Library Vulnerability
  • Cybersecurity,
  • RCE Vulnerability

Share

8 Min Read

The Cyber Security Catastrophe of the Year’21 Log4j Logging Library Vulnerability

The Log4Shell exploit gives attackers a simple way to execute code on any vulnerable machine. CVE-2021-45046, second version of vulnerability emerges from the incomplete patch to the CVE-2021-44228 that leads attackers to craft malicious input data using a JNDI Lookup pattern resulting in a denial of service (DOS) attack. CVE-2021-45046, rated 9.0 (critical) on the CVSS scale.

CVE-2021-45105, third version of vulnerability emerges when the attacker’s control over Thread Context Map (MDC) input data which can craft malicious input data that contains a recursive lookup and can cause Denial of Service.CVE-2021-45105, rated 7.5 (high) on the CVSS scale.

CVE-2021-4104, fourth version of vulnerability emerges when the attacker has write access to the Log4j configuration using JMSAppender which is vulnerable to deserialization of untrusted data.CVE-2021-4104, rated 8.1 (high) on the CVSS scale.

CD Bytes! As a trusted Qualys partner Cloud Destinations helps organizations in quick detection and remediation of log4j vulnerabilities with its advanced out-of-band detection mechanisms. Qualys is also continuously updating their platform to make accurate detections of applications vulnerable to log4shell. For more information & engagement please refer https://clouddestinations.com and write to info@clouddestinations.com

Back Icon Back Blogs


Related Posts

cloud destinations partners

United States

2603 Camino Ramon, Bishop Ranch 3, Suite 200, San Ramon, CA 94583, USA

cloud destinations partners

Canada

9850 King George Blvd, 2nd-5th Floor, Surrey, British Columbia, V3T 4Y3, Canada

cloud destinations partners

Malaysia

833A/ 3, Level 28, The Gardens South Tower, Mid Valley City, Lingkaran Syed Putra, 59200, Kuala Lumpur, Malaysia

cloud destinations partners

Coimbatore

Block A2, First Floor, Span Ventures SEZ, Rathinam Tech Zone, Pollachi Main Road, Eachanari, Coimbatore – 641021

cloud destinations partners

Chennai

WorkEZ Urban Square, Kandanchavadi, OMR, Kottivakkam, Rajiv Gandhi Salai, Chennai – 600041

Thank you for visiting our website! We use cookies to enhance your experience. These cookies help us remember your preferences, display relevant information, and ensure smooth functionality. By clicking “Accept,” you consent to our use of cookies. For more details, please see our Privacy Policy.