30
/es/
AIzaSyAYiBZKx7MnpbEhh9jyipgxe19OcubqV5w
June 15, 2024
6278694
596948
2
Public Timelines FAQ
Public TimelinesFAQ
Public TimelinesFAQ
For educational institutions For teachers For students Open cabinet
For educational institutions For teachers For students Open cabinet
Crear
Create a timeline
Public timelines
Library
FAQ

28 dic 2021 año - CVE-2021-44832 CVSSv3: N/A Log4j 2.17.0 now vuln to RCE PATCH to v2.17.1

Descripción:

Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.

Añadido al timeline:

timeline log4j - log4shell

ByManuel -
30 dic 2021
1
0
2215

fecha:

28 dic 2021 año
Ahora mismo
~ 2 years and 5 months ago
About & FeedbackAcuerdoPrivacidadBiblioteca
2024 © Time.Graphics
Support 24/7  
CabinetGet premium
Donate
The service accepts bank transfer (ACH, Wire) or cards (Visa, MasterCard, etc). Processed by Stripe.
Secured with SSL
Excellent (Trustpilot Reviews)
Based on 115+ reviews