Zero-Day (CVE-2021-44228) Impacts Log4j Java Library
Dec 10, 2021
Share with Your Network
A new vulnerability published today and is making waves in the security press. The vulnerability (CVE-2021-44228) was found in Apache Log4j—a common Java logging library—and appears to already be under active exploitation.
In a nutshell, CVE-2021-44228 give attackers an avenue for remote code execution, resulting in complete control of the affected server. Anyone using Apache Struts can be impacted, so the attack surface is unfortunately fairly large.
For more details on the vulnerability (and mitigation guidance), check out the Cisco Talos Thread Advisory for more vulnerability details and mitigation guidance.
Read the Latest Content
Threat Intelligence
18+ Threat Intel Feeds Power Modern Vulnerability Management
You need lots of threat intelligence feeds to cover all of the threat and vulnerability data categories in the world. Learn about the threat intel feeds...
READ MORE
Data Science
Ask Us About Our Data Science
In vulnerability management, data deluge is a recurring problem. Learn what data science is and how it can help your company.
READ MORE
Risk-Based Vulnerability Management
What is Modern Vulnerability Management?
Modern vulnerability management is an orderly, systematic, and data-driven approach to enterprise vulnerability management.
READ MORE