Kenna Security is now part of Cisco

|Learn more
Contact Us
Talk to an Expert
Request a demo

Zero-Day (CVE-2021-44228) Impacts Log4j Java Library

Dec 10, 2021
Gretha Loubser
Product Marketing Manager

Share with Your Network

A new vulnerability published today and is making waves in the security press. The vulnerability (CVE-2021-44228) was found in Apache Log4j—a common Java logging library—and appears to already be under active exploitation.

In a nutshell, CVE-2021-44228 give attackers an avenue for remote code execution, resulting in complete control of the affected server. Anyone using Apache Struts can be impacted, so the attack surface is unfortunately fairly large.

For more details on the vulnerability (and mitigation guidance), check out the Cisco Talos Thread Advisory for more vulnerability details and mitigation guidance.

Read the Latest Content

Threat Intelligence

18+ Threat Intel Feeds Power Modern Vulnerability Management

You need lots of feeds to cover all of the threat and vulnerability data categories and 4 or 5 feeds doesn't provide good coverage or breadth.
Data Science

Ask Us About Our Data Science

In vulnerability management, data deluge is a recurring problem, and this is where Kenna has taken a distinct approach from the get-go.
Risk-Based Vulnerability Management

What is Modern Vulnerability Management?

Modern vulnerability management is an orderly, systematic, and data-driven approach to enterprise vulnerability management.
Sign up to get the latest updates

© 2021 Kenna Security. All Rights Reserved. Privacy Policy.

Drif chat trigger