Zero-Day (CVE-2021-44228) Impacts Log4j Java Library

Dec 10, 2021
Gretha Loubser
Product Marketing Manager

Share with Your Network

A new vulnerability published today and is making waves in the security press. The vulnerability (CVE-2021-44228) was found in Apache Log4j—a common Java logging library—and appears to already be under active exploitation.

In a nutshell, CVE-2021-44228 give attackers an avenue for remote code execution, resulting in complete control of the affected server. Anyone using Apache Struts can be impacted, so the attack surface is unfortunately fairly large.

For more details on the vulnerability (and mitigation guidance), check out the Cisco Talos Thread Advisory for more vulnerability details and mitigation guidance.

Read the Latest Content

Threat Intelligence

18+ Threat Intel Feeds Power Modern Vulnerability Management

You need lots of threat intelligence feeds to cover all of the threat and vulnerability data categories in the world. Learn about the threat intel feeds...
Data Science

Ask Us About Our Data Science

In vulnerability management, data deluge is a recurring problem. Learn what data science is and how it can help your company.
Risk-Based Vulnerability Management

What is Modern Vulnerability Management?

Modern vulnerability management is an orderly, systematic, and data-driven approach to enterprise vulnerability management.

© 2022 Kenna Security. All Rights Reserved. Privacy Policy.