Name | log4j_rce |
CVE | CVE-2021-44228 |
Exploit Pack | CANVAS |
Description | log4j_rce |
Notes | CVE Name: CVE-2021-44228 VENDOR: Apache Tested on: ['Ubuntu Linux 20.04.3 Java 8u231/Apache Log4j 2.14.1', 'Ubuntu Linux 20.04.3 Java 8u071/Apache Log4j 2.14.1'] NOTES: This exploit will work on Jdk < 11.0.1, 8u191, 7u201 and 6u211. In later versions, the target should have the 'com.sun.jndi.ldap.object.trustURLCodebase' property set to 'true'. VersionsAffected: 2.0-beta9 to 2.15.0 Repeatability: Infinity References: https://blog.cloudflare.com/inside-the-log4j2-vulnerability-cve-2021-44228/ Date public: 12/09/2021 CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228 CVSS: 10.0 |
Learn more about the CANVAS Exploit Pack here: CANVAS |