| Name | log4j_rce |
| CVE | CVE-2021-44228 |
| Exploit Pack | CANVAS |
| Description | log4j_rce |
| Notes | CVE Name: CVE-2021-44228 VENDOR: Apache Tested on: ['Ubuntu Linux 20.04.3 Java 8u231/Apache Log4j 2.14.1', 'Ubuntu Linux 20.04.3 Java 8u071/Apache Log4j 2.14.1'] NOTES: This exploit will work on Jdk < 11.0.1, 8u191, 7u201 and 6u211. In later versions, the target should have the 'com.sun.jndi.ldap.object.trustURLCodebase' property set to 'true'. VersionsAffected: 2.0-beta9 to 2.15.0 Repeatability: Infinity References: https://blog.cloudflare.com/inside-the-log4j2-vulnerability-cve-2021-44228/ Date public: 12/09/2021 CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228 CVSS: 10.0 |
| Learn more about the CANVAS Exploit Pack here: CANVAS |