vulnerability
Apache Log4j Log4Shell JndiLookup class mitigation in place
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 1 | (AV:L/AC:H/Au:M/C:N/I:N/A:N) | 12/11/2021 | 01/24/2022 | 03/02/2022 |
Severity
1
CVSS
(AV:L/AC:H/Au:M/C:N/I:N/A:N)
Published
12/11/2021
Added
01/24/2022
Modified
03/02/2022
Description
This detection identifies the presence of a mitigated vulnerable version of log4j-core.jar stemming from CVE-2021-44228 and CVE-2021-45046. Mitigation steps suggested by Apache involves the removal of the JndiLookup.class file from log4j-core.jar archives.
Solution
apache-log4j-core-jndilookup-mitigation-removal
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.