|
|
|||
| Rule General Information |
|---|
| Release Date: | 2026-05-06 | |
| Rule Name: | Log4j2 JNDI Injection Vulnerability (CVE-2021-44228) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Apache Log4j is a Java-based open-source logging tool developed by the Apache Software Foundation of the United States. Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. | |
| Impact: | Successful exploitation allows an attacker to execute arbitrary code on the target server with the privileges of the vulnerable application, leading to complete system compromise, data theft, and further lateral movement in the network. This is one of the most critical vulnerabilities in recent years due to its widespread use in Java applications. | |
| Affected OS: | Linux, Windows, Others | |
| Reference: | CVE-2021-44228 |
|
| Solutions |
|---|
| Please refer to announcements or patches release by the vendor: https://logging.apache.org/security.html |