vulnerability
Apache Log4j Log4Shell JndiLookup class mitigation in place
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 1 | (AV:L/AC:H/Au:M/C:N/I:N/A:N) | Dec 11, 2021 | Jan 24, 2022 | Mar 2, 2022 |
Severity
1
CVSS
(AV:L/AC:H/Au:M/C:N/I:N/A:N)
Published
Dec 11, 2021
Added
Jan 24, 2022
Modified
Mar 2, 2022
Description
This detection identifies the presence of a mitigated vulnerable version of log4j-core.jar stemming from CVE-2021-44228 and CVE-2021-45046. Mitigation steps suggested by Apache involves the removal of the JndiLookup.class file from log4j-core.jar archives.
Solution
apache-log4j-core-jndilookup-mitigation-removal
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.