Vulnerability identifier: #VU58976

Vulnerability risk: High

CVSSv3.1: 8.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2021-45046

CWE-ID: CWE-94

Exploitation vector: Network

Exploits in database: 3

• December 21, 2021
  • log4j2_vul_local_scanner (Log4j 漏洞本地检测脚本。 Scan all java processes on your host to check whether it's affected by log4j2 remote code execution vulnerability (CVE-2021-45046)) [Github]
• December 16, 2021
  • CVE-2021-45046-Info (Oh no another one) [Github]
• December 15, 2021
  • Log4j_CVE-2021-45046 (Log4j 2.15.0 Privilege Escalation -- CVE-2021-45046) [Github]

Impact: Code execution

Vulnerable software:
Apache Log4j
Universal components / Libraries / Libraries used by multiple products

Vendor: Apache Foundation