THREAT OPS › CVEs › CVE-2021-44228
CVE-2021-44228 — Apache Log4j2 Remote Code Execution Vulnerability
Apache Log4j2 contains a vulnerability where JNDI features do not protect against attacker-controlled JNDI-related endpoints, allowing for remote code execution.
Vulnerability details
- Affected productsLog4j2
- KEV remediation due2021-12-24