THREAT OPS › CVEs › CVE-2021-45046
CVE-2021-45046 — Apache Log4j2 Deserialization of Untrusted Data Vulnerability
Apache Log4j2 contains a deserialization of untrusted data vulnerability due to the incomplete fix of CVE-2021-44228, where the Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-default configurations.
Vulnerability details
- Affected productsLog4j2
- KEV remediation due2023-05-22