THREATOPS
THREAT OPSCVEs › CVE-2021-45046

CVE-2021-45046 — Apache Log4j2 Deserialization of Untrusted Data Vulnerability

CISA KEVExploited: confirmedApache

Apache Log4j2 contains a deserialization of untrusted data vulnerability due to the incomplete fix of CVE-2021-44228, where the Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-default configurations.

Vulnerability details