KLA12406
RCE vulnerability in Apache Log4j

Updated: 12/30/2021
Detect date
?
12/28/2021
Severity
?
Warning
Description

Remote code execution vulnerability was found in Apache Log4j. Malicious users can exploit this vulnerability to execute arbitrary code.

Affected products

Apache Log4j 2.0-beta9 before 2.3.2, 2.4.0 before 2.12.4, 2.13.0 before 2.17.1

Solution

Update to the latest version

Original advisories

Fixed in Log4j 2.17.1 (Java 8), 2.12.4 (Java 7) and 2.3.2 (Java 6)

Impacts
?
ACE 
[?]
Related products
Apache Log4j
Find out the statistics of the vulnerabilities spreading in your region