vulnerability
Apache Log4j Log4Shell JndiLookup class mitigation in place
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 1 | (AV:L/AC:H/Au:M/C:N/I:N/A:N) | 2021-12-11 | 2022-01-24 | 2022-03-02 |
Severity
1
CVSS
(AV:L/AC:H/Au:M/C:N/I:N/A:N)
Published
2021-12-11
Added
2022-01-24
Modified
2022-03-02
Description
This detection identifies the presence of a mitigated vulnerable version of log4j-core.jar stemming from CVE-2021-44228 and CVE-2021-45046. Mitigation steps suggested by Apache involves the removal of the JndiLookup.class file from log4j-core.jar archives.
Solution
apache-log4j-core-jndilookup-mitigation-removal
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.