CISA warns 'most serious' #Log4j vulnerability likely to affect hundreds of millions of devices
Cybersecurity and Infrastructure Security Agency Director Jen Easterly told industry leaders in a phone briefing Monday that a vulnerability in a widely-used logging library βis one of the most serious Iβve seen in my entire career, if not the most serious.β
βWe expect the vulnerability to be widely exploited by sophisticated actors and we have limited time to take necessary steps in order to reduce the likelihood of damage,β she said of the Apache Log4j flaw. The issue is an unauthenticated remote execution vulnerability that could allow an intruder to take over an affected device.
https://www.cyberscoop.com/log4j-cisa-easterly-most-serious/
Cybersecurity and Infrastructure Security Agency Director Jen Easterly told industry leaders in a phone briefing Monday that a vulnerability in a widely-used logging library βis one of the most serious Iβve seen in my entire career, if not the most serious.β
βWe expect the vulnerability to be widely exploited by sophisticated actors and we have limited time to take necessary steps in order to reduce the likelihood of damage,β she said of the Apache Log4j flaw. The issue is an unauthenticated remote execution vulnerability that could allow an intruder to take over an affected device.
https://www.cyberscoop.com/log4j-cisa-easterly-most-serious/
#Log4j
https://github.com/jas502n/Log4j2-CVE-2021-44228
https://github.com/hillu/local-log4j-vuln-scanner
https://github.com/huntresslabs/log4shell-tester
https://github.com/kozmer/log4j-shell-poc
https://github.com/cisagov/log4j-affected-db
https://github.com/logpresso/CVE-2021-44228-Scanner
https://github.com/tangxiaofeng7/BurpLog4j2Scan
https://github.com/corretto/hotpatch-for-apache-log4j2
https://github.com/silentsignal/burp-log4shell
https://github.com/jas502n/Log4j2-CVE-2021-44228
https://github.com/hillu/local-log4j-vuln-scanner
https://github.com/huntresslabs/log4shell-tester
https://github.com/kozmer/log4j-shell-poc
https://github.com/cisagov/log4j-affected-db
https://github.com/logpresso/CVE-2021-44228-Scanner
https://github.com/tangxiaofeng7/BurpLog4j2Scan
https://github.com/corretto/hotpatch-for-apache-log4j2
https://github.com/silentsignal/burp-log4shell
GitHub
GitHub - jas502n/Log4j2-CVE-2021-44228: Remote Code Injection In Log4j
Remote Code Injection In Log4j. Contribute to jas502n/Log4j2-CVE-2021-44228 development by creating an account on GitHub.