VDB
BDU%3A2022-02946
BDU%3A2022-02946
PUBLISHED
CVSS 6.800000190734863 MEDIUM
Уязвимость программы для журналирования Java-программ Log4j, связанная с небезопасным управлением привилегиями, позволяющая нарушителю выполнить произвольный код
Risk Scores
CVSS 2.0
6.800000190734863
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache Software Foundation | Log4j |
Exploit Intelligence
- https://alas.aws.amazon.com/cve/html/CVE-2022-0070.html (circl)
- https://alas.aws.amazon.com/announcements/2021-001.html (circl)
- https://nvd.nist.gov/vuln/detail/CVE-2022-0070 (circl)
- https://unit42.paloaltonetworks.com/aws-log4shell-hot-patch-vulnerabilities (circl)
- https://github.com/corretto/hotpatch-for-apache-log4j2 (circl)
Timeline
- May 17, 2022 CVE Published
References
- https://alas.aws.amazon.com/cve/html/CVE-2022-0070.html url
- https://alas.aws.amazon.com/announcements/2021-001.html url
- https://nvd.nist.gov/vuln/detail/CVE-2022-0070 url
- https://unit42.paloaltonetworks.com/aws-log4shell-hot-patch-vulnerabilities url
- https://github.com/corretto/hotpatch-for-apache-log4j2 url