CVE-2021-44228 Log4j Security Vulnerability

Updated: Wed Dec 15 14:45:00 SAST 2021

Further vulnerabilities have been discovered with certain non-default configurations, which are not mitigated by setting `log4j2.noFormatMsgLookup` to `true`.

https://www.cve.org/CVERecord?id=CVE-2021-45046

Links

You can learn how to exploit this vulnerability in a safe environment here:

https://tryhackme.com/room/solar

You will need to create a login and then you can follow material presented. This is essentially a training site and they have provided this environment for free to allow anyone to learn more detail about this vulnerability in a more practice way.

Mitre: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228

Vendor Links: