Updated: Wed Dec 15 14:45:00 SAST 2021 Further vulnerabilities have been discovered with certain non-default configurations, which are not mitigated by setting `log4j2.noFormatMsgLookup` to `true`. https://www.cve.org/CVERecord?id=CVE-2021-45046
You can learn how to exploit this vulnerability in a safe environment here:
You will need to create a login and then you can follow material presented. This is essentially a training site and they have provided this environment for free to allow anyone to learn more detail about this vulnerability in a more practice way.
- OpenShift 4 – OpenShift Logging [Elasticsearch]