Sign up to save your podcasts
Or
Share Assessment and Advice: ENISA Update on Log4j Vulnerability
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Assessment and Advice: ENISA Update on Log4j Vulnerability
On December 9th, information about a critical unauthenticated Remote Code Execution (RCE) vulnerability (CVE-2021-
44228) that is affecting the well-known Java logging package Log4j used by many popular applications and web services was tweeted along with a proof-of-concept (PoC) posted on GitHub. This vulnerability could allow the attacker full control of the affected server if a user-controlled string is logged. Since it is easy to be exploited, the impact of this vulnerability is quite severe. This ENISA overview and updated CERT-EU security advisory may be beneficial for cybersecurity, information governance, and legal discovery professionals in the eDiscovery ecosystem facing the challenge of this vulnerability.
The post Assessment and Advice: ENISA Update on Log4j Vulnerability appeared first on ComplexDiscovery.
View all episodes
By ComplexDiscovery Blog
5
11 ratings
On December 9th, information about a critical unauthenticated Remote Code Execution (RCE) vulnerability (CVE-2021-
44228) that is affecting the well-known Java logging package Log4j used by many popular applications and web services was tweeted along with a proof-of-concept (PoC) posted on GitHub. This vulnerability could allow the attacker full control of the affected server if a user-controlled string is logged. Since it is easy to be exploited, the impact of this vulnerability is quite severe. This ENISA overview and updated CERT-EU security advisory may be beneficial for cybersecurity, information governance, and legal discovery professionals in the eDiscovery ecosystem facing the challenge of this vulnerability.
The post Assessment and Advice: ENISA Update on Log4j Vulnerability appeared first on ComplexDiscovery.