CMOD.wiki

Difference between revisions of "Apache Log4j & CMOD ODWEK ICN"

Apache Log4j & CMOD ODWEK ICN (view source)

Revision as of 21:24, 11 December 2021

219 bytes added ,  21:24, 11 December 2021
m
Added link to X-Force threat assessment.
(Updates to reflect exploitability of log4j v1.x, and added links to LinkedIn and ODUG)
m (Added link to X-Force threat assessment.)
Line 11: Line 11:
Here are some announcements from trusted sources of information on software vulnerabilities:
Here are some announcements from trusted sources of information on software vulnerabilities:


https://logging.apache.org/log4j/2.x/security.html
[https://exchange.xforce.ibmcloud.com/collection/Apache-Log4j-Zero-Day-Vulnerability-4daa3df4f73a51590efced7fb90bc949 IBM's X-Force assessment of log4j bug]


https://cve.circl.lu/cve/CVE-2021-44228
[https://logging.apache.org/log4j/2.x/security.html Announcement of the issue on the developer website]


https://nvd.nist.gov/vuln/detail/CVE-2021-44228
[https://nvd.nist.gov/vuln/detail/CVE-2021-44228 National Institute of Standards and Technology]


[https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126 Discussion of log4j v1.x susceptibility to this exploit on GitHub]
[https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126 Discussion of log4j v1.x susceptibility to this exploit on GitHub]
Retrieved from "https://CMOD.wiki/index.php?title=Special:MobileDiff/1032"