CVE-2021-44228: Log4j

What is this vulnerability?

Earlier today i.e. Dec 10, 2021, NIST released the details about CVE-2021-44228, a remote code execution vulnerability in Apache Log4j. Please refer to the National Vulnerability Database site for most up to date information.

Impacted Oracle products and fixes

Oracle has just now released the security alert and patch advisory. At the time of writing this post, Oracle has determined 35 products that are impacted and is still working on making the fixes/ patches available. Please refer to the below links for more and up to date information:

Oracle Critical Patch Updates and Security Alerts

Oracle Security Alert Advisory – CVE-2021-44228

Patch Availability Document

Thanks Oracle! we are all counting on you. 🙂

2 thoughts on “CVE-2021-44228: Log4j”

Oracle is already patching their cloud pods. On-Prem should do as soon as possible.

LikeLiked by 1 person

ITNoesis says:

January 8, 2022 at 8:15 pm

That is absolutely right Ben !

LikeLike

Reply

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

CVE-2021-44228: Log4j

What is this vulnerability?

Impacted Oracle products and fixes

Published by

Arun Yadav

2 thoughts on “CVE-2021-44228: Log4j”

Leave a Reply Cancel reply

What is this vulnerability?

Impacted Oracle products and fixes

Please share the article using the icons below:

Like this:

Related

Published by

Arun Yadav

2 thoughts on “CVE-2021-44228: Log4j”

Leave a Reply Cancel reply