DEV Community ๐Ÿ‘ฉโ€๐Ÿ’ป๐Ÿ‘จโ€๐Ÿ’ป

nabbisen
nabbisen

Posted on • Updated on • Originally published at scqr.net

A new RCE vulnerability on Log4j 2.17.0 (CVE-2021-4483)

Log4j 2.17.1 was released because a new vulnerability on RCE (Remote Code Execution) had been found in 2.17.0. (CVE-2021-4483)

According to The Apache Software Founndation, CVSS is 6.6 and the severity is moderate.

There is the risk when an attacker has the permission to modify the logging configuration file.


This post is based on the tweet by my company.

Top comments (0)

Create an Account! The only reason people scroll to the bottom... ย 
is because they want to read more.

Create an account to bookmark, comment, and react to articles that interest you.