DEV Community

nabbisen
nabbisen

Posted on • Edited on • Originally published at scqr.net

1 1

A new RCE vulnerability on Log4j 2.17.0 (CVE-2021-4483)

Log4j 2.17.1 was released because a new vulnerability on RCE (Remote Code Execution) had been found in 2.17.0. (CVE-2021-4483)

According to The Apache Software Founndation, CVSS is 6.6 and the severity is moderate.

There is the risk when an attacker has the permission to modify the logging configuration file.


This post is based on the tweet by my company.

Top comments (0)

👋 Kindness is contagious

Explore a sea of insights with this enlightening post, highly esteemed within the nurturing DEV Community. Coders of all stripes are invited to participate and contribute to our shared knowledge.

Expressing gratitude with a simple "thank you" can make a big impact. Leave your thanks in the comments!

On DEV, exchanging ideas smooths our way and strengthens our community bonds. Found this useful? A quick note of thanks to the author can mean a lot.

Okay