Outbreak Alert: Apache Log4j2 Remote Code Execution Vulnerability
| FortiRecon provides outside-in coverage for risks towards customers.
External Attack Surface Management helps customers to identify exposure to known and unknown enterprise assets and associated vulnerabilities across the enterprise.
Vulnerability Intelligence Module under Adversary Centric Intelligence (ACI) provides realistic view of impact of the vulnerability based upon chatter and discussion of the same across various external sources such as Darkweb, social media, News / Blogs etc. | |
| CVE ID | CVE-2021-44228 |
| CVE Title | Apache Log4j2 Remote Code Execution Vulnerability |
| CVE Severity | Critical |
| ACI Reporting Coverage | 45 Reports (Darknet / OSINT/ TECHINT) |
| Additional References |
|
| EASM Scanner | Yes |
| CVE ID | CVE-2021-45046 |
| CVE Title | Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial-of-service attack |
| CVE Severity | Critical |
| ACI Reporting Coverage | 16 Reports (OSINT/ TECHINT) |
| Additional References |
|
| EASM Scanner | No |
| CVE ID | CVE-2021-45105 |
| CVE Title | Apache Log4j StrSubstitutor Uncontrolled Recursion Denial-of-Service Vulnerability |
| CVE Severity | Medium |
| ACI Reporting Coverage | 7 Reports (OSINT/ TECHINT) |
| Additional References |
|
| EASM Scanner | No |
| CVE ID | CVE-2021-44832 |
| CVE Title | Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration. |
| CVE Severity | Medium |
| ACI Reporting Coverage | 3 Reports (OSINT/ TECHINT) |
| Additional References |
|
| EASM Scanner | No |