LOG4J VULNERABILITY ASSESSMENT AND MITIGATION What is Log4j? Log4j, Zero-day exploit the popular Javalogginglibrarylog4j2 was discovered that results in Remote Code Execution (RCE) by logging a certain string.Log4j2 is an open-source, Java-based logging framework commonly incorporated into Apache webservers and Spring-Boot web applications. The vulnerability has been reported with CVE-2021-44228 against the log4j-corejar.CVE-2021-44228 is considered an acritical flaw, and it has a base CVSS score of 10, the highest possible severity rating. Who is Impacted !! Too many services are vulnerable to this exploit as log4j is a wild rang used Java-based logging utility. Cloud services like Steam, Apple iCloud, and applications like Minecraft have already been found to be vulnerable. Anybody using Apache frameworks services or any Spring- Boot Java-based framework applications that uses log4j2 is likely to be vulnerable. HOW THE EXPLOIT WORKS !! The exploit works when there is a servic
This is about new technology gadget and latest news.