Time to go beyond Log4Shell and see the entire attack path

log4j

Today’s organizations are overwhelmed since the world first learned about the Log4Shell vulnerability (aka Log4J CVE-2021-44228, CVE-2021-45046). If prioritizing your vulnerabilities was a daunting task before, it is now more urgent than ever. Typically, most organizations are not prepared for such a severe risk as very few have mapped any of their machines that are […]

XM Cyber Advisory – Log4Shell, CVE-2021-44228

Log4Shell

Overview Last Thursday, December 9, the Log4Shell vulnerability, CVE-2021-44228 (CVSS score 10), was discovered. This remote code execution (RCE) vulnerability was being exploited in the wild. Log4j is a logging library, and the vulnerability affects all products and applications that use log4j. That’s a lot of products. XM Cyber Log4Shell technique The XM Cyber Research […]