AmirFedida (7)

Last Login: December 12, 2021
Assessments
2
Score
7

AmirFedida's Latest (2) Contributions

Sort by:
Filter by:
3
Ratings
  • Attacker Value
    Very High
  • Exploitability
    Very High
Technical Analysis

New zero-day, aka Log4Shell or LogJam, is an unauthenticated remote code execution issue enabling full system compromise. CVE-2021-44228 analysis shows that all systems running Log4j 2.0-beta9 through 2.14.1 are vulnerable. Moreover, since the security issue impacts the default configs for most of Apache frameworks, such as Apache Struts2, Apache Solr, Apache Druid, Apache Flink, a wide range of software and web apps used by both enterprises and individual users are exposed to the attacks.

2
Ratings
Technical Analysis

Apple is aware of a report that this issue may have been actively exploited.