CVE-2021-44228
Confirmed PUBLISHEDApache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
Recommended Action
Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
At a Glance
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
- CVE Published
- Dec 10, 2021
- Exploitation Reported
- Dec 10, 2021
- CVSS
- 10.0 Critical
- EPSS
- 100.0%
Affected Versions
| Vendor | Product | Version | Status |
|---|---|---|---|
| Apache Software Foundation |
Apache Log4j2
|
2.0-beta9 to < log4j-core* Changed to unaffected at 2.3.1 Changed to affected at 2.4 Changed to unaffected at 2.12.2 Changed to affected at 2.13.0 Changed to unaffected at 2.15.0 |
Affected |
CVE References
- 20211210 Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021 tools.cisco.com · Vendor Advisory https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory...
- DSA-5020 debian.org · Vendor Advisory https://www.debian.org/security/2021/dsa-5020
- FEDORA-2021-f0f501d01f lists.fedoraproject.org · Vendor Advisory https://lists.fedoraproject.org/archives/list/package-announce%40list...
- Microsoft’s Response to CVE-2021-44228 Apache Log4j 2 msrc-blog.microsoft.com · Vendor Advisory https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve...
- FEDORA-2021-66d6c484f3 lists.fedoraproject.org · Vendor Advisory https://lists.fedoraproject.org/archives/list/package-announce%40list...
Show 46 more references
- VU#930724 kb.cert.org · Third-Party Advisory https://www.kb.cert.org/vuls/id/930724
- [oss-security] 20211210 CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints openwall.com · Mailing List http://www.openwall.com/lists/oss-security/2021/12/10/1
- [oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints openwall.com · Mailing List http://www.openwall.com/lists/oss-security/2021/12/10/2
- [oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints openwall.com · Mailing List http://www.openwall.com/lists/oss-security/2021/12/10/3
- [debian-lts-announce] 20211212 [SECURITY] [DLA 2842-1] apache-log4j2 security update lists.debian.org · Mailing List https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html
- [oss-security] 20211213 Re: CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2 openwall.com · Mailing List http://www.openwall.com/lists/oss-security/2021/12/13/2
- [oss-security] 20211213 CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2 openwall.com · Mailing List http://www.openwall.com/lists/oss-security/2021/12/13/1
- [oss-security] 20211214 CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack openwall.com · Mailing List http://www.openwall.com/lists/oss-security/2021/12/14/4
- [oss-security] 20211215 Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack openwall.com · Mailing List http://www.openwall.com/lists/oss-security/2021/12/15/3
- 20220314 APPLE-SA-2022-03-14-7 Xcode 13.3 seclists.org · Mailing List http://seclists.org/fulldisclosure/2022/Mar/23
- 20220721 Open-Xchange Security Advisory 2022-07-21 seclists.org · Mailing List http://seclists.org/fulldisclosure/2022/Jul/11
- 20221208 Intel Data Center Manager <= 5.1 Local Privileges Escalation seclists.org · Mailing List http://seclists.org/fulldisclosure/2022/Dec/2
- logging.apache.org/log4j/2.x/security.html logging.apache.org · CVE Record https://logging.apache.org/log4j/2.x/security.html
- security.netapp.com/advisory/ntap-20211210-0007 security.netapp.com · CVE Record https://security.netapp.com/advisory/ntap-20211210-0007/
- packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Cod... packetstormsecurity.com · CVE Record http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remo...
- psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 psirt.global.sonicwall.com · CVE Record https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
- oracle.com/security-alerts/alert-cve-2021-44228.html oracle.com · CVE Record https://www.oracle.com/security-alerts/alert-cve-2021-44228.html
- twitter.com/kurtseifried/status/1469345530182455296 twitter.com · CVE Record https://twitter.com/kurtseifried/status/1469345530182455296
- cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf cert-portal.siemens.com · CVE Record https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf
- packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0... packetstormsecurity.com · CVE Record http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-...
- packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Cod... packetstormsecurity.com · CVE Record http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remo...
- packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Informatio... packetstormsecurity.com · CVE Record http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Info...
- intel.com/content/www/us/en/security-center/advisory/i... intel.com · CVE Record https://www.intel.com/content/www/us/en/security-center/advisory/inte...
- packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html packetstormsecurity.com · CVE Record http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html
- packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html packetstormsecurity.com · CVE Record http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes....
- packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Wor... packetstormsecurity.com · CVE Record http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Executi...
- packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html packetstormsecurity.com · CVE Record http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scan...
- packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Executio... packetstormsecurity.com · CVE Record http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Ex...
- cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf cert-portal.siemens.com · CVE Record https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf
- packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0... packetstormsecurity.com · CVE Record http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-...
- cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf cert-portal.siemens.com · CVE Record https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf
- cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf cert-portal.siemens.com · CVE Record https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf
- oracle.com/security-alerts/cpujan2022.html oracle.com · CVE Record https://www.oracle.com/security-alerts/cpujan2022.html
- packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection... packetstormsecurity.com · CVE Record http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Inj...
- GitHub — cisagov/log4j-affected-db github.com · CVE Record https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LI...
- packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthent... packetstormsecurity.com · CVE Record http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Una...
- packetstormsecurity.com/files/165673/UniFi-Network-Application-Unaut... packetstormsecurity.com · CVE Record http://packetstormsecurity.com/files/165673/UniFi-Network-Application...
- bentley.com/en/common-vulnerability-exposure/be-2022-0001 bentley.com · CVE Record https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001
- GitHub — cisagov/log4j-affected-db github.com · CVE Record https://github.com/cisagov/log4j-affected-db
- support.apple.com/kb/HT213189 support.apple.com · CVE Record https://support.apple.com/kb/HT213189
- oracle.com/security-alerts/cpuapr2022.html oracle.com · CVE Record https://www.oracle.com/security-alerts/cpuapr2022.html
- GitHub — nu11secur1ty/CVE-mitre github.com · CVE Record https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228
- nu11secur1ty.com/2021/12/cve-2021-44228.html nu11secur1ty.com · CVE Record https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html
- packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-C... packetstormsecurity.com · CVE Record http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7....
- packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Com... packetstormsecurity.com · CVE Record http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remo...
- packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Cod... packetstormsecurity.com · CVE Record http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remo...
Recommended Actions
- Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
- Check enrichment artifacts for scanner coverage and available PoCs before rolling remediation validation.
- Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.
Known Exploited Vulnerability Sources
Catalogues that list this CVE as a known exploited vulnerability.
Per-source evidence links for KEV attestations are available through the KEVIntel Pro API.
Learn about Pro API access| Source | Added |
|---|---|
| CISA First | 2021-12-10 00:00 UTC |
| The Shadowserver | 2026-06-01 00:00 UTC |
| Tenable Blog | 2026-06-02 14:21 UTC |
Scanner Artifacts
Nuclei and Metasploit references linked to this CVE.
| Scanner | Reference | Detected |
|---|---|---|
| Nuclei | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-44228.yaml | Apr 25, 2025 |
| Metasploit | https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/vmware_vcenter_log4shell.rb | Apr 29, 2025 |
Virtual Patch
Compensating WAF rules to help reduce exposure to this CVE. Rule content and deployable vendor exports are available with KEVIntel Enterprise.
KEVIntel does not currently have a virtual patch for this CVE. When available, KEVIntel virtual patches ship as deployable ModSecurity, Cloudflare, and AWS WAF rules.
Enterprise feature. Virtual patch rule content and deployable vendor exports (ModSecurity, Cloudflare, AWS WAF) are available to KEVIntel Enterprise users.
CVSS Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AV:N/AC:M/Au:N/C:C/I:C/A:C
Exploitation Status
Exploited in the wild
Recorded 2021-12-10 00:00:00 UTC · CISA
Used in malware
Recorded 2021-12-10 00:00:00 UTC · CISA
Proof of concept available
Recorded 2021-12-09 15:27:38 UTC · GitHub
Weaknesses (CWE)
-
Improper Input Validation
-
Uncontrolled Resource Consumption
-
Deserialization of Untrusted Data
Scanner Integrations
| Scanner | Reference | Detected |
|---|---|---|
| Metasploit | https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/vmware_vcenter_log4shell.rb | Apr 29, 2025 |
| Nuclei | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-44228.yaml | Apr 25, 2025 |
Recent Mentions
Tenable Blog · May 27, 2026
Tenable Research has developed a graph-based model linking 600+ threat groups to real-world customer exposures. It reveals which vulnerabilities sit at the intersection of severity, active exploitation, and organizational risk.Key takeawaysThe "patch everything" strategy is dead: Vulnerability prioritization based on exploitation risk offers a path forward. A directed graph model linking 600+ threat actors to vulnerabilities in 7,800 customer environments reveals that 68% of organizations carry at least one CVE previously exploited by a named adversary, and 321 tracked threat groups can reach at least one customer environment through an active vulnerability. Prevalence of "Elite Arsenal" CVEs requires immediate attention: The 242 "Elite Arsenal" CVEs — those meeting all three criteria of critical VPR (≥ 9), CISA KEV listing, and documented threat group exploitation — are nearly universally present across the studied customer base, with 241 of 242 actively detected. More than half are five or more years old, and 78% of the persistently exploited core are simultaneously weaponized by nation-state APTs, commodity malware operators, and ransomware gangs. Non-CVE exposures are universally dangerous: Non-CVE exposures, including misconfigurations, weak credentials, and end-of-life software, are present in virtually 100% of studied organizations, with 60% carrying at least one that maps to a tracked threat actor's preferred techniques. Preliminary modeling suggests these exposures may confer more breach risk than CVE-linked findings, yet no industry-standard scoring infrastructure exists to prioritize them.While the first two posts in this blog series documented the accelerating vulnerability flood and the widening remediation gap, today we answer the outstanding question: Where do these forces actually collide inside customer environments? Using a directed graph model that maps more than 600 tracked threat groups to vulnerabilities observed across 7,800 organizations,...
Potential Proof of Concepts
These PoCs are unverified and could contain malware. Use at your own risk.
github · Created 2024-07-26 19:59:47 UTC · 0 stars
CVE-2021-44228 vulnerability study
github · Created 2024-06-09 02:49:42 UTC · 2 stars
Objective: Demonstrate the exploitation of the Log4Shell vulnerability (CVE-2021-44228) within a simulated banking application environment.
github · Created 2023-11-13 16:57:22 UTC · 0 stars
Log4j Vulnerability RCE - CVE-2021-44228
github · Created 2023-10-06 04:36:31 UTC · 9 stars
Utilize Tai-e to identify the Log4shell (a.k.a. CVE-2021-44228) Vulnerability
github · Created 2022-03-14 04:09:36 UTC · 0 stars
github · Created 2022-02-12 11:19:41 UTC · 3 stars
Log4j vulner testing environment based on CVE-2021-44228. It provide guidance to build the sample infrastructure and the exploit scripts. Supporting cooki3 script as the main exploit tools & integration
github · Created 2022-01-18 19:22:38 UTC · 2 stars
POC for Infamous Log4j CVE-2021-44228
github · Created 2022-01-17 12:46:20 UTC · 0 stars
Static detection of vulnerable log4j librairies on Windows servers, members of an AD domain.
github · Created 2022-01-09 13:38:38 UTC · 5 stars
This Log4j RCE exploit originated from https://github.com/tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce
github · Created 2022-01-07 09:56:30 UTC · 2 stars
Log4jshell - CVE-2021-44228
github · Created 2022-01-05 11:27:16 UTC · 13 stars
Backdoor detection for VMware view
github · Created 2021-12-24 19:26:36 UTC · 6 stars
PoC for CVE-2021-44228.
github · Created 2021-12-23 01:59:03 UTC · 7 stars
open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability
github · Created 2021-12-22 03:34:40 UTC · 2 stars
Log4Shell Demo with AWS
github · Created 2021-12-20 15:39:20 UTC · 2 stars
Windows Batch Scrip to Fix the log4j-issue-CVE-2021-44228
github · Created 2021-12-17 18:45:19 UTC · 1 stars
github · Created 2021-12-17 05:14:05 UTC · 2 stars
Script - Workaround instructions to address CVE-2021-44228 in vCenter Server
github · Created 2021-12-16 21:19:17 UTC · 4 stars
Log4Shell Proof of Concept (CVE-2021-44228)
github · Created 2021-12-16 20:02:09 UTC · 0 stars
github · Created 2021-12-16 09:26:37 UTC · 4 stars
log4shell (CVE-2021-44228) scanning tool
github · Created 2021-12-16 08:46:55 UTC · 10 stars
This Log4j RCE exploit originated from https://github.com/tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce
github · Created 2021-12-15 18:51:07 UTC · 1 stars
github · Created 2021-12-15 10:55:35 UTC · 8 stars
Apache Log4j Zero Day Vulnerability aka Log4Shell aka CVE-2021-44228
github · Created 2021-12-15 07:51:28 UTC · 2 stars
A one-stop repo/ information hub for all log4j vulnerability-related information.
github · Created 2021-12-15 00:55:12 UTC · 3 stars
github · Created 2021-12-14 23:33:51 UTC · 346 stars
Scanners for Jar files that may be vulnerable to CVE-2021-44228
github · Created 2021-12-14 21:32:42 UTC · 16 stars
github · Created 2021-12-14 09:33:22 UTC · 0 stars
On Thursday (December 9th), a 0-day exploit in the popular Java logging library log4j (version 2) was discovered that results in Remote Code Execution (RCE) by logging a certain string. Given how ubiquitous this library is, the impact of the exploit (full server control), and how easy it is to exploit, the impact of this vulnerability is quite severe. We're calling it "Log4Shell" for short.
github · Created 2021-12-14 06:51:30 UTC · 3 stars
A Nuclei template for Apache Solr affected by Apache Log4J CVE-2021-44228
github · Created 2021-12-14 05:24:52 UTC · 18 stars
Log4j2 CVE-2021-44228 revshell, ofc it suck!!
github · Created 2021-12-13 21:39:39 UTC · 0 stars
Professional Service scripts to aid in the identification of affected Java applications in TeamServer
github · Created 2021-12-13 17:17:37 UTC · 2 stars
github · Created 2021-12-13 15:11:15 UTC · 0 stars
demo project to highlight how to execute the log4j (CVE-2021-44228) vulnerability
github · Created 2021-12-13 15:04:31 UTC · 6 stars
Apply class remove process from ear/war/jar/zip archive, see https://logging.apache.org/log4j/2.x/
github · Created 2021-12-13 13:30:57 UTC · 5 stars
Mass Check Vulnerable Log4j CVE-2021-44228
github · Created 2021-12-13 13:05:26 UTC · 13 stars
github · Created 2021-12-13 08:51:56 UTC · 2 stars
Simple tool for scanning entire directories for attempts of CVE-2021-44228
github · Created 2021-12-13 08:43:45 UTC · 4 stars
Log4Shell Docker Env
github · Created 2021-12-13 07:48:49 UTC · 1 stars
github · Created 2021-12-13 07:24:02 UTC · 2 stars
Log4J CVE-2021-44228 : Mitigation Cheat Sheet
github · Created 2021-12-13 03:55:32 UTC · 37 stars
OpenIOC rules to facilitate hunting for indicators of compromise
github · Created 2021-12-13 02:18:57 UTC · 20 stars
This is a proof-of-concept exploit for Log4j RCE Unauthenticated (CVE-2021-44228).
github · Created 2021-12-12 23:37:39 UTC · 8 stars
CVE-2021-44228 (Log4Shell) Proof of Concept
github · Created 2021-12-12 21:52:53 UTC · 3 stars
Log4J (CVE-2021-44228) Exploit with Remote Command Execution (RCE)
github · Created 2021-12-12 14:27:28 UTC · 0 stars
Known IoCs for log4j framework vulnerability
github · Created 2021-12-12 13:17:18 UTC · 15 stars
IP addresses exploiting recent log4j2 vulnerability CVE-2021-44228
github · Created 2021-12-12 11:26:42 UTC · 67 stars
Abuse Log4J CVE-2021-44228 to patch CVE-2021-44228 in vulnerable Minecraft game sessions to prevent exploitation in the session :)
github · Created 2021-12-12 03:11:14 UTC · 2 stars
Apache Log4j2 CVE-2021-44228 RCE Demo with RMI and LDAP
github · Created 2021-12-12 02:59:54 UTC · 45 stars
github · Created 2021-12-11 21:59:19 UTC · 7 stars
This enforces signatures for CVE-2021-44228 across all policies on a BIG-IP ASM device
github · Created 2021-12-11 14:54:45 UTC · 9 stars
Public IoCs about log4j CVE-2021-44228
github · Created 2021-12-11 12:16:45 UTC · 2 stars
github · Created 2021-12-11 11:38:16 UTC · 3 stars
github · Created 2021-12-11 11:18:46 UTC · 857 stars
Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228
github · Created 2021-12-11 09:52:36 UTC · 2 stars
github · Created 2021-12-11 07:55:45 UTC · 4 stars
github · Created 2021-12-10 22:35:00 UTC · 938 stars
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
github · Created 2021-12-10 22:19:16 UTC · 7 stars
CVE-2021-44228 DFIR Notes
github · Created 2021-12-10 21:20:05 UTC · 0 stars
log4shell sample application (CVE-2021-44228)
github · Created 2021-12-10 18:06:06 UTC · 154 stars
Hashes for vulnerable LOG4J versions
github · Created 2021-12-10 17:24:47 UTC · 35 stars
Vulnerability CVE-2021-44228 checker
github · Created 2021-12-10 12:35:30 UTC · 4 stars
A small server for verifing if a given java program is succeptibel to CVE-2021-44228
github · Created 2021-12-10 05:23:44 UTC · 464 stars
Remote Code Injection In Log4j
github · Created 2021-12-09 15:27:38 UTC · 82 stars
Apache Log4j 远程代码执行
nuclei · Created Unknown
Timeline
Key exploitation, disclosure, scanner coverage, and KEV attestation events for this CVE.
-
14:21 UTC about 2 months ago14:21 UTC · about 2 months ago
KEV confirmed by Tenable Blog
Exploitation attested by an external source
-
00:00 UTC about 2 months ago00:00 UTC · about 2 months ago
KEV confirmed by The Shadowserver
Exploitation attested by an external source
-
10:58 UTC about 1 year ago10:58 UTC · about 1 year ago
Metasploit module available
Exploit module available
-
00:00 UTC about 1 year ago00:00 UTC · about 1 year ago
Nuclei template available
Scanner coverage available
-
00:00 UTC over 4 years ago00:00 UTC · over 4 years ago
Added to CISA KEV
Listed in the CISA Known Exploited Vulnerabilities catalog
-
00:00 UTC over 4 years ago00:00 UTC · over 4 years ago
First public exploitation report
Exploit observed in malware
-
00:00 UTC over 4 years ago00:00 UTC · over 4 years ago
CVE published
Vulnerability disclosed publicly
-
15:27 UTC over 4 years ago15:27 UTC · over 4 years ago
Public PoC available
Public proof-of-concept code published
-
00:00 UTC over 4 years ago00:00 UTC · over 4 years ago
CVE ID reserved
Identifier reserved by the CNA
Automate This Intelligence with the Pro API
Confidence scoring, exploit status, sensor telemetry, PoCs, scanner integrations, mentions, and tags are available programmatically for VM, SOC, and CTI workflows.
Pro API Example
GET /api/v2/pro/kevs/CVE-2021-44228
{
"cve_id": "CVE-2021-44228",
"title": "Apache Log4j2 JNDI features do not protect against attacker controlled LDAP a...",
"affected_vendor": "Apache Software Foundation",
"affected_product": "Apache Log4j2",
"affected_versions": [
{ "vendor": "...", "product": "...", "status": "affected", "display_label": "..." }
],
"confidence": "Confirmed",
"cvss_score": 10.0,
"epss_score": 0.99999,
"exploit_status": {
"exploited_in_the_wild": true,
"active_exploitation_observed": false
},
"sensor_telemetry": { "...": "Pro API fields" },
"proof_of_concepts": [ "..." ],
"scanner_integrations": [ "..." ]
}