{"cve":{"cve_id":"CVE-2021-44228","is_kev":true,"kev_date_added":"2021-12-10","kev_vendor_project":"Apache","kev_product":"Log4j2","kev_vulnerability_name":"Apache Log4j2 Remote Code Execution Vulnerability","kev_short_description":"Apache Log4j2 contains a vulnerability where JNDI features do not protect against attacker-controlled JNDI-related endpoints, allowing for remote code execution.","kev_required_action":"For all affected software assets for which updates exist, the only acceptable remediation actions are: 1) Apply updates; OR 2) remove affected assets from agency networks. Temporary mitigations using one of the measures provided at https://www.cisa.gov/uscert/ed-22-02-apache-log4j-recommended-mitigation-measures are only acceptable until updates are available.","kev_due_date":"2021-12-24","kev_known_ransomware":true,"kev_notes":"https://nvd.nist.gov/vuln/detail/CVE-2021-44228","kev_cwes":["CWE-20","CWE-400","CWE-502"],"epss_score":0.99999,"epss_percentile":1.0,"epss_as_of":"2026-06-23","description":"Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.","published_at":"2021-12-10T00:00:00Z","last_modified_at":null,"cvss_v3_score":10.0,"cvss_v3_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","cvss_v3_severity":"CRITICAL","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":"active","ssvc_automatable":true,"ssvc_technical_impact":"total","cwes":["CWE-502","CWE-400","CWE-20"],"nvd_references":["https://logging.apache.org/log4j/2.x/security.html","http://www.openwall.com/lists/oss-security/2021/12/10/1","http://www.openwall.com/lists/oss-security/2021/12/10/2","https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd","http://www.openwall.com/lists/oss-security/2021/12/10/3","https://security.netapp.com/advisory/ntap-20211210-0007/","http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html","https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032","https://www.oracle.com/security-alerts/alert-cve-2021-44228.html","https://www.debian.org/security/2021/dsa-5020","https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/","https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/","http://www.openwall.com/lists/oss-security/2021/12/13/2","http://www.openwall.com/lists/oss-security/2021/12/13/1","http://www.openwall.com/lists/oss-security/2021/12/14/4","https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd","https://www.kb.cert.org/vuls/id/930724","https://twitter.com/kurtseifried/status/1469345530182455296","https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf","http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html","http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html","http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html","https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html","https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd","http://www.openwall.com/lists/oss-security/2021/12/15/3","http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html","http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html","http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html","http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html","http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html","https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/","http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html","https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf","https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf","https://www.oracle.com/security-alerts/cpujan2022.html","http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html","https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md","http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html","http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html","http://seclists.org/fulldisclosure/2022/Mar/23","https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001","https://github.com/cisagov/log4j-affected-db","https://support.apple.com/kb/HT213189","https://www.oracle.com/security-alerts/cpuapr2022.html","https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228","https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html","http://seclists.org/fulldisclosure/2022/Jul/11","http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html","http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html","http://seclists.org/fulldisclosure/2022/Dec/2","http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html"],"vuln_status":null,"trending_score":0.6099982,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:31.350578Z","updated_at":"2026-06-29T02:30:27.550645Z"},"effective_severity":"CRITICAL","badges":["kev","ransomware","poc","epss"],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"C","value_label":"Changed"},{"metric":"C","name":"Confidentiality","value":"H","value_label":"High"},{"metric":"I","name":"Integrity","value":"H","value_label":"High"},{"metric":"A","name":"Availability","value":"H","value_label":"High"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"apache-software-foundation","vendor_name":"Apache Software Foundation","product_slug":"apache-log4j2","product_name":"Apache Log4j2","version_start":"2.0-beta9","version_start_inclusive":true,"version_end":"log4j-core*","version_end_inclusive":false,"cpe23_uri":"cve5:apache-software-foundation:apache-log4j2:2.0-beta9:log4j-core*"}],"exploit_refs":[{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml","title":"VMware vRealize Operations Tenant - JNDI Remote Code Execution (Apache Log4j)","author":"bughuntersurya","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/vmware/vmware-vcenter-log4j-rce.yaml","title":"VMware VCenter - Remote Code Execution (Apache Log4j)","author":"_0xf4n9x_","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/vmware/vmware-operation-manager-log4j-rce.yaml","title":"VMware Operations Manager - Remote Code Execution (Apache Log4j)","author":"DhiyaneshDK","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/vmware/vmware-nsx-log4j-rce.yaml","title":"VMware NSX - Remote Code Execution (Apache Log4j)","author":"DhiyaneshDK","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/vmware/vmware-horizon-log4j-rce.yaml","title":"VMware Horizon - JNDI Remote Code Execution (Apache Log4j)","author":"johnk3r","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/vmware/vmware-hcx-log4j-rce.yaml","title":"VMware HCX - Remote Code Execution (Apache Log4j)","author":"pussycat0x,DhiyaneshDK","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/springboot/springboot-log4j-rce.yaml","title":"Spring Boot - Remote Code Execution (Apache Log4j)","author":"pdteam","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/xenmobile-server-log4j-rce.yaml","title":"Citrix XenMobile Server - Remote Code Execution (Apache Log4j)","author":"DhiyaneshDK","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/vmware-siterecovery-log4j-rce.yaml","title":"VMware Site Recovery Manager - Remote Code Execution (Apache Log4j)","author":"akincibor","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/unifi-network-log4j-rce.yaml","title":"UniFi Network Application - Remote Code Execution (Apache Log4j)","author":"KrE80r","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/symantec-sepm-log4j-rce.yaml","title":"Symantec SEPM - Remote Code Execution (Apache Log4j)","author":"shaikhyaser","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/splunk-enterprise-log4j-rce.yaml","title":"Splunk Enterprise - Remote Code Execution (Apache Log4j)","author":"shaikhyaser","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/sonicwall-nsm-log4j-rce.yaml","title":"Sonicwall NSM - Remote Code Execution (Apache Log4j)","author":"shaikhyaser","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/seeyon-oa-log4j-rce.yaml","title":"Seeyon OA (Log4j) - Remote Code Execution","author":"SleepingBag945","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/rundeck-log4j-rce.yaml","title":"Rundeck - Remote Code Execution (Apache Log4j)","author":"DhiyaneshDK","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/pega-log4j-rce.yaml","title":"Pega - Remote Code Execution (Apache Log4j)","author":"shaikhyaser","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/papercut-log4j-rce.yaml","title":"Papercut - Remote Code Execution (Apache Log4j)","author":"shaikhyaser","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/openshift-log4j-rce.yaml","title":"OpenShift - Remote Code Execution (Apache Log4j)","author":"shaikhyaser","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/opennms-log4j-rce.yaml","title":"OpenNMS - JNDI Remote Code Execution (Apache Log4j)","author":"johnk3r","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/okta-log4j-rce.yaml","title":"Okta - Remote Code Execution (Apache Log4j)","author":"shaikhyaser","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/metabase-log4j-rce.yaml","title":"Metabase - Remote Code Execution (Apache Log4j)","author":"DhiyaneshDK","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/manage-engine-dc-log4j-rce.yaml","title":"Manage Engine Desktop Central - Remote Code Execution (Apache Log4j)","author":"shaikhyaser","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/logstash-log4j-rce.yaml","title":"Logstash - Remote Code Execution (Apache Log4j)","author":"shaikhyaser","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/jitsi-meet-log4j-rce.yaml","title":"Jitsi Meet - Remote Code Execution (Apache Log4j)","author":"shaikhyaser","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/graylog-log4j-rce.yaml","title":"Graylog (Log4j) - Remote Code Execution","author":"DhiyaneshDK","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/goanywhere-mft-log4j-rce.yaml","title":"GoAnywhere Managed File Transfer - Remote Code Execution (Apache Log4j)","author":"pussycat0x","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/fortiportal-log4j-rce.yaml","title":"FortiPortal - Remote Code Execution (Apache Log4j)","author":"shaikhyaser","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/f-secure-policymanager-log4j-rce.yaml","title":"F-Secure Policy Manager - Remote Code Execution (Apache Log4j)","author":"shaikhyaser","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/elasticsearch5-log4j-rce.yaml","title":"Elasticsearch 5 - Remote Code Execution (Apache Log4j)","author":"akincibor","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/citrix-xenapp-log4j-rce.yaml","title":"Citrix XenApp - Remote Code Execution (Apache Log4j)","author":"shaikhyaser","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/mobileiron/mobileiron-log4j-rce.yaml","title":"Ivanti MobileIron (Log4j) - Remote Code Execution","author":"meme-lord","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/jamf/jamf-log4j-rce.yaml","title":"JamF (Log4j) - Remote Code Execution","author":"pdteam","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/code42/code42-log4j-rce.yaml","title":"Apache Code42 - Remote Code Execution (Apache Log4j)","author":"Adam Crosser","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/cisco/cisco-webex-log4j-rce.yaml","title":"Cisco WebEx - Remote Code Execution (Apache Log4j)","author":"shaikhyaser","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/cisco/cisco-vmanage-log4j-rce.yaml","title":"Cisco vManage (Log4j) - Remote Code Execution","author":"DhiyaneshDK","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/cisco/cisco-unified-communications-log4j-rce.yaml","title":"Cisco Unified Communications - Remote Code Execution (Apache Log4j)","author":"DhiyaneshDK","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/cisco/cisco-cloudcenter-suite-log4j-rce.yaml","title":"Cisco CloudCenter Suite (Log4j) - Remote Code Execution","author":"pwnhxl","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/cisco/cisco-broadworks-log4j-rce.yaml","title":"Cisco BroadWorks - Remote Code Execution (Apache Log4j)","author":"shaikhyaser","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/apache/log4j/jamf-pro-log4j-rce.yaml","title":"JamF Pro - Remote Code Execution (Apache Log4j)","author":"DhiyaneshDK,pdteam","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/apache/apache-solr-log4j-rce.yaml","title":"Apache Solr 7+ - Remote Code Execution (Apache Log4j)","author":"Evan Rubinstein,nvn1729,j4vaovo","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/apache/apache-ofbiz-log4j-rce.yaml","title":"Apache OFBiz - JNDI Remote Code Execution (Apache Log4j)","author":"pdteam","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/apache/apache-druid-log4j-rce.yaml","title":"Apache Druid - Remote Code Execution (Apache Log4j)","author":"SleepingBag945","disclosed_at":null},{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-44228.yaml","title":"Apache Log4j2 Remote Code Injection","author":"melbadry9,dhiyaneshDK,daffainfo,anon-artist,0xceba,Tea,j4vaovo","disclosed_at":null}],"news":[],"references":[{"url":"https://logging.apache.org/log4j/2.x/security.html","source_type":"MISC","tags":[]},{"url":"http://www.openwall.com/lists/oss-security/2021/12/10/1","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://www.openwall.com/lists/oss-security/2021/12/10/2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2021/12/10/3","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"https://security.netapp.com/advisory/ntap-20211210-0007/","source_type":"MISC","tags":[]},{"url":"http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"https://www.oracle.com/security-alerts/alert-cve-2021-44228.html","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"https://www.debian.org/security/2021/dsa-5020","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/","source_type":"MISC","tags":[]},{"url":"http://www.openwall.com/lists/oss-security/2021/12/13/2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://www.openwall.com/lists/oss-security/2021/12/13/1","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://www.openwall.com/lists/oss-security/2021/12/14/4","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"https://www.kb.cert.org/vuls/id/930724","source_type":"MISC","tags":[]},{"url":"https://twitter.com/kurtseifried/status/1469345530182455296","source_type":"MISC","tags":[]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf","source_type":"MISC","tags":[]},{"url":"http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html","source_type":"MISC","tags":[]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2021/12/15/3","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf","source_type":"MISC","tags":[]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf","source_type":"MISC","tags":[]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf","source_type":"MISC","tags":[]},{"url":"https://www.oracle.com/security-alerts/cpujan2022.html","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md","source_type":"MISC","tags":[]},{"url":"http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://seclists.org/fulldisclosure/2022/Mar/23","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001","source_type":"MISC","tags":[]},{"url":"https://github.com/cisagov/log4j-affected-db","source_type":"MISC","tags":[]},{"url":"https://support.apple.com/kb/HT213189","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"https://www.oracle.com/security-alerts/cpuapr2022.html","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228","source_type":"MISC","tags":[]},{"url":"https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html","source_type":"MISC","tags":[]},{"url":"http://seclists.org/fulldisclosure/2022/Jul/11","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://seclists.org/fulldisclosure/2022/Dec/2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html","source_type":"EXPLOIT","tags":["exploit"]}],"timeline":[{"type":"published","at":"2021-12-10T00:00:00Z","label":"CVE published","source":null},{"type":"cisa_reported","at":"2021-12-10T00:00:00Z","label":"Added to CISA KEV catalog","source":"kev"},{"type":"poc_available","at":"2026-06-24T00:29:48.638073Z","label":"Public PoC available","source":"nuclei"},{"type":"ssvc_changed","at":"2026-06-24T00:31:47.654584Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-24T00:31:47.654584Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-24T00:31:47.654584Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"cvss_changed","at":"2026-06-24T00:31:47.654584Z","label":"CVSS score revised","source":"vulnrichment"},{"type":"cvss_changed","at":"2026-06-24T00:31:47.654584Z","label":"CVSS score revised","source":"vulnrichment"},{"type":"cvss_changed","at":"2026-06-24T00:31:47.654584Z","label":"CVSS score revised","source":"vulnrichment"}]}