Log4j 2 Vulnerability: Identifying and Minimizing Production Risk
Dynatrace
DECEMBER 12, 2021
Dynatrace news. Log4Shell, a zero-day exploit affecting the popular Apache package was made public on December 9, 2021. The National Vulnerability Database describes the exploit here. It results in remote code execution (RCE) by submitting a specially composed request. This means that an attacker with control over a string that gets passed to the log4j 2 logger can trick the application into requesting a resource from a server under the attacker’s control, then load it, and then execute it.
Let's personalize your content