CVE-2021-44228 was published on 9th Dec 2021 which affects widely used Apache Log4j utility and poses remote code execution.
To mitigate this vulnerability, follow below steps: 1. Either Upgrade Log4j to version 2.15.0 2. Or update system property log4j2.formatMsgNoLookups to true 3. Or remove the JndiLookup class from the classpath
For more details visit the official Log4j security page: https://logging.apache.org/log4j/2.x/security.html
You must be logged in to reply to this topic.
