InterviewReady

Link -  https://infosecwriteups.com/log4j-vulnerability-explanation-in-details-73f7556c5ff1   What is Log4j?  Log4j is an open-source logging framework that allows software developers to log various data within their application and it is part of the Apache Logging Services, a project of the Apache Software Foundation. Log4j is used by thousands of websites and applications, to perform some important functions such as logging information which can be used for debugging and other purposes. What is Log4j vulnerability? - Log4j vulnerability is a critical vulnerability, affects Apache Log4j 2 versions 2.0 to 2.14.1, as identified by Chen Zhaojun of the Alibaba Cloud Security Team. NIST published a critical CVE in the National Vulnerability Database on December 10th, 2021, naming this as CVE-2021–44228. Apache Software Foundation assigned the maximum CVSS severity rating of 10. The vulnerability allows unauthenticated remote code execution. Attackers can take advantage of it ...