CVE-2021-44832

GPTKB entity

Statements (17)
Predicate Object
gptkbp:instanceOf gptkb:security
gptkbp:affects Apache Log4j 2
gptkbp:assignee gptkb:MITRE
gptkbp:attack_vector local
gptkbp:category improper configuration handling
gptkbp:describes A vulnerability in Apache Log4j 2 allows an attacker with permission to modify the logging configuration file to execute arbitrary code.
gptkbp:discovered_in_version Log4j 2.0-beta7 to 2.17.0
gptkbp:exploitability requires configuration modification
gptkbp:fixed_in_version Log4j 2.17.1
gptkbp:hasCVSSScore 6.6
https://www.w3.org/2000/01/rdf-schema#label CVE-2021-44832
gptkbp:publicationDate 2021-12-28
gptkbp:relatedTo gptkb:Log4Shell
gptkbp:vulnerableTo gptkb:CVE-2021-44832
remote code execution
gptkbp:bfsParent gptkb:Apache_Log4j
gptkbp:bfsLayer 8