Statements (17)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:security
|
| gptkbp:affects |
Apache Log4j 2
|
| gptkbp:assignee |
gptkb:MITRE
|
| gptkbp:attack_vector |
local
|
| gptkbp:category |
improper configuration handling
|
| gptkbp:describes |
A vulnerability in Apache Log4j 2 allows an attacker with permission to modify the logging configuration file to execute arbitrary code.
|
| gptkbp:discovered_in_version |
Log4j 2.0-beta7 to 2.17.0
|
| gptkbp:exploitability |
requires configuration modification
|
| gptkbp:fixed_in_version |
Log4j 2.17.1
|
| gptkbp:hasCVSSScore |
6.6
|
| https://www.w3.org/2000/01/rdf-schema#label |
CVE-2021-44832
|
| gptkbp:publicationDate |
2021-12-28
|
| gptkbp:relatedTo |
gptkb:Log4Shell
|
| gptkbp:vulnerableTo |
gptkb:CVE-2021-44832
remote code execution |
| gptkbp:bfsParent |
gptkb:Apache_Log4j
|
| gptkbp:bfsLayer |
8
|