{"vulnerability": "CVE-2021-45105", "sightings": [{"uuid": "4c803a82-4479-437f-a8bb-4f20094d171a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/bbcbc485-b88d-4831-b8e9-6e37e7bd9875", "content": "", "creation_timestamp": "2026-01-21T21:18:16.771453Z"}, {"uuid": "d05ebcb5-7bce-4182-9156-e7b8a56ffe13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "seen", "source": "https://t.me/GithubRedTeam/1245", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aDiscover Log4Shell vulnerability [CVE-2021-45105]\nURL\uff1ahttps://github.com/name/log4j", "creation_timestamp": "2021-12-29T08:25:13.000000Z"}, {"uuid": "889ce0f0-17d7-4349-93b7-88f76f6968c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "seen", "source": "https://t.me/freelearningtech/609", "content": "Log4j vulnerability CVSS details\nCVE-2021-44228\u00a0(CVSS score: 10.0) - A remote code execution vulnerability affecting Log4j versions from 2.0-beta9 to 2.14.1 (Fixed in version 2.15.0)\n\nCVE-2021-45046\u00a0(CVSS score: 9.0) - An information leak and remote code execution vulnerability affecting Log4j versions from 2.0-beta9 to 2.15.0, excluding 2.12.2 (Fixed in version 2.16.0)\n\nCVE-2021-45105\u00a0(CVSS score: 7.5) - A denial-of-service vulnerability affecting Log4j versions from 2.0-beta9 to 2.16.0 (Fixed in version 2.17.0)\n\nCVE-2021-4104\u00a0(CVSS score: 8.1) - An untrusted deserialization flaw affecting Log4j version 1.2 (No fix available; Upgrade to version 2.17.0)\n\n\n\u2764\ufe0f\u2764\ufe0f Enjoy and Share \u2764\ufe0f\u2764\ufe0f\n\nSupport Us \u2764\ufe0f\nChannel : @freelearningtech\nGroup : @freelearningtech21\nWebsite : https://freelearningtech.in/", "creation_timestamp": "2021-12-20T06:50:30.000000Z"}, {"uuid": "9cbf1b79-8716-462f-8d35-1cbb29c82ee6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "exploited", "source": "Telegram/QbzltGTL5MLooH2kEl1qS06h23oJX4UpKYkbnKcssYleTA", "content": "", "creation_timestamp": "2022-01-03T05:49:38.000000Z"}, {"uuid": "b587ba05-65ac-4b06-b16a-09fe069d5487", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "seen", "source": "https://t.me/true_secator/2459", "content": "\u200b\u200b\u0415\u0449\u0435 \u0440\u0430\u0437 Merry Christmas!\n \nLog4shell \u0432\u0441\u0435 \u043d\u0438\u043a\u0430\u043a \u043d\u0435 \u043e\u0442\u0441\u0442\u0443\u043f\u0438\u0442. \u041a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0431\u044b \u0441 \u0442\u0435\u0445 \u043f\u043e\u0440, \u043a\u0430\u043a \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043d\u0430\u0447\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u0438\u043d\u043d\u0430\u044f \u044d\u043f\u043e\u043f\u0435\u044f \u0441 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 0-day \u0432 log4j, \u0434\u043b\u044f \u043c\u043d\u043e\u0433\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u044f 2.16 \u043d\u0430 \u043a\u0430\u043a\u043e\u0435-\u0442\u043e \u043c\u0433\u043d\u043e\u0432\u0435\u043d\u0438\u0435 \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u0438\u0437 \u0441\u043b\u043e\u0436\u043d\u043e\u0439 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0438. \u041d\u043e, \u043a\u0430\u043a \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u043e\u0441\u044c, \u043e\u043d\u0430 \u0432\u043a\u043b\u044e\u0447\u0430\u043b\u0430 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0431\u0430\u0433\u0438 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0438 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u043d\u043e\u0432\u044b\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u0432\u0435\u0440\u0441\u0438\u0438 2.17.0.\n \n\u0414\u0435\u043b\u043e \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043f\u0440\u0435\u0434\u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u041f\u041e \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u043a\u0430\u0437\u0430 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (DoS), \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0431\u044b\u043b \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d CVE-2021-45105. \u041e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0441\u0440\u0430\u0437\u0443 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a 2.15.0 \u0431\u044b\u043b \u043f\u0440\u0438\u0437\u043d\u0430\u043d \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u043a \u043d\u0435\u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 DoS (CVE-2021-45046). \u041f\u043e\u0437\u0436\u0435 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0431\u044b\u043b \u043f\u043e\u0432\u044b\u0448\u0435\u043d Apache \u0441 \u043d\u0438\u0437\u043a\u043e\u0433\u043e (3,7) \u0434\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e (9,0) \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u043d\u043e\u0432\u044b\u0435 \u043e\u0431\u0445\u043e\u0434\u044b \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0438 \u043a\u0440\u0430\u0441\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n \n\u041f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u043e\u0431\u0441\u0443\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u0442\u0440\u0435\u0445 \u0434\u043d\u0435\u0439 Apache \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u043b \u043d\u043e\u0432\u0443\u044e CVE \u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043d\u043e\u0432\u0443\u044e \u043f\u0440\u043e\u043f\u0435\u0447\u0435\u043d\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e log4j 2.17.0.\n \nCVE-2021-45105 \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0438\u0439 \u00ab\u0432\u044b\u0441\u043e\u043a\u0438\u0439\u00bb (7,5) \u0431\u0430\u043b\u043b \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS, \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 log4j 2.16 \u043d\u0435 \u0432\u0441\u0435\u0433\u0434\u0430 \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u0442 \u043e\u0442 \u043d\u0435\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u043e\u0439 \u0440\u0435\u043a\u0443\u0440\u0441\u0438\u0438 \u043f\u0440\u0438 \u0441\u0430\u043c\u043e\u0440\u0435\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c \u043f\u043e\u0438\u0441\u043a\u0435 JNDI, \u043a\u043e\u0442\u043e\u0440\u044b\u0439, \u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0431\u044b, \u0431\u044b\u043b \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 2.16, \u043d\u043e \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0441\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u043c \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043e\u0431\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430\u0445 \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u043b \u043a \u043e\u0448\u0438\u0431\u043a\u0435 StackOverflowError. \u0412\u0435\u0440\u0441\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u043d\u0430  \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0435\u043c Java-\u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 - Maven Central. \u0412\u044b\u043f\u0443\u0441\u043a 2.12.3 \u0442\u0430\u043a\u0436\u0435 \u043d\u0430 \u043f\u043e\u0434\u0445\u043e\u0434\u0435 \u0434\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u0432\u0435\u0442\u043a\u0438 2.12.x.\n \n\u0410\u0431\u0441\u0442\u0440\u0430\u0433\u0438\u0440\u0443\u044f\u0441\u044c \u043e\u0442 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Google, \u0431\u043e\u043b\u0435\u0435 35 000 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 Java \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 log4j, \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0445 \u0431\u043e\u043b\u0435\u0435 8% \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f Maven Central. \u0411\u043e\u043b\u044c\u0448\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u0438\u0437 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u0437\u0430\u0438\u043c\u0441\u0442\u0432\u0443\u044e\u0442 \u0431\u0430\u0433\u0438 log4j \u00ab\u043a\u043e\u0441\u0432\u0435\u043d\u043d\u043e\u00bb \u043f\u043e \u043f\u0440\u0438\u043d\u0446\u0438\u043f\u0443 \u0442\u0440\u0430\u043d\u0437\u0438\u0442\u0438\u0432\u043d\u043e\u0439 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0438\u0437 35 863 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 Google \u043f\u0430\u043a\u0435\u0442\u043e\u0432, \u043e\u043a\u043e\u043b\u043e 7000 \u0437\u0430\u0438\u043c\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438 log4j \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Google \u043f\u0440\u043e\u0433\u043d\u043e\u0437\u0438\u0440\u0443\u044e\u0442, \u0447\u0442\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 log4j \u0437\u0430\u0442\u044f\u043d\u0435\u0442\u0441\u044f \u043d\u0430 \u0433\u043e\u0434\u044b.\n \n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, \u0432 \u043d\u044b\u043d\u0435\u0448\u043d\u0438\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 log4j \u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0442\u044c \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u0442\u044c Apache \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439.", "creation_timestamp": "2021-12-20T13:48:25.000000Z"}, {"uuid": "ea518932-9c0f-462d-b916-cf1f7856287c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "seen", "source": "https://t.me/NeKaspersky/1587", "content": "\u041a\u0442\u043e \u0442\u0443\u0442 \u0441\u0430\u043c\u044b\u0439 \u0441\u0438\u043b\u044c\u043d\u044b\u0439 \u0438 \u043a\u0440\u0443\u0442\u043e\u0439? \u0421\u0430\u043c\u0430\u044f \u0441\u0438\u043b\u044c\u043d\u0430\u044f \u0438 \u043a\u0440\u0443\u0442\u0430\u044f \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c log4j. \n\n\u0412 \u043f\u0440\u043e\u0448\u043b\u044b\u0439 \u0440\u0430\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Log4Shell, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043e\u0446\u0435\u043d\u043a\u0443 \u0432 10/10 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSSv3, \u043d\u0430\u0432\u0435\u043b\u0430 \u043c\u043d\u043e\u0433\u043e \u0448\u0443\u043c\u0430. \u041a\u0430\u0437\u0430\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 2.15 \u0440\u0435\u0448\u0438\u043b\u043e \u0432\u0441\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u043d\u043e \u0442\u0443\u0442 \u043f\u043e\u044f\u0432\u0438\u043b\u0430\u0441\u044c \u043e\u043d\u0430 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2021-45046), \u043f\u0440\u043e\u044f\u0432\u043b\u044f\u044e\u0449\u0430\u044f\u0441\u044f \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0432\u0441\u0435 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u0435\u0440\u0441\u0438\u0438 2.15 \u0438 \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e \u043e\u0442 \u0442\u043e\u0433\u043e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u043b\u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u00ablog4j2.noFormatMsgLookup\u00bb \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b. \n\n\u0411\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (Log4Shell, CVE-2021-44228) \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0433 \u0441\u043f\u043e\u043a\u043e\u0439\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0441\u0432\u043e\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435, \u0430 \u0442\u0435\u043f\u0435\u0440\u044c \u0432\u0441\u0435 \u0435\u0433\u043e \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435\u043c \u0443\u0441\u043b\u043e\u0432\u0438\u0439 \u0434\u043b\u044f \u0430\u0432\u0430\u0440\u0438\u0439\u043d\u043e\u0433\u043e \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0438\u0437-\u0437\u0430 \u0438\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432. \n\nCVE-2021-45046  \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u043e\u0431\u0445\u043e\u0434 \u0437\u0430\u0449\u0438\u0442\u044b \u0437\u0430 \u0441\u0447\u0435\u0442 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0443\u0441\u043b\u043e\u0432\u0438\u0439 \u0434\u043b\u044f \u0432\u044b\u0432\u043e\u0434\u0430 \u0432 \u043b\u043e\u0433 \u0434\u0430\u043d\u043d\u044b\u0445. \u0422\u0435, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0434\u043e\u043b\u0436\u043d\u044b \u0431\u044b\u043b\u0438 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442\u044c \u043f\u043e\u0434\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 JNDI, \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0438 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0438\u043b\u0438 MDC-\u0448\u0430\u0431\u043b\u043e\u043d\u043e\u0432, \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u044f\u044e\u0449\u0438\u0445 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0444\u043e\u0440\u043c\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u044b\u0432\u043e\u0434\u0430 \u0432 \u043b\u043e\u0433.\n\n\u0418 \u0432\u0441\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432\u0440\u043e\u0434\u0435 \u043a\u0430\u043a \u0440\u0435\u0448\u0438\u043b\u0438\u0441\u044c \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u0445\u043e\u0434\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f 2.16 \u0438 2.12.2, \u043d\u043e \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u00ab\u043d\u043e\u0432\u0435\u043d\u044c\u043a\u0438\u0439\u00bb. \u0418\u043c\u044f \u0435\u043c\u0443 CVE-2021-45105, \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0432 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 \u043e\u0442 \u0434\u0432\u0443\u0445 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u043e\u0442\u043d\u0435\u0441\u043b\u0438 \u043a \u0442\u0430\u043a\u0438\u043c \u0436\u0435 \u043e\u043f\u0430\u0441\u043d\u044b\u043c, \u043d\u043e \u043d\u0435 \u0442\u0430\u043a\u0438\u043c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c. \u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043d\u043e\u0432\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u044b\u0437\u044b\u0432\u0430\u043b\u0430 \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438 \u043f\u0440\u043e\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0432 \u0432\u0438\u0434\u0435 \u0437\u0430\u0446\u0438\u043a\u043b\u0438\u0432\u0430\u043d\u0438\u044f \u0438 \u0430\u0432\u0430\u0440\u0438\u0439\u043d\u043e\u0433\u043e \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u044b\u0445 \u0441\u0442\u0440\u043e\u043a. \u041d\u043e \u0432\u0440\u043e\u0434\u0435 \u043a\u0430\u043a \u0441 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u044b\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c Log4j 2.17, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0438 \u043f\u0440\u043e\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0441 Java 8.\n\n\u0411\u0443\u043a\u0432\u0430\u043b\u044c\u043d\u043e \u0432\u0447\u0435\u0440\u0430 Cryptolaemus \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0438 \u043e \u043d\u043e\u0432\u043e\u043c \u0441\u043f\u043e\u0441\u043e\u0431\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f Log4Shell \u0434\u043b\u044f \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0431\u0430\u043d\u043a\u043e\u0432\u0441\u043a\u0438\u043c \u0442\u0440\u043e\u044f\u043d\u043e\u043c \u00abDridex\u00bb \u0438\u043b\u0438 \u00abMeterpreter\u00bb.\n\n\u0418 \u0434\u0430\u043d\u043d\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u043e\u043b\u0435\u0435 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u0430, \u0432\u0435\u0434\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0434\u0430\u0436\u0435 \u043d\u0435 \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u0437\u043d\u0430\u0442\u044c \u043a\u0430\u043a\u0430\u044f \u0443 \u0436\u0435\u0440\u0442\u0432\u044b \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430. \u0412\u0441\u0435 \u043f\u043e\u0442\u043e\u043c\u0443, \u0447\u0442\u043e Java \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0444\u0430\u0439\u043b HTA, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u0441\u0430\u043c \u0442\u0440\u043e\u044f\u043d Dridex, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0439 \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 Windows. \u041e\u0434\u043d\u0430\u043a\u043e \u0435\u0441\u043b\u0438 \u044d\u0442\u043e \u043d\u0435 \u0441\u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u044b Windows \u043d\u0435 \u043c\u043e\u0433\u0443\u0442 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u0441\u044f \u0438\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u0441\u044f, \u0442\u043e \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0434\u0430\u043d\u043d\u0430\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u043d\u0435 \u043f\u043e\u0434\u0445\u043e\u0434\u0438\u0442 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u044d\u0442\u0438\u0445 \u0437\u0430\u0434\u0430\u0447 \u0438 \u043d\u0430\u0447\u0438\u043d\u0430\u0435\u0442\u0441\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432 \u043d\u0430 Python \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 Meterpreter, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043a\u0430\u043a \u0440\u0430\u0437 \u043f\u0440\u0438\u0441\u043f\u043e\u0441\u043e\u0431\u043b\u0435\u043d \u0434\u043b\u044f \u041e\u0421 Linux / Unix.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 Log4j \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u0430\u043c\u0438, \u0443\u0433\u0440\u043e\u0436\u0430\u044e\u0449\u0438\u043c\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0448\u0438\u0440\u043e\u043a\u0438\u0439 \u0441\u043f\u0435\u043a\u0442\u0440 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c, \u043d\u0435\u0443\u0434\u0438\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u0447\u0442\u043e \u0431\u043e\u043b\u0435\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u043d\u0430\u0447\u043d\u0443\u0442 \u043d\u0430\u0446\u0435\u043b\u0438\u0432\u0430\u0442\u044c\u0441\u044f \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c.\n\u0410 \u043d\u0430\u043c \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c\u0441\u044f \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0441 \u043d\u043e\u0432\u044b\u043c\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438, \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c Log4j \u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u0441\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u043c\u0438 \u0441\u043a\u0430\u043d\u0435\u0440\u0430\u043c\u0438, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, log4jScanner.\n@NeKaspersky", "creation_timestamp": "2021-12-22T15:51:02.000000Z"}, {"uuid": "3f12199e-b88b-4d0f-b67b-c790889fab9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5005", "content": "#exploit\n1. Android: apps have VM_MAYWRITE access to shared zygote JIT mapping\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2227\n\n2. CVE-2021-45105:\nLog4j2 DOS\nhttps://github.com/cckuailong/Log4j_dos_CVE-2021-45105", "creation_timestamp": "2021-12-19T13:30:32.000000Z"}, {"uuid": "77ef1677-1d9f-47b0-a172-308c179d1cad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/5115", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (Dec 1-31)\nCVE-2021-44228 - Apache Log4j2\nCVE-2021-45046 - Apache Log4j DoS\nCVE-2021-42278, CVE-2021-42287 - AD Domain Services EoP Vulnerability\nCVE-2021-44832 - Apache Log4j 2.17.0\nCVE-2021-45105 - DoS via Uncontrolled Recursion in Log4j Strsubstitutor\nCVE-2021-43798 - Grafana 8.x Path Traversal\nCVE-2021-44077 - PreAuth RCE in ManageEngine ServiceDesk Plus\nCVE-2021-4422 - Log4j vulnerability\nCVE-2021-44515 - Zoho ManageEngine Desktop Central Pre-auth RCE", "creation_timestamp": "2024-10-21T16:08:53.000000Z"}, {"uuid": "2625f7a9-efae-440f-9025-7e4200921c69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "seen", "source": "MISP/e804ed63-36a3-438d-b753-08a9c5ca89d8", "content": "", "creation_timestamp": "2021-12-22T20:43:05.000000Z"}, {"uuid": "918489d7-f343-449e-ba96-9379fcc25460", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1222", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aDiscover and remediate Log4Shell vulnerability [CVE-2021-45105]\nURL\uff1ahttps://github.com/sakuraji-labs/log4j-remediation", "creation_timestamp": "2021-12-24T01:05:40.000000Z"}, {"uuid": "7cb678b1-43b2-4364-9b1b-4c83e9facbfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1221", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aDiscover and remediate Log4Shell vulnerability [CVE-2021-45105]\nURL\uff1ahttps://github.com/sakuraji-labs/sakuraji_log4j", "creation_timestamp": "2021-12-23T21:51:23.000000Z"}, {"uuid": "114ca801-f9db-4735-919e-d4e9ad0ced81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1158", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aLog4j_dos_CVE-2021-45105\nURL\uff1ahttps://github.com/cckuailong/Log4j_dos_CVE-2021-45105", "creation_timestamp": "2021-12-18T12:59:09.000000Z"}, {"uuid": "ba953e6f-5e68-42ac-b0ea-2a9ee5e3e428", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1177", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aReplicating CVE-2021-45105\nURL\uff1ahttps://github.com/tejas-nagchandi/CVE-2021-45105", "creation_timestamp": "2021-12-19T23:27:07.000000Z"}, {"uuid": "bbdcd80c-a27b-4b8f-b60b-f4b9d67494b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1205", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1alog4j2 dos exploit,CVE-2021-45105 exploit,Denial of Service poc\nURL\uff1ahttps://github.com/iAmSOScArEd/log4j2_dos_exploit", "creation_timestamp": "2021-12-22T02:39:48.000000Z"}, {"uuid": "06671d7e-e8c7-4f75-aa8c-3961489aafcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "seen", "source": "https://t.me/true_secator/2677", "content": "NHS Digital \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e\u0431 RCE \u0432 Windows-\u043a\u043b\u0438\u0435\u043d\u0442\u0435 \u0434\u043b\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0435\u0439 Okta Advanced Server Access.\n\n\u0420\u0435\u0448\u0435\u043d\u0438\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0435\u0439 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c Zero Trust \u0434\u043b\u044f \u043e\u0431\u043b\u0430\u0447\u043d\u043e\u0439 \u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b, \u0435\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0442\u044b\u0441\u044f\u0447\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 CVE-2022-24295 \u0438 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u043d\u0430 \u0432\u0441\u0435\u043c \u0432\u0435\u0440\u0441\u0438\u044f\u043c \u041f\u041e \u0434\u043e 1.57.0 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e. \u0423\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u043c\u043e\u0436\u0435\u0442 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 URL-\u0430\u0434\u0440\u0435\u0441.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u043b\u043d\u043e\u043c\u0443 \u0437\u0430\u0445\u0432\u0430\u0442\u0443 \u0441\u0438\u0441\u0442\u0435\u043c\u044b. \u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043f\u043e\u043a\u0430 \u043d\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043e\u0448\u0438\u0431\u043a\u0438, \u043f\u044b\u0442\u0430\u044f\u0441\u044c \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u0435\u0435 \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\nNHS Digital \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u043e\u0441\u043a\u043e\u0440\u0435\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u0439 \u0434\u043b\u044f \u0432\u043d\u043e\u0432\u044c \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0432\u043d\u043e\u0432\u044c \u0432\u044b\u0448\u0435\u0434\u0448\u0438\u0439 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c NHS Digital \u0442\u0430\u043a\u0436\u0435 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439\u00a0Log4Shell (CVE-2021-45105, CVE-2021-45046 \u0438 CVE-2021-44228) \u0432 Okta.", "creation_timestamp": "2022-02-28T15:06:00.000000Z"}, {"uuid": "48bfb328-3e28-4f01-8bf0-ff6028d2b4b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "seen", "source": "https://t.me/cibsecurity/34242", "content": "\u203c CVE-2021-45105 \u203c\n\nApache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0 and 2.12.3.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-18T14:39:16.000000Z"}, {"uuid": "cd9e552f-b63d-498f-ae08-1914b8b14a21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "seen", "source": "https://t.me/thehackernews/1740", "content": "Apache Issues 3rd patch update -- version 2.17.0 -- to fix a new high-severity Log4j vulnerability (CVE-2021-45105).\n\nRead: https://thehackernews.com/2021/12/apache-issues-3rd-patch-to-fix-new-high.html", "creation_timestamp": "2021-12-18T11:18:39.000000Z"}, {"uuid": "2e2e1e1d-ab8e-4e8c-9cee-2408ccccd361", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1565", "content": "#exploit\n1. CVE 2020-14871:\nSun Solaris PoC Exploit\nhttps://github.com/robidev/CVE-2020-14871-Exploit\n\n2. CVE-2021-45105: \nDoS via Uncontrolled Recursion in Log4j Strsubstitutor\nhttps://www.zerodayinitiative.com/blog/2021/12/17/cve-2021-45105-denial-of-service-via-uncontrolled-recursion-in-log4j-strsubstitutor\n\n@BlueRedTeam", "creation_timestamp": "2021-12-26T08:45:29.000000Z"}, {"uuid": "fac459bb-87b2-4283-8a1d-fe3ba7b6e517", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1543", "content": "#Log4j \n#CVE-2021\n\nLog4j_dos_CVE-2021-45105\n\nhttps://github.com/cckuailong/Log4j_dos_CVE-2021-45105\n\n@BlueRedTeam", "creation_timestamp": "2021-12-18T14:06:12.000000Z"}, {"uuid": "5e847380-b4cd-46bd-adad-90b42572ef0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1544", "content": "#exploit\n1. Android: apps have VM_MAYWRITE access to shared zygote JIT mapping\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2227\n\n2. CVE-2021-45105:\nLog4j2 DOS\nhttps://github.com/cckuailong/Log4j_dos_CVE-2021-45105\n\n@BlueRedTeam", "creation_timestamp": "2021-12-19T09:25:55.000000Z"}, {"uuid": "ca676412-033a-4fb7-b9bf-10435317fdde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "seen", "source": "https://t.me/BlueRedTeam/1557", "content": "#CVE-2021\n#Log4j \n#CheetSheet\n\nLog4J CVE-2021-44228 : Mitigation Cheat Sheet\n\nhttps://github.com/thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105\n\n@BlueRedTeam", "creation_timestamp": "2021-12-22T10:05:35.000000Z"}, {"uuid": "7e149aaf-35b8-41dd-8a71-ba6f2d193e94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "published-proof-of-concept", "source": "Telegram/rLPnXko2Ivzn4I7ezSHaHxgw_pZJmCahOSNfOCXWKAfmeahg", "content": "", "creation_timestamp": "2022-03-06T14:22:02.000000Z"}, {"uuid": "1ff72b67-ed6b-4ac5-b272-9653b7ccccdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "seen", "source": "Telegram/ChT-1wgo7NOE9JBgyawOIK8A4daaz4Wqgy4DBWFv-2wTsrXs", "content": "", "creation_timestamp": "2021-12-23T05:49:17.000000Z"}, {"uuid": "df19e8a3-3b58-4718-bdb5-c361f30ad883", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5060", "content": "#exploit\n1. CVE 2020-14871:\nSun Solaris PoC Exploit\nhttps://github.com/robidev/CVE-2020-14871-Exploit\n\n2. CVE-2021-45105: \nDoS via Uncontrolled Recursion in Log4j Strsubstitutor\nhttps://www.zerodayinitiative.com/blog/2021/12/17/cve-2021-45105-denial-of-service-via-uncontrolled-recursion-in-log4j-strsubstitutor", "creation_timestamp": "2021-12-26T14:22:34.000000Z"}, {"uuid": "a3231f75-3c46-4504-8f50-b6e1b4352365", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-45105", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=705", "content": "", "creation_timestamp": "2021-12-20T04:00:00.000000Z"}, {"uuid": "a5864a5c-22b1-4efc-af75-222dda979049", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-45105", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_38/2021", "content": "", "creation_timestamp": "2021-12-10T08:54:02.000000Z"}, {"uuid": "04198a81-2e2a-4d48-a8db-1e540d15bddb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1192", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPOC of CVE-2021-45105\nURL\uff1ahttps://github.com/hackername0102/log4j", "creation_timestamp": "2021-12-20T21:29:35.000000Z"}, {"uuid": "1242c067-1f2e-4513-a8ac-4038a8e18090", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "seen", "source": "https://t.me/GithubRedTeam/1209", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aLog4J CVE-2021-44228 : Mitigation Cheat Sheet\nURL\uff1ahttps://github.com/thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105", "creation_timestamp": "2021-12-22T05:41:25.000000Z"}, {"uuid": "eac71d55-100a-4334-bb7b-f153759fc2c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "seen", "source": "MISP/4d26c5b0-4bc5-443c-8641-553684788bdc", "content": "", "creation_timestamp": "2026-04-19T22:45:30.000000Z"}, {"uuid": "0922a5ef-26f8-4553-8c87-1e08e163e897", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "seen", "source": "https://t.me/BleepingComputer/11193", "content": "Upgraded to log4j 2.16? Surprise, there's a 2.17 fixing DoS\n\nYesterday, BleepingComputer\u00a0summed\u00a0up all the log4j and logback CVEs known thus far. Ever since the critical log4j zero-day saga began last week, security experts have time and time again recommended version 2.16 as the safest release to be on. That changes today\u00a0with version 2.17.0 out\u00a0that fixes CVE-2021-45105, a DoS vulnerability. [...]\n\nhttps://www.bleepingcomputer.com/news/security/upgraded-to-log4j-216-surprise-theres-a-217-fixing-dos/", "creation_timestamp": "2021-12-18T10:44:28.000000Z"}, {"uuid": "a8a1477f-e5c7-4036-946d-576483c4f071", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "seen", "source": "https://t.me/pesni_rogozina/16967", "content": "\u200b\u200b\u0415\u0449\u0435 \u0440\u0430\u0437\nMerry Christmas! \n Log4shell \u0432\u0441\u0435 \u043d\u0438\u043a\u0430\u043a \u043d\u0435 \u043e\u0442\u0441\u0442\u0443\u043f\u0438\u0442. \u041a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0431\u044b \u0441 \u0442\u0435\u0445 \u043f\u043e\u0440, \u043a\u0430\u043a \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043d\u0430\u0447\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u0438\u043d\u043d\u0430\u044f \u044d\u043f\u043e\u043f\u0435\u044f \u0441 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 0-day \u0432\nlog4j, \u0434\u043b\u044f \u043c\u043d\u043e\u0433\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u044f 2. 16 \u043d\u0430 \u043a\u0430\u043a\u043e\u0435-\u0442\u043e \u043c\u0433\u043d\u043e\u0432\u0435\u043d\u0438\u0435 \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u0438\u0437 \u0441\u043b\u043e\u0436\u043d\u043e\u0439 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0438. \u041d\u043e, \u043a\u0430\u043a \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u043e\u0441\u044c, \u043e\u043d\u0430 \u0432\u043a\u043b\u044e\u0447\u0430\u043b\u0430 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0431\u0430\u0433\u0438 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0438 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u043d\u043e\u0432\u044b\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u0432\u0435\u0440\u0441\u0438\u0438 2. 17. 0. \n \u0414\u0435\u043b\u043e \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043f\u0440\u0435\u0434\u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u041f\u041e \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b\u0430\n\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u043a\u0430\u0437\u0430 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (\nDoS), \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0431\u044b\u043b \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d CVE-2021-45105. \u041e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0441\u0440\u0430\u0437\u0443 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a 2. 15. 0 \u0431\u044b\u043b \u043f\u0440\u0438\u0437\u043d\u0430\u043d \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u043a \u043d\u0435\u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\nDoS (CVE-2021-45046). \u041f\u043e\u0437\u0436\u0435 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0431\u044b\u043b \u043f\u043e\u0432\u044b\u0448\u0435\u043d\nApache \u0441 \u043d\u0438\u0437\u043a\u043e\u0433\u043e (3,7) \u0434\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e (9,0) \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u043d\u043e\u0432\u044b\u0435 \u043e\u0431\u0445\u043e\u0434\u044b \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0438 \u043a\u0440\u0430\u0441\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c. \n \u041f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u043e\u0431\u0441\u0443\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u0442\u0440\u0451\u0445 \u0434\u043d\u0435\u0439\nApache \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u043b \u043d\u043e\u0432\u0443\u044e CVE \u0438\n\u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043d\u043e\u0432\u0443\u044e \u043f\u0440\u043e\u043f\u0435\u0447\u0435\u043d\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e log4j 2. 17. 0. \n CVE-2021-45105 \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0438\u0439 \u00ab\u0432\u044b\u0441\u043e\u043a\u0438\u0439\u00bb (7,5) \u0431\u0430\u043b\u043b \u043f\u043e \u0448\u043a\u0430\u043b\u0435\nCVSS, \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443\nlog4j 2. 16 \u043d\u0435 \u0432\u0441\u0435\u0433\u0434\u0430 \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u0442 \u043e\u0442 \u043d\u0435\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u043e\u0439 \u0440\u0435\u043a\u0443\u0440\u0441\u0438\u0438 \u043f\u0440\u0438 \u0441\u0430\u043c\u043e\u0440\u0435\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c \u043f\u043e\u0438\u0441\u043a\u0435\nJNDI, \u043a\u043e\u0442\u043e\u0440\u044b\u0439, \u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0431\u044b, \u0431\u044b\u043b \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 2. 16, \u043d\u043e \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0441\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u043c \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043e\u0431\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430\u0445 \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u043b \u043a \u043e\u0448\u0438\u0431\u043a\u0435\nStackOverflowError. \u0412\u0435\u0440\u0441\u0438\u044f\n\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u043d\u0430 \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0435\u043c\nJava-\u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 -\nMaven Central. \u0412\u044b\u043f\u0443\u0441\u043a 2. 12. 3 \u0442\u0430\u043a\u0436\u0435 \u043d\u0430 \u043f\u043e\u0434\u0445\u043e\u0434\u0435 \u0434\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u0432\u0435\u0442\u043a\u0438 \u0410\u0431\u0441\u0442\u0440\u0430\u0433\u0438\u0440\u0443\u044f\u0441\u044c \u043e\u0442 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e\n\u0434\u0430\u043d\u043d\u044b\u043c\nGoogle, \u0431\u043e\u043b\u0435\u0435 35 000 \u043f\u0430\u043a\u0435\u0442\u043e\u0432\nJava \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\nlog4j, \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0445 \u0431\u043e\u043b\u0435\u0435 8 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\nMaven\nCentral. \u0411\u043e\u043b\u044c\u0448\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u0438\u0437 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u0437\u0430\u0438\u043c\u0441\u0442\u0432\u0443\u044e\u0442 \u0431\u0430\u0433\u0438\nlog4j \u00ab\u043a\u043e\u0441\u0432\u0435\u043d\u043d\u043e\u00bb \u043f\u043e \u043f\u0440\u0438\u043d\u0446\u0438\u043f\u0443 \u0442\u0440\u0430\u043d\u0437\u0438\u0442\u0438\u0432\u043d\u043e\u0439 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0438\u0437 35 863 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445\nGoogle \u043f\u0430\u043a\u0435\u0442\u043e\u0432, \u043e\u043a\u043e\u043b\u043e 7000 \u0437\u0430\u0438\u043c\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438\nlog4j \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438\nGoogle \u043f\u0440\u043e\u0433\u043d\u043e\u0437\u0438\u0440\u0443\u044e\u0442, \u0447\u0442\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 log4j \u0437\u0430\u0442\u044f\u043d\u0435\u0442\u0441\u044f \u043d\u0430 \u0433\u043e\u0434\u044b. \n \u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, \u0432 \u043d\u044b\u043d\u0435\u0448\u043d\u0438\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439\nlog4j \u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0442\u044c \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u0442\u044c\nApache \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439.   @biznesovyy_zhurnal\n    \u0422\u0430\u043a\u0436\u0435 \u043f\u043e \u044d\u0442\u043e\u0439 \u0442\u0435\u043c\u0435 \u043c\u043e\u0436\u0435\u0442\u0435 \u043f\u043e\u0447\u0438\u0442\u0430\u0442\u044c https://t.me/ehkho_ot_mosvy/21746", "creation_timestamp": "2021-12-20T13:35:36.000000Z"}, {"uuid": "ed6af9b4-d6c6-40e3-9370-3538da60b373", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "seen", "source": "https://t.me/GithubRedTeam/1262", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aLog4J CVE-2021-44228 : Mitigation Cheat Sheet\nURL\uff1ahttps://github.com/thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105--CVE-2021-44832", "creation_timestamp": "2022-01-03T17:46:59.000000Z"}, {"uuid": "5947837a-8088-4426-90e0-41efd742c5a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "seen", "source": "https://t.me/alexmakus/4463", "content": "\u042f \u0443\u0436\u0435 \u0441\u0431\u0438\u043b\u0441\u044f \u0441\u043e \u0441\u0447\u0435\u0442\u0430, \u043d\u043e, \u043a\u0430\u0436\u0435\u0442\u0441\u044f, \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Log4j, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a DoS. \u0417\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435\u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c - \u044d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c. \n\nhttps://logging.apache.org/log4j/2.x/security.html\n\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105\n\n\u041f\u043e\u0434\u0430\u0440\u043a\u0438 \u043d\u0430 \u0420\u043e\u0436\u0434\u0435\u0441\u0442\u0432\u043e \u0432 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0432 \u0441\u0435\u0431\u044f 2 RCE \u0438 2 DoS, \u0438 \u0431\u0435\u0441\u0441\u043e\u043d\u043d\u044b\u0435 \u043d\u043e\u0447\u0438 \u0430\u0434\u043c\u0438\u043d\u043e\u0432", "creation_timestamp": "2021-12-19T11:48:34.000000Z"}, {"uuid": "46dd4449-2e8b-4d09-a14c-5989d9701b30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45105", "type": "published-proof-of-concept", "source": "Telegram/vHTtKQxmAT3f8pPJYMyZLW3MJn_6GFVTdkZIulMbNHlsBg", "content": "", "creation_timestamp": "2023-11-22T10:27:55.000000Z"}]}