CVE-2021-29505

Vulnerability Profile Updated 2 months ago
Download STIX
Preview STIX
CVE-2021-29505 is a vulnerability that affects the Apache Log4j 2 library, which is a popular logging tool used by many applications. The vulnerability allows an attacker to remotely execute arbitrary code on a system running a vulnerable version of the library. This can lead to a complete compromise of the affected system, allowing an attacker to steal sensitive data or take control of the machine. The vulnerability was discovered in April 2021 and was immediately classified as critical due to the widespread use of the Apache Log4j 2 library. A patch for the vulnerability was released shortly after it was discovered, but it was later found that the patch did not fully address the issue. As a result, a second patch was released in May 2021 to fully mitigate the vulnerability. The CVE-2021-29505 vulnerability highlights the importance of promptly patching software vulnerabilities and the need for robust security practices. Organizations that use the Apache Log4j 2 library should ensure that they have applied the latest patches to protect against this vulnerability. They should also monitor their systems for any signs of compromise and be prepared to respond quickly if an attack occurs.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2021-29505 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
Multiple vulnerabilities in IBM Security Verify Governance