Remote Code Execution vulnerability in Apache Java logging library (Log4j)

  • CERT Admin
  • Wed Dec 29 2021
  • Alerts


A critical vulnerability was found in the Java logging library log4j which allows an attacker to perform Remote Code Execution (RCE). 


RCE vulnerability resides in the Java logging library log4j can be exploited by logging a certain string or by sending a specially crafted payload. It is also identified that by successfully exploiting this vulnerability, a remote attacker could gain full control of the targeted servers.  


● Execution of payloads and malicious commands 

● Can be exploited without authentication 

● Remote access the computer through the Minecraft server 

● Sensitive information exposure 



Apply appropriate patches or mitigation steps as mentioned by various vendors. Refer below, 







The information provided herein is on an "as is" basis, without warranty of any kind.  

Last updated: Wed Dec 29 2021