Apache Log4J2 Vulnerability

A new critical remote code execution vulnerability in Apache Log4j2, a Java-based logging tool, was disclosed on 10 December 2021. There is no known proof-of-concept exploit available at this time, but this vulnerability is easy to exploit, and a public exploit is expected soon.

Apache Log4J Updates

This is the main article.  The Apache Log4J vulnerabilities will be updated when new critical information is released. Please monitor this report for updates as this vulnerability continues to grow and change.