Create an account on the HP Community to personalize your profile and ask a question
12-29-2021 11:46 PM - edited 12-30-2021 10:01 PM
attacker performs an HTTP request against a target system, which generates a log using Log4j 2 that leverages JNDI to perform a request to the attacker-controlled site. The vulnerability then causes the exploited process to reach out to the site and execute the payload. In many observed attacks, the attacker-owned parameter is a DNS logging system, intended to log a request to the site to fingerprint the vulnerable systems.
01-09-2022 04:01 AM - edited 01-25-2022 09:53 AM
Hi there, Can anyone quantify macys employeeconnection the actual risk to say an N-able server? Is direct access to the server required to take advantage of this, or could it be exploited by someone externally if they can either see the login page or if they are somehow able to sign in to the krogerfeedback.com RMM admin portal? I would think it's the former but trying to wrap my head around just how vulnerable systems are that are running log4j on them.
Didn't find what you were looking for? Ask the community