· Actively exploitedCVSS 10.0 97%
CVE-2021-44228log4j-core@2.14.1·Atlas Gateway
-h -m -s
due 5 Jul, 09:01 UTC
CISA Added 2021-12-10. Required action: Apply updates per vendor instructions; for affected products, follow CISA mitigation guidance.Due 2021-12-24
Apache Log4j 2 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints (Log4Shell).
Upgrade tolog4j-core ≥ 2.17.1