The Apache Log4j vulnerability is a zero-day vulnerability that can be used for remote code exploitation. 40% of corporate networks have been targeted by attackers in at least 58 countries, security firm McAfee says. The flaw, designated CVE-2021-44228 and also known as the Log4Shell vulnerability, is widely used in Java applications. Security teams have gone into overdrive to assess the risk facing their organization due to the software. The vulnerability is “about as serious as it gets,” says Cybereason CSO Sam Curry.”]
Source: https://www.cuinfosecurity.com/exploiting-log4j-40-corporate-networks-targeted-so-far-a-18120