Unrated severityNVD Advisory· Published Apr 19, 2022· Updated Sep 16, 2024
Log4j hot patch package privilege escalation
CVE-2021-3100
Description
The Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.1-13 didn’t mimic the permissions of the JVM being patched, allowing it to escalate privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<1.1-13+ 1 more
- (no CPE)range: <1.1-13
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
3- alas.aws.amazon.com/AL2/ALAS-2021-1732.htmlmitrex_refsource_MISC
- alas.aws.amazon.com/ALAS-2021-1554.htmlmitrex_refsource_MISC
- unit42.paloaltonetworks.com/aws-log4shell-hot-patch-vulnerabilitiesmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.