What is JNDI?

JNDI is the acronym for Java Naming and Directory Interface, which is a Java API for consuming certain services oriented to searching for objects on a network.

JNDI is commonly used to associate logical names with resources, analogous to how the DNS service associates FQDNs with IPs. For example, when an EJB (Enterprise JavaBeans) requests a resource from JNDI, it passes the request to the corresponding service and returns the resource.

Among the services supported by JNDI, LDAP, RMI or DNS stand out, among others, which were actively used to attack vulnerable Log4J components (see CVE-2021-44228) through JNDI Injection-type attacks. This attack was commonly known as “Log4Shell“, which was extensively studied and monitored by our Threat Hunting service.

We are using cookies to give you the best experience on our website. You can find out more about which cookies we are using or switch them off in Cookies Settings

Necessary

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

Necessary cookies

3rd Party Cookies

This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages. Keeping this cookie enabled helps us to improve our website.

3rd party cookies

Cookies policy