Apache Log4j vulnerability is a critical zero-day code execution vulnerability. On December 9, 2021, the Internet was set on fire when an exploit was posted publicly for Apache Log4J - a well-known logging utility in the Java programming language.
Apache Log4j vulnerability CVE-2021-44228 is a critical zero-day code execution vulnerability with a CVSS base score of 10. This weakness poses a significant risk to many applications and cloud services and it needs to be patched right away!
In this blog, CSW experts analyzed CISA’s Known Exploited Vulnerabilities (KEV) list for latencies in publishing, exploiting, and patching to understand how fast attackers are weaponizing them for attacks.