Top
item
Advertisement
image credit: Pexels

Log4Shell-like Critical RCE Flaw Discovered in H2 Database Console

January 7, 2022

Via: The Hacker News
Category:

Researchers have disclosed a security flaw affecting H2 database consoles that could result in remote code execution in a manner that echoes the Log4j “Log4Shell” vulnerability that came to light last month.

The issue, tracked as CVE-2021-42392, is the ” first critical issue published since Log4Shell, on a component other than Log4j, that exploits the same root cause of the Log4Shell vulnerability, namely JNDI remote class loading,” JFrog researchers Andrey Polkovnychenko and Shachar Menashe said.

Read More on The Hacker News

RELATED PUBLICATIONS

Palo Alto Networks Warns of Exploited Firewall Vulnerability
Fortinet Warns of Severe SQLi Vulnerability in FortiClientEMS Software
CISA Warns of Actively Exploited JetBrains TeamCity Vulnerability

Latest Publications

Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes
OpenAI’s GPT-4 can exploit real vulnerabilities by reading security advisories
Dangerous ICS Malware Targets Orgs in Russia and Ukraine
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!