On 9th December 2021, the Alibaba Cloud Security Team released a zero-day vulnerability involving arbitrary code execution in Log4j 2, and “Log4Shell” was the given name.
With over thousands of millions of downloads of Log4j worldwide and its use as a Java logging framework since its creation about 20 years ago, we believe it’s being used in every organization worldwide. Every single piece of device or software that uses Java can be prone to this vulnerability Log4Shell (CVE-2021-44228).
What can you learn?