Researchers find critical RCE security vulnerability in H2 database console

11 January 2022

, a Michigan-based provider of automated threat detection and response technology, explains, “While this vulnerability also utilizes remote JNDI class loading, it requires access that is not available with the default configuration of the H2 Database. Log4j was unique in that any number of attack-manipulated strings, from headers to URL paths, could result in exploitation of the victim depending on how the application was set up to utilize logging with Log4j.

Read full article on Security Magazine

Date:

11 January 2022

Categorie(s):

NEWS

Tag(s):

H2, IT, News, Researchers

No more 12345: devices with weak passwords to be banned in UK28 April 2024
20 Best Linux Password Managers in 202428 April 2024
Reliable Web App Pattern: Now Optimizes Azure Migration with Enhanced Infrastructure and Security28 April 2024
Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks28 April 2024
Good Security Is About Iteration, Not Perfection.28 April 2024