CVE-2021-45046

216.73.217.22

· Published 01/05/2023 02:00 · Modified 20/12/2025 22:00 · Author: Cybersecurity and Infrastructure Security Agency

Labels: CVE-2021-45046

Essential information

Published: 01/05/2023 02:00
Modified: 20/12/2025 22:00
Author: Cybersecurity and Infrastructure Security Agency
Creator: Cybersecurity and Infrastructure Security Agency
CISA KEV: Yes
CWE: —
CVSS vector

Description

Apache Log4j2 contains a deserialization of untrusted data vulnerability due to the incomplete fix of CVE-2021-44228, where the Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-default configurations.

NVD status

NVD: View on NVD