Web: https://thehackernews.com/2022/01/log4shell-like-critical-rce-flaw.html

Jan. 12, 2022, 7:56 a.m. | noreply@blogger.com (Ravie Lakshmanan)

The Hacker News thehackernews.com

Researchers have disclosed a security flaw affecting H2 database consoles that could result in remote code execution in a manner that echoes the Log4j "Log4Shell" vulnerability that came to light last month.
The issue, tracked as CVE-2021-42392, is the "first critical issue published since Log4Shell, on a component other than Log4j, that exploits the same root cause of the Log4Shell

critical database flaw h2 h2 database log4shell rce

Information Security Analyst

@ XOR Security | Linthicum, MD

Principal Product Manager , Forensic Analysis Products

@ Amazon.com | Arlington, Virginia, USA

Cyber Security Chartered Engineer

@ Banglalink | Dhaka, Bangladesh

Account Executive, Cyber Threat Intelligence

@ Dataminr | New York, NY, United States

Principal Consultant, PCI QSA | Remote US

@ Coalfire | Denver, CO

Mid - Penetration Tester

@ XOR Security | Linthicum, MD