Web: https://thehackernews.com/2022/01/log4shell-like-critical-rce-flaw.html

Jan. 12, 2022, 7:56 a.m. | noreply@blogger.com (Ravie Lakshmanan)

The Hacker News thehackernews.com

Researchers have disclosed a security flaw affecting H2 database consoles that could result in remote code execution in a manner that echoes the Log4j "Log4Shell" vulnerability that came to light last month.
The issue, tracked as CVE-2021-42392, is the "first critical issue published since Log4Shell, on a component other than Log4j, that exploits the same root cause of the Log4Shell

critical database flaw h2 h2 database log4shell rce

Data Security Analyst Intermediate/Associate

@ University of Michigan - ITS | Ann Arbor, MI

Data Security Analyst Intermediate/Associate

@ University of Michigan - ITS | Ann Arbor, MI

Information Security Engineer

@ Arnold & Porter | Washington, DC

IT Policy, Governance, and Compliance Analyst

@ University of Michigan - ITS | Ann Arbor, MI

Director, Security and Trust - Remote

@ Elemy | United States

Senior Program Manager (Security)

@ Elemy | United States