Web: https://nakedsecurity.sophos.com/2022/01/07/log4shell-like-security-hole-found-in-popular-java-sql-database-engine-h2/

Jan. 7, 2022, 7:32 p.m. | Paul Ducklin

Naked Security sophos.com

"It's Log4Shell, Jim, but not as we know it." How to find and fix a JNDI-based vuln in the H2 Database Engine.

cve-2021-42392 database engine h2 java jndi log4j log4shell popular security sql vulnerability

Cybersecurity Engineer

@ Sigma Defense | San Diego, California, United States

Sr Staff Engineer/Principal Engineer(Security Researcher, Security Efficacy)

@ Netskope | Bengaluru, Karnataka, India

Information Security Manager - Zurich, CH

@ Scandit | Zurich

Senior Developer C/Go (Acronis Cyber Infrastructure)

@ Acronis | Belgrade, Stari Grad, Serbia

Intermediate Security Analyst

@ ATB Financial | Calgary, Alberta, Canada

Staff / Principal Engineer, Security Services

@ Netskope | Taipei, Taiwan