all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Remote Code Execution in H2 Console JNDI - (CVE-2021-42392)

Add to bookmarks
Feb. 7, 2022, 6:32 p.m. |

FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com

Update 1/11 - "What is the Status of Coverage" section updatedFortiGuard Labs is aware of newly discovered vulnerability in H2 Database software. The vulnerability is an unauthenticated remote code execution in the H2 database console and similar to Log4j, it is JNDI-based and has an exploit vector similar to it. This vulnerability has been assigned CVE-2021-42392 and was found by security researchers at JFrog. What is H2 Database?H2 is a relational database management system written in Java and is open …

code code execution cve cve-2021-42392 h2 jndi remote code execution

Visit resource

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report

Google Chromium in Visuals Use-After-Free Vulnerability (CVE-2024-4671) 5 days ago | fortiguard.fortinet.com
browser can chrome chromium +15
GitLab Password Reset Vulnerability (CVE-2023-7028) 1 week, 1 day ago | fortiguard.fortinet.com
account administrator attacker cisa +23
Tinyproxy use-after-free Vulnerability (CVE-2023-49606) 1 week, 3 days ago | fortiguard.fortinet.com
actor arbitrary code can code +21
ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709) 1 week, 5 days ago | fortiguard.fortinet.com
access advisory application attackers +29
Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315) 2 weeks, 3 days ago | fortiguard.fortinet.com
CrushFTP VFS Sandbox Escape Vulnerability (CVE-2024-4040) 2 weeks, 4 days ago | fortiguard.fortinet.com
attackers attacks cisa cisa known exploited vulnerabilities +27
ArcaneDoor Attack (CVE-2024-20353 and CVE-2024-20359) 3 weeks, 3 days ago | fortiguard.fortinet.com
adaptive security advisory april arcanedoor +22
Akira Ransomware Attack (CVE-2023-20269 and CVE-2020-3259) 3 weeks, 3 days ago | fortiguard.fortinet.com
access advisory akira akira ransomware +17
PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400) 1 month ago | fortiguard.fortinet.com
advisory attack code code injection +27

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Sr. Staff Firmware Engineer – Networking & Firewall

@ Axiado | Bengaluru, India
View on infosec-jobs.com

Compliance Architect / Product Security Sr. Engineer/Expert (f/m/d)

@ SAP | Walldorf, DE, 69190
View on infosec-jobs.com

SAP Security Administrator

@ FARO Technologies | EMEA-Portugal
View on infosec-jobs.com