high

Log4Shell Hot Patch Vulnerable to Container Escape and Privilege Escalation

Published Tue, Apr 19th, 2022

Platforms

Summary

AWS's hotpatches for Log4shell worked as intended but introduced new container escape vulnerabilities.

Affected Services

N/A

Remediation

None required

Tracked CVEs

CVE-2021-3100, CVE-2021-3101, CVE-2022-0070, CVE-2022-0071

References

https://unit42.paloaltonetworks.com/aws-log4shell-hot-patch-vulnerabilities/https://aws.amazon.com/security/security-bulletins/AWS-2022-006/

Contributed by https://github.com/0xdabbad00

Entry Status

Finalized

Disclosure Date

Tue, Dec 14th, 2021

Exploitability Period

Known ITW Exploitation

Detection Methods

None

Piercing Index Rating

Discovered by

Yuval Avrahami, Palo Alto

More vulnerabilities...

low

Privilege Escalation to SYSTEM in AWS VPN Client

The AWS VPN Client application is affected by an arbitrary file write as SYSTEM, which can lead to privilege escalation and an information disclosure vulnerability that allows the user's Net-NTLMv2...

David Yesland, Rhino SecurityApr 12, 2022

high

AWS RDS local file read

A vulnerability was discovered in the Aurora PostgreSQL log_fdw extension for Amazon Relational Database Service (RDS), allowing an attacker to read files on the EC2 host and obtain credentials for...

Gafnit Amiga, LightspinApr 11, 2022

low

Azure AD information disclosure via undocumented APIs

Undocumented Azure AD APIs could allow access to internal information of any organization that uses Azure AD. Collected details included licensing information, mailbox information, and directory sy...

SecureworksApr 5, 2022

View all