This document provides the text form of the CVE-2021-44228 Advisory Risk Matrices. Please note that the CVE numbers in this document correspond to the same CVE numbers in the CVE-2021-44228 Advisory
This page contains the following text format Risk Matrices:
This table provides the text form of the Risk Matrix for Third Party Component.
CVE# | Description |
---|---|
CVE-2021-44228 | Vulnerability in the Apache Log4j product of Third Party Component (component: All). Supported versions that are affected are 2.0 - 2.14.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Apache Log4j. While the vulnerability is in Apache Log4j, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Apache Log4j. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). (legend) [Advisory] |
CVE-2021-45046 | Vulnerability in the Apache Log4j product of Third Party Component (component: All). Supported versions that are affected are 2.0 - 2.15.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Apache Log4j. While the vulnerability is in Apache Log4j, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Apache Log4j. CVSS 3.1 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H). (legend) [Advisory] |