![](https://i0.wp.com/hack2report.com/wp-content/uploads/2023/01/log4shell-logo.png?fit=1200%2C539&ssl=1)
This vulnerability from December 2021 ensured a busy start to 2022 for security teams. A zero-day vulnerability affected Log4j2 versions >= 2.0-beta9 and <= 2.15.0, which allowed an attacker to execute arbitrary code on a vulnerable system through specially crafted log messages. Successful exploitation (remote code execution) of this issue resulted in system-level privileges.
Workaround
Ensure that you have upgraded to Log4j 2.3.2 (for Java 6), 2.12.4 (for Java 7) or 2.17.1 (for Java 8 and later).