Security News > 2022 > January > Log4J-Related RCE Flaw in H2 Database Earns Critical Rating
Researchers discovered a bug related to the Log4J logging library vulnerability, which in this case opens the door for an adversary to execute remote code on vulnerable systems.
JFrog security discovered the flaw and rated critical in the context of the H2 Java database console, a popular open-source database, according to a Thursday blog post by researchers.
The root cause of the H2 flaw is based in JNDI remote class loading, making it similar to Log4Shell in that it allows several code paths in the H2 database framework pass unfiltered attacker-controlled URLs to the javax.
Unlike Log4Shell, the H2 flaw has a "Direct" scope of impact, meaning that typically the server that processes the initial request-that is, the H2 console-will feel the direct brunt of the remote code execution bug, researchers wrote in a post published Thursday.
Thirdly, while many vendors may be running the H2 database, they may not run the H2 console with it, JFrog researchers said.
Still, JFrog researchers said that many developer tools rely on the H2 database and specifically expose the H2 console.
News URL
https://threatpost.com/log4j-related-flaw-h2-database/177448/
Related news
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- HPE warns of critical RCE flaws in Aruba Networking access points (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble (source)
- Veeam warns of critical RCE bug in Service Provider Console (source)
- Exploit released for critical WhatsUp Gold RCE flaw, patch now (source)
- Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console (source)
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)