Vulnerabilities > Amazon > Log4Jhotpatch

DATE CVE VULNERABILITY TITLE RISK
2022-04-19 CVE-2021-3100 Improper Privilege Management vulnerability in Amazon Log4Jhotpatch
The Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.1-13 didn’t mimic the permissions of the JVM being patched, allowing it to escalate privileges.
local
low complexity
amazon CWE-269
8.8
8.8
2022-04-19 CVE-2022-0070 Improper Privilege Management vulnerability in Amazon Log4Jhotpatch
Incomplete fix for CVE-2021-3100.
local
low complexity
amazon CWE-269
8.8
8.8