Jump to Content
ABA: The American Bankers Association
Skip Section Navigation

Apache Log4j Vulnerability (CVE-2021-44228)

On December 10, 2021, the Apache Software Foundation released a security advisory to address a remote code execution vulnerability (CVE-2021-44228) affecting Log4j versions 2.0-beta9 to 2.14.1. 

A remote adversary could exploit this vulnerability to take control of an affected system. Log4j is an open-source, Java-based logging utility widely used by enterprise applications and cloud services.  

This page was created to provide you with updates and resources to help you mitigate risk and maintain operational resiliency against this cyber threat and others.