LeakIX report : reuters.com

Creation
Validation
Communication & fix
Disclosure

reuters.com / Server vulnerable to Log4J CVE-2021-44228

Deleted user reported 2021-12-11

Server vulnerable to Log4J CVE-2021-44228. The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP:

3.212.188.38

Port:

443

Detected protocol:

https

Vulnerable URL:

https://3.212.188.38

Received reply after a Log4j payload from this host
Orignal request was to 34.225.60.178

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a4f7269676e616c20726571756573742077617320746f2033342e3232352e36302e3137380a

Found by Log4JOpportunistic 2021-12-10

Report created by

deleted-user 2021-12-11

Report approved by

deleted-user 2021-12-11

New PDF report generated by system 2021-12-11

Report dispatched to ...@... by system 2021-12-11

Report comment dispatched to BloodyShell by system 2021-12-11

Report comment dispatched to iampritam by system 2021-12-11

Report comment dispatched to zythop by system 2021-12-11

Report comment dispatched to fokoil by system 2021-12-11

Report comment dispatched to thLambda by system 2021-12-11

Report comment dispatched to BloodyShell by system 2021-12-11

Report comment dispatched to iampritam by system 2021-12-11

Report comment dispatched to zythop by system 2021-12-11

Report comment dispatched to fokoil by system 2021-12-11

Report comment dispatched to thLambda by system 2021-12-11

Report edited by

deleted-user 2022-01-06

New PDF report generated by system 2022-01-06

Information

Owner reuters.com

Created 2021-12-11 08:15

Updated 2022-01-06 16:18

Fixed false

Contacts

p...@thomsonreuters.com

s...@us-cert.gov

Status

Status closed

Hosting contacted false

CERT contacted false

Download report