On the plus side, only instances with non-standard not recommended configurations are vulnerable. On the downside, those configurations aren’t easy to track down, and it’s easy as pie to exploit.
Posts tagged "Database"
Log4J-Related RCE Flaw in H2 Database Earns Critical Rating
Critical flaw in the H2 open-source Java SQL database are similar to the Log4J vulnerability, but do not pose a widespread threat.
Threatpost
McDonald’s Email Blast Includes Password to Monopoly Game Database
Usernames, passwords for database sent in prize redemption emails.
Threatpost