Bentley Synchro 4D vulnerabilities

1 known vulnerability affecting bentley/synchro_4d.

Total CVEs
1
CISA KEV
1
actively exploited
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL1

Vulnerabilities

Page 1 of 1
CVE-2021-44228CRITICALCVSS 10.0KEVPoCfixed in 6.4.3.22021-12-10
CVE-2021-44228 [CRITICAL] CWE-20 CVE-2021-44228: Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LD
nvd