CVE advisoryCRITICAL
CVE-2022-23305
Log4j allows attackers to run unauthorized commands by exploiting a specific logging feature.
Halo Surface Signal: 3 out of 5 — possibly public-facing.
An external attacker can exploit a Log4j vulnerability to execute unauthorized SQL commands, potentially stealing or altering sensitive business data. This matters because it could lead to unauthorized access or compromise the integrity of your company's information.