HOW TO FIX CVE-2021-42392- A CRITICAL UAUTHENTICATED RCE IN H2 DATABASE CONSOLE?

THESECMASTER

The flaw, tracked as CVE-2021-42392, has the same root cause as the Log4j vulnerability in the Apache Log4j logging utility. Let’s see how to fix CVE-2021-42392- a critical unauthenticated RCE in the H2 database console.

THESECMASTER

1. What is H2 Database?
2. What Is JNDI?
3. About the CVE-2021-42392 Vulnerability (A RCE Vulnerability in H2 Database Console):
4. H2 Database Versions Vulnerable to the CVE-2021-42392 vulnerability:
5. How to Check if the System is Vulnerable to the CVE-2021-42392 Vulnerability?
6. How to Fix CVE-2021-42392- A Critical Unauthenticated RCE in H2 Database Console?

Table of Contents :

What Is JNDI?

About the CVE-2021-42392 Vulnerability (A RCE Vulnerability in H2 Database Console):

Three Attack Vector:

1.H2 Web Console:
2.H2 Shell Tool:
3.SQL-Based Vectors: 

Tumblr

Telegram

Medium

Twitter

LinkedIn

Facebook

FOLLOW US:

THESECMASTER