HOW TO FIX CVE-2021-42392- A CRITICAL UAUTHENTICATED RCE IN H2 DATABASE CONSOLE?
The flaw, tracked as CVE-2021-42392, has the same root cause as the Log4j vulnerability in the Apache Log4j logging utility. Let’s see how to fix CVE-2021-42392- a critical unauthenticated RCE in the H2 database console.
1. What is H2 Database?
2. What Is JNDI?
3. About the CVE-2021-42392 Vulnerability (A RCE Vulnerability in H2 Database Console):
4. H2 Database Versions Vulnerable to the CVE-2021-42392 vulnerability:
5. How to Check if the System is Vulnerable to the CVE-2021-42392 Vulnerability?
6. How to Fix CVE-2021-42392- A Critical Unauthenticated RCE in H2 Database Console?
Table of Contents :
What Is JNDI?
About the CVE-2021-42392 Vulnerability (A RCE Vulnerability in H2 Database Console):
Three Attack Vector:
1.H2 Web Console:
2.H2 Shell Tool: