{"id":6708,"date":"2021-12-16T19:44:31","date_gmt":"2021-12-16T22:44:31","guid":{"rendered":"https:\/\/www.certisur.com\/?page_id=6708"},"modified":"2023-05-02T17:00:03","modified_gmt":"2023-05-02T20:00:03","slug":"security-bulletin-vulnerability-analysis-ddc-ad","status":"publish","type":"page","link":"https:\/\/www.certisur.com\/en\/news\/security-bulletin-vulnerability-analysis-ddc-ad\/","title":{"rendered":"Security Bulletin: Vulnerability analysis &#8211; DDC\/AD"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-page\" data-elementor-id=\"6708\" class=\"elementor elementor-6708 elementor-6707\" data-elementor-post-type=\"page\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-cc9c265 cs-elementor-noticia-header elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"cc9c265\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-07d5b79\" data-id=\"07d5b79\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-977de0b elementor-widget elementor-widget-heading\" data-id=\"977de0b\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h1 class=\"elementor-heading-title elementor-size-default\">Security Bulletin: Vulnerability analysis &#8211; DDC\/AD<\/h1>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-fdd2c6d elementor-widget elementor-widget-text-editor\" data-id=\"fdd2c6d\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>CertiSur response to Log4j vulnerability<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6251c41 cs-elementor-noticia-header-date elementor-widget elementor-widget-text-editor\" data-id=\"6251c41\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t16 December, 2021\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b4f404f elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"b4f404f\" data-element_type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-4e935f14 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"4e935f14\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-2d9d657e\" data-id=\"2d9d657e\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-000aba1 elementor-widget elementor-widget-text-editor\" data-id=\"000aba1\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h2>CVE-2021-44228<\/h2>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4da79b6 elementor-widget elementor-widget-text-editor\" data-id=\"4da79b6\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h3>Description \/ Impact<\/h3>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1c0eed4 elementor-widget elementor-widget-text-editor\" data-id=\"1c0eed4\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>The threat, also named Log4Shell or LogJam, is a Remote Code Execution (RCE) class vulnerability. If an attacker manages to exploit it on a vulnerable server, they gain the ability to execute arbitrary code and potentially take full control of the system.<\/p>\n<p>A wider description of the problem can be found in: <a href=\"https:\/\/www.lunasec.io\/docs\/blog\/log4j-zero-day\/\">https:\/\/www.lunasec.io\/docs\/blog\/log4j-zero-day\/<\/a><\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1cfdec8 elementor-widget elementor-widget-text-editor\" data-id=\"1cfdec8\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h3>Product Versions<\/h3>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8cd37c4 elementor-widget elementor-widget-text-editor\" data-id=\"8cd37c4\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>This analysis covers two different products: Alison-Desktop and DigiCert Desktop Client. We have evaluated the last most distributed versions of both products.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-cb92be2 elementor-widget elementor-widget-image\" data-id=\"cb92be2\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"458\" height=\"183\" src=\"https:\/\/www.certisur.com\/wp-content\/uploads\/log4j.jpg\" class=\"attachment-large size-large wp-image-6716\" alt=\"log4j\" srcset=\"https:\/\/www.certisur.com\/wp-content\/uploads\/log4j.jpg 458w, https:\/\/www.certisur.com\/wp-content\/uploads\/log4j-300x120.jpg 300w\" sizes=\"(max-width: 458px) 100vw, 458px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-25255f9 elementor-widget elementor-widget-text-editor\" data-id=\"25255f9\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h3>Vulnerability CVE-2021-44228<\/h3>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-716e3ac elementor-widget elementor-widget-text-editor\" data-id=\"716e3ac\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>AD and DDC use a log4j version 1.x. This version is still very widely deployed, maybe several times more widely than version 2.x.<\/p>\n<p><strong>log4j 1.x does not offer a JNDI lookup mechanism at the message level, it does not suffer from CVE-2021-44228.<\/strong><\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3b708dc elementor-widget elementor-widget-text-editor\" data-id=\"3b708dc\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h3>Another related vulnerability<\/h3>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9d8f928 elementor-widget elementor-widget-text-editor\" data-id=\"9d8f928\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<ul>\n<li>CVE-2021-4104 <a href=\"https:\/\/access.redhat.com\/security\/cve\/CVE-2021-4104\">https:\/\/access.redhat.com\/security\/cve\/CVE-2021-4104<\/a><\/li>\n<\/ul>\n<p>We have done additional analysis on this fork and confirmed a new but similar vulnerability that can only be exploited by a trusted party. That vulnerability, related to JMSAppender, should require some special conditions to be exploited in any application. Specifically, any products that use Log4j 1.x are only affected if all of the following non-default configurations are in place:<\/p>\n<ul>\n<li>The JMS Appender is configured in the application\u2019s Log4j configuration<\/li>\n<li>The javax.jms API is included in the application\u2019s CLASSPATH<\/li>\n<li>The JMS Appender has been configured with a JNDI lookup to a third party. Note: this can only be done by a trusted user modifying the application\u2019s configuration, or by trusted code setting a property at runtime .<\/li>\n<\/ul>\n<p><strong>AD and DDC don\u2019t use an external application Log4j configuration file to be modified by an poisoning external application, and the default configuration doesn\u2019t enable JMSAppender.<\/strong><\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-00cf68e elementor-widget elementor-widget-text-editor\" data-id=\"00cf68e\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h3>Recomended Action<\/h3>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b23c0ef elementor-widget elementor-widget-text-editor\" data-id=\"b23c0ef\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Previous or Release Candidate versions of DigiCert Desktop Client (DDC) and Alison Desktop (AD) could include the log4j package in their distribution, but thanks to the version of the Java Virtual machine embedded in the aforementioned products and its configuration, the exploit of this vulnerability could not be achieved. However, and in case of any doubt we recommend the upgrade to DigiCert Desktop Client and Alison Desktop last versions on any branch that you are using.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6b40531 elementor-widget elementor-widget-text-editor\" data-id=\"6b40531\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>CertiSur support can be contacted using our standard methods:<\/p>\n<p>Email: support@certisur.com<\/p>\n<p>Phone: https:\/\/www.certisur.com\/en\/contact-us\/<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-15cbcb3 elementor-widget elementor-widget-text-editor\" data-id=\"15cbcb3\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>\u00a9 Copyright 2021 CertiSur S.A. All rights reserved.<\/p>\n<p>CertiSur is a trademark or a registered trademark of CertiSur S. A. in Argentina and certain countries. All other company and product names and logos are trademarks or registered trademarks of their respective owners in certain countries.<\/p>\n<p>Given the very nature of security vulnerabilities, security bulletins are intended to be kept to a small group of individuals. Security bulletins are to be distributed within your company only, and only on a need to know basis.<\/p>\n<p>The information is provided \u201cas is\u201d by CertiSur without any representations, conditions and\/or warranties of any kind, whether express, implied, statutory, by usage of trade, or otherwise. CertiSur specifically disclaims any and all representations, conditions, and\/or warranties of merchantability, satisfactory quality, and\/or fitness for a particular purpose. To the maximum extent permitted by applicable law, in no event will CertiSur be liable for any damages, losses or costs arising from your or any third party actions or omissions in connection with this bulletin. The only representations, conditions and\/or warranties that may be applicable to any CertiSur products that you may have are those contained in the agreement pursuant to which you obtained a license for those CertiSur products.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>CertiSur response to Log4j vulnerability CVE-2021-44228 Description \/ Impact The threat, also named Log4Shell or LogJam, is a Remote Code Execution (RCE) class vulnerability. If an attacker manages to exploit it on a vulnerable server, they gain the ability to execute arbitrary code and potentially take full control of the system. A wider description of [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"parent":4975,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"categories":[69],"class_list":["post-6708","page","type-page","status-publish","hentry","category-news"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>CertiSur<\/title>\n<meta name=\"description\" content=\"Security Bulletin: Vulnerability analysis - DDC\/AD Log4Shell, or LogJam, is a remote code execution class vulnerability.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.certisur.com\/en\/news\/security-bulletin-vulnerability-analysis-ddc-ad\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Security Bulletin: Vulnerability analysis - DDC\/AD - CertiSur\" \/>\n<meta property=\"og:description\" content=\"Security Bulletin: Vulnerability analysis - DDC\/AD Log4Shell, or LogJam, is a remote code execution class vulnerability.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.certisur.com\/en\/news\/security-bulletin-vulnerability-analysis-ddc-ad\/\" \/>\n<meta property=\"og:site_name\" content=\"CertiSur\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/CertiSur\" \/>\n<meta property=\"article:modified_time\" content=\"2023-05-02T20:00:03+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.certisur.com\/wp-content\/uploads\/log4j.jpg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@CertiSur\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.certisur.com\/en\/news\/security-bulletin-vulnerability-analysis-ddc-ad\/\",\"url\":\"https:\/\/www.certisur.com\/en\/news\/security-bulletin-vulnerability-analysis-ddc-ad\/\",\"name\":\"Security Bulletin: Vulnerability analysis - DDC\/AD - CertiSur\",\"isPartOf\":{\"@id\":\"https:\/\/www.certisur.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.certisur.com\/en\/news\/security-bulletin-vulnerability-analysis-ddc-ad\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.certisur.com\/en\/news\/security-bulletin-vulnerability-analysis-ddc-ad\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.certisur.com\/wp-content\/uploads\/log4j.jpg\",\"datePublished\":\"2021-12-16T22:44:31+00:00\",\"dateModified\":\"2023-05-02T20:00:03+00:00\",\"description\":\"Security Bulletin: Vulnerability analysis - DDC\/AD Log4Shell, or LogJam, is a remote code execution class vulnerability.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.certisur.com\/en\/news\/security-bulletin-vulnerability-analysis-ddc-ad\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.certisur.com\/en\/news\/security-bulletin-vulnerability-analysis-ddc-ad\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.certisur.com\/en\/news\/security-bulletin-vulnerability-analysis-ddc-ad\/#primaryimage\",\"url\":\"https:\/\/www.certisur.com\/wp-content\/uploads\/log4j.jpg\",\"contentUrl\":\"https:\/\/www.certisur.com\/wp-content\/uploads\/log4j.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.certisur.com\/en\/news\/security-bulletin-vulnerability-analysis-ddc-ad\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"News\",\"item\":\"https:\/\/www.certisur.com\/en\/news\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security Bulletin: Vulnerability analysis &#8211; DDC\/AD\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.certisur.com\/en\/#website\",\"url\":\"https:\/\/www.certisur.com\/en\/\",\"name\":\"CertiSur\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.certisur.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.certisur.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.certisur.com\/en\/#organization\",\"name\":\"CertiSur\",\"url\":\"https:\/\/www.certisur.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.certisur.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.certisur.com\/wp-content\/uploads\/Logo-CertiSur-Signo-de-Confianza-300dpi-copy.png\",\"contentUrl\":\"https:\/\/www.certisur.com\/wp-content\/uploads\/Logo-CertiSur-Signo-de-Confianza-300dpi-copy.png\",\"width\":3075,\"height\":2483,\"caption\":\"CertiSur\"},\"image\":{\"@id\":\"https:\/\/www.certisur.com\/en\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/CertiSur\",\"https:\/\/x.com\/CertiSur\",\"https:\/\/www.youtube.com\/c\/TecnologaCertiSur\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CertiSur","description":"Security Bulletin: Vulnerability analysis - DDC\/AD Log4Shell, or LogJam, is a remote code execution class vulnerability.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.certisur.com\/en\/news\/security-bulletin-vulnerability-analysis-ddc-ad\/","og_locale":"en_US","og_type":"article","og_title":"Security Bulletin: Vulnerability analysis - DDC\/AD - CertiSur","og_description":"Security Bulletin: Vulnerability analysis - DDC\/AD Log4Shell, or LogJam, is a remote code execution class vulnerability.","og_url":"https:\/\/www.certisur.com\/en\/news\/security-bulletin-vulnerability-analysis-ddc-ad\/","og_site_name":"CertiSur","article_publisher":"https:\/\/www.facebook.com\/CertiSur","article_modified_time":"2023-05-02T20:00:03+00:00","og_image":[{"url":"https:\/\/www.certisur.com\/wp-content\/uploads\/log4j.jpg","type":"","width":"","height":""}],"twitter_card":"summary_large_image","twitter_site":"@CertiSur","twitter_misc":{"Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.certisur.com\/en\/news\/security-bulletin-vulnerability-analysis-ddc-ad\/","url":"https:\/\/www.certisur.com\/en\/news\/security-bulletin-vulnerability-analysis-ddc-ad\/","name":"Security Bulletin: Vulnerability analysis - DDC\/AD - CertiSur","isPartOf":{"@id":"https:\/\/www.certisur.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.certisur.com\/en\/news\/security-bulletin-vulnerability-analysis-ddc-ad\/#primaryimage"},"image":{"@id":"https:\/\/www.certisur.com\/en\/news\/security-bulletin-vulnerability-analysis-ddc-ad\/#primaryimage"},"thumbnailUrl":"https:\/\/www.certisur.com\/wp-content\/uploads\/log4j.jpg","datePublished":"2021-12-16T22:44:31+00:00","dateModified":"2023-05-02T20:00:03+00:00","description":"Security Bulletin: Vulnerability analysis - DDC\/AD Log4Shell, or LogJam, is a remote code execution class vulnerability.","breadcrumb":{"@id":"https:\/\/www.certisur.com\/en\/news\/security-bulletin-vulnerability-analysis-ddc-ad\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.certisur.com\/en\/news\/security-bulletin-vulnerability-analysis-ddc-ad\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.certisur.com\/en\/news\/security-bulletin-vulnerability-analysis-ddc-ad\/#primaryimage","url":"https:\/\/www.certisur.com\/wp-content\/uploads\/log4j.jpg","contentUrl":"https:\/\/www.certisur.com\/wp-content\/uploads\/log4j.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.certisur.com\/en\/news\/security-bulletin-vulnerability-analysis-ddc-ad\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"News","item":"https:\/\/www.certisur.com\/en\/news\/"},{"@type":"ListItem","position":2,"name":"Security Bulletin: Vulnerability analysis &#8211; DDC\/AD"}]},{"@type":"WebSite","@id":"https:\/\/www.certisur.com\/en\/#website","url":"https:\/\/www.certisur.com\/en\/","name":"CertiSur","description":"","publisher":{"@id":"https:\/\/www.certisur.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.certisur.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.certisur.com\/en\/#organization","name":"CertiSur","url":"https:\/\/www.certisur.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.certisur.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.certisur.com\/wp-content\/uploads\/Logo-CertiSur-Signo-de-Confianza-300dpi-copy.png","contentUrl":"https:\/\/www.certisur.com\/wp-content\/uploads\/Logo-CertiSur-Signo-de-Confianza-300dpi-copy.png","width":3075,"height":2483,"caption":"CertiSur"},"image":{"@id":"https:\/\/www.certisur.com\/en\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/CertiSur","https:\/\/x.com\/CertiSur","https:\/\/www.youtube.com\/c\/TecnologaCertiSur"]}]}},"_links":{"self":[{"href":"https:\/\/www.certisur.com\/en\/wp-json\/wp\/v2\/pages\/6708","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.certisur.com\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.certisur.com\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.certisur.com\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.certisur.com\/en\/wp-json\/wp\/v2\/comments?post=6708"}],"version-history":[{"count":0,"href":"https:\/\/www.certisur.com\/en\/wp-json\/wp\/v2\/pages\/6708\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/www.certisur.com\/en\/wp-json\/wp\/v2\/pages\/4975"}],"wp:attachment":[{"href":"https:\/\/www.certisur.com\/en\/wp-json\/wp\/v2\/media?parent=6708"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.certisur.com\/en\/wp-json\/wp\/v2\/categories?post=6708"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}