Log4Shell (CVE-2021-44228): Remote Code Execution in Every Java Application

On December 9, 2021, a security researcher disclosed a critical remote code execution vulnerability in Apache Log4j 2, a Java logging library embedded in thousands of enterprise applications worldwide.

Threat IntelligenceVSDVulnerabilityTIDThreatSPHSecurityIntermediateCONFIDENTIAL2,130 words9 min readApr 7, 2026

Last updated Apr 11, 2026

CLASSIFICATION: CONFIDENTIAL

This article requires CONFIDENTIAL clearance or higher.

What you need

Create a free Nexus ID to access CDA proprietary content including PDM domain explainers, methodology deep-dives, and reconnaissance mission briefings.

Create Nexus ID (Free)

Also at this clearance level

Threat IntelligenceTIDThreatIntermediate

Table of Contents

Log4Shell (CVE-2021-44228): Remote Code Execution in Every Java Application

What you need

Also at this clearance level

APT28 (Fancy Bear / Forest Blizzard)

Lazarus Group (HIDDEN COBRA / Diamond Sleet)

Salt Typhoon

Single Sign-On (SSO) Architecture

The Armory