Security experts are driving our attention to the Log4Shell vulnerability in Java again. It has been around for several months. Although this new vulnerability known as CVE-2021-42392 has not yet been published in the National Vulnerability Database (NVD), experts are aware of its effects on the console of the popular H2 Java SQL database.
It is recommended that any business now running H2 consoles on their LAN or WAN update to version 2.0.206 in order to stop this attack. Not doing so could cause an unauthenticated remote code execution (RCE) and may lead to the loss of vital personal information.
This is a new bug that impacts Java. The JNDI lookup can be given a URL so hackers can execute code remotely. It’s possible because the H2 database is one of the top 50 most popular Maven packages and it’s used by many people. This means this vulnerability represents a significant risk for people who use H2 database
Some experts say that this version of Log4Shell will not be as dangerous as the original. For one thing, it should be easier to find servers that can be affected by this bug because it only affects a more focused scope. Moreover, the bug only affects the default settings and most H2 distribution consoles listen to localhost connections and so.
This most recent vulnerability primarily affects the H2 console. Fortunately, many users of the H2 database are not running the console and are thus less likely to be affected. That being said, there are other areas that attackers are exploiting. Organizations should examine the specific context of their systems to make sure that they are not being exposed to remote attacks by H2 hackers.