Hot Patches for Log4Shell Introduced Multiple...

Hot Patches for Log4Shell Introduced Multiple Vulnerabilities in Amazon Web Services

On April 19, researchers with Palo Alto’s Unit 42 disclosed four vulnerabilities introduced by the hot patches for Amazon Web Services (AWS) in response to CVE-2021-44228, also known as Log4Shell.

CVE-2021-3100: Apache Log4j Hot Patch Service Execution with Unnecessary Privileges Vulnerability
CVE-2021-3101: Hotdog Hot Patch Solution Execution with Unnecessary Privileges Vulnerability
CVE-2022-0070: Apache Log4j Hotpatch Service Execution with Unnecessary Privileges Vulnerability
CVE-2022-0071: Hotdog Hot Patch Solution Execution with Unnecessary Privileges Vulnerability

These issues can be exploited by “every container in [the hot patched] environment” to achieve container escape and host takeover. The vulnerabilities also allow unprivileged processes to escalate privileges and gain code execution with root privileges. The vulnerabilities are not configuration-dependent, they can be exploited in most AWS environments.

For more information about the vulnerability, including the availability of patches and Tenable product coverage, please visit our blog.

Vulnerability Watch

Forum Discussion

Hot Patches for Log4Shell Introduced Multiple...

Recent Discussions

Frequently Asked Questions About Notepad++ Supply Chain Compromise

Ivanti Endpoint Manager Mobile Zero-Days Exploited (CVE-2026-1281, CVE-2026-1340)

Oracle January 2026 Critical Patch Update Addresses 158 CVEs

CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Vulnerability

Microsoft’s January 2026 Patch Tuesday Addresses 113 CVEs (CVE-2026-20805)

Americas

Europe

Asia / Australia