Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
CVE-2021-44228 is a critical severity vulnerability with a CVSS score of 10.0. Exploits are available; patches have been released and should be applied urgently.
Key Points
1Critical severity (CVSS 10.0/10)
2EPSS: 94.00% - very high likelihood of exploitation
Very high probability of exploitation in the next 30 days
Immediate patching required
94.00%
EPSS
10.0
CVSS
Yes
Exploit
Yes
Patch
Critical Priority
high EPSS • exploit exists • critical severity
EPSS predicts the probability of exploitation in the next 30 days based on real-world threat data, complementing CVSS severity scores with actual risk assessment.
Description
Multiple Atlassian products use the third-party Log4j library, which is vulnerable toCVE-2021-44228:
CISA: Apache Log4j2 contains a vulnerability where JNDI features do not protect against attacker-controlled JNDI-related endpoints, allowing for remote code execution.
Paloaltonetworks: Apache Log4j Java library is vulnerable to a remote code execution vulnerability CVE-2021-44228, known as Log4Shell, and related vulnerabilities CVE-2021-45046, CVE-2021-45105, and CVE-2021-44832. Log4Shell allows remote unauthenticated attackers with the ability to inject text into log messages to execute arbitrary code loaded from malicious servers with the privileges of the process utilizing Log4j.
These products and services are not affected by Log4Shell: Bridgecrew, Cortex Data Lake, Cortex XDR agents, Cortex XSOAR, Cortex Xpanse, Enterprise Data Loss Prevention (DLP), Expedition, the GlobalProtect app, IoT Security, Okyo Garde, PAN-DB Private Cloud, PAN-OS software running on firewalls including VM and CN series, Prisma Access, Prisma Cloud, Prisma Cloud Compute, Prisma SD-WAN (CloudGenix), SaaS Security, Traps, User-ID Agent, WildFire Appliance (WF-500), and WildFire Cloud.
We have determined that some configurations of Panorama appliances with PAN-OS 9.0, PAN-OS 9.1, and PAN-OS 10.0 are impacted by CVE-2021-44228 and CVE-2021-45046 through the use of Elasticsearch. Fixes were released on December 20, 2021 to address both vulnerabilities on impacted PAN-OS versions. Panorama appliances are not impacted by CVE-2021-45105 and CVE-2021-44832.
NOTE: PAN-OS 8.1 and PAN-OS 10.1 versions for Panorama are not impacted by these issues. All versions of PAN-OS for firewalls and WildFire appliances are not affected.
These vulnerabilities impact Exact Data Matching (EDM) CLI application versions 1.0 - 2.0 provided by Enterprise Data Loss Prevention (DLP). Enterprise DLP is not affected by these issues.
The Palo Alto Networks Product Security Assurance team has completed evaluation of all products and services for these vulnerabilities. All cloud services with known possible impact have been remediated.
At this time, our guidance and criteria for impacted Panorama appliances remain the same for all related vulnerabilities. The Exact Data Matching (EDM) CLI application should now be upgraded to EDM CLI version 2.1 or later versions.
Threat Intelligence
Tags
EXPLOIT-DB:50592EXPLOIT-DB:51183EXPLOIT-DB:50590
Cite This Page
APA Format
Strobes VI. (2026). CVE-2021-44228 - CVE Details and Analysis. Strobes VI. Retrieved April 1, 2026, from https://vi.strobes.co/cve/CVE-2021-44228
Quick copy link + title
Please cite this page when referencing data from Strobes VI. Proper attribution helps support our vulnerability intelligence research.