Log4j Vulnerability didn’t detection

A Nessus scan detected a Log4j vulnerability.
I tried to detect the same vulnerability through GVM, but they didn’t detect it.

The log4j-detect detected too.

The Target is authenticating with root, to scan all directories.

All libraries are used by applications. I copied them to /root/log4j_lib for easy detection.

Problem solved.
By default, the QoD is 70%, I changed it to 1% to see all the results, and the Log4j vulnerability appears.

2 Likes