The two Log4Shell rules below are designed to detect the log4j2 exploit. The rules use an experimental feature not fully supported by ESET Inspect, so detection may not work each time. For example, if a detection has already been reported on the network layer, ESET Inspect will not detect the exploit again. ESET recommends executing the two rules below as a task using the Rerun task option.
The two rules below are for the general exploitation of Java Runtime, for example, CVE-2021-44228. These general rules may generate some false positives for legitimate Java applications.