It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645) A flaw exists in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an malicious user to remotely execute arbitrary code when combined with a deserialization gadget. (CVE-2019-17571) A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSAppender in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote malicious user to execute code on the server if the deployed application is configured to use JMSAppender and to the attacker's JNDI LDAP endpoint. (CVE-2021-4104)
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache log4j |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
canonical ubuntu linux 18.04 |
||
opensuse leap 15.1 |
||
netapp oncommand workflow automation - |
||
netapp oncommand system manager |
||
oracle retail service backbone 14.1 |
||
oracle weblogic server 12.1.3.0.0 |
||
oracle retail service backbone 15.0 |
||
oracle weblogic server 10.3.6.0.0 |
||
oracle weblogic server 12.2.1.3.0 |
||
oracle application testing suite 13.3.0.1 |
||
oracle endeca information discovery studio 3.2.0 |
||
oracle weblogic server 12.2.1.4.0 |
||
oracle weblogic server 14.1.1.0.0 |
||
oracle rapid planning 12.1 |
||
oracle rapid planning 12.2 |
||
oracle financial services lending and leasing |
||
oracle financial services lending and leasing 12.5.0 |
||
oracle communications network integrity |
||
oracle primavera gateway |
||
oracle retail service backbone 16.0 |
||
oracle retail extract transform and load 19.0 |
||
oracle mysql enterprise monitor |
||
apache bookkeeper |
Get our weekly newsletter Plus: Ransomware gangster sentenced, Dell patches more Log4j bugs, and cartoon apes gone bad
In Brief Triton malware remains a threat to the global energy sector, according to an FBI warning. Triton is the software nasty used in a 2017 cyber attack carried out by a Russian government-backed research institution against a Middle East petrochemical facility. The new FBI warning [PDF] came a day after the US Department of Justice unsealed a pair of indictments that detail alleged Russian government efforts to use supply chain attacks and malware in an attempt to compromise and control crit...