Vulnerability CVE-2017-5645


Published: 2017-04-17

Description:
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Apache Log4j socket receiver deserialization vulnerability
Telstra
18.04.2017

Type:

CWE-502

(Deserialization of Untrusted Data)

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Redhat -> Enterprise linux 
Redhat -> Enterprise linux desktop 
Redhat -> Enterprise linux server 
Redhat -> Enterprise linux server aus 
Redhat -> Enterprise linux server eus 
Redhat -> Enterprise linux server tus 
Redhat -> Enterprise linux workstation 
Oracle -> Enterprise data quality 
Oracle -> Insurance calculation engine 
Oracle -> Tape library acsls 
Oracle -> Enterprise manager base platform 
Oracle -> Insurance policy administration 
Oracle -> Utilities work and asset management 
Oracle -> Enterprise manager for fusion middleware 
Oracle -> Insurance rules palette 
Oracle -> Enterprise manager for mysql database 
Oracle -> Jd edwards enterpriseone tools 
Oracle -> Enterprise manager for oracle database 
Oracle -> Jdeveloper 
Oracle -> Enterprise manager for peoplesoft 
Oracle -> Peoplesoft enterprise fin install 
Oracle -> Financial services analytical applications infrastructure 
Oracle -> Policy automation 
Oracle -> Api gateway 
Oracle -> Financial services behavior detection platform 
Oracle -> Policy automation connector for siebel 
Oracle -> Autovue vuelink integration 
Oracle -> Financial services hedge management and ifrs valuations 
Oracle -> Policy automation for mobile devices 
Oracle -> Banking platform 
Oracle -> Financial services loan loss forecasting and provisioning 
Oracle -> Retail clearance optimization engine 
Oracle -> Communications messaging server 
Oracle -> Bi publisher 
Oracle -> Financial services profitability management 
Oracle -> Retail extract transform and load 
Oracle -> Mysql enterprise monitor 
Oracle -> Communications converged application server - service controller 
Oracle -> Flexcube investor servicing 
Oracle -> Retail integration bus 
Oracle -> Communications online mediation controller 
Oracle -> Fusion middleware mapviewer 
Oracle -> Retail open commerce platform 
Oracle -> Communications pricing design center 
Oracle -> Goldengate application adapters 
Oracle -> Retail predictive application server 
Oracle -> Communications service broker 
Oracle -> Identity analytics 
Oracle -> Siebel ui framework 
Oracle -> Configuration manager 
Oracle -> Identity management suite 
Oracle -> Soa suite 
Netapp -> Oncommand api services 
Netapp -> Oncommand insight 
Netapp -> Oncommand workflow automation 
Netapp -> Service level manager 
Netapp -> Snapcenter 
Netapp -> Storage automation store 
Apache -> Log4j 

 References:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
http://www.securityfocus.com/bid/97702
http://www.securitytracker.com/id/1040200
http://www.securitytracker.com/id/1041294
https://access.redhat.com/errata/RHSA-2017:1417
https://access.redhat.com/errata/RHSA-2017:1801
https://access.redhat.com/errata/RHSA-2017:1802
https://access.redhat.com/errata/RHSA-2017:2423
https://access.redhat.com/errata/RHSA-2017:2633
https://access.redhat.com/errata/RHSA-2017:2635
https://access.redhat.com/errata/RHSA-2017:2636
https://access.redhat.com/errata/RHSA-2017:2637
https://access.redhat.com/errata/RHSA-2017:2638
https://access.redhat.com/errata/RHSA-2017:2808
https://access.redhat.com/errata/RHSA-2017:2809
https://access.redhat.com/errata/RHSA-2017:2810
https://access.redhat.com/errata/RHSA-2017:2811
https://access.redhat.com/errata/RHSA-2017:2888
https://access.redhat.com/errata/RHSA-2017:2889
https://access.redhat.com/errata/RHSA-2017:3244
https://access.redhat.com/errata/RHSA-2017:3399
https://access.redhat.com/errata/RHSA-2017:3400
https://access.redhat.com/errata/RHSA-2019:1545
https://issues.apache.org/jira/browse/LOG4J2-1863
https://security.netapp.com/advisory/ntap-20180726-0002/
https://security.netapp.com/advisory/ntap-20181107-0002/
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

Copyright 2020, cxsecurity.com

 

Back to Top