Vulnerability CVE-2021-44228


Published: 2021-12-10

Description:
Apache Log4j2 2.0-beta9 through 2.12.1 and 2.13.0 through 2.15.0 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0, this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.

See advisories in our WLB2 database:
Topic
Author
Date
High
Log4j2 Remote Code Execution PoC
唐小风
10.12.2021
High
Apache Log4j 2 Remote Code Execution (Py)
kozmer, z9fr, sv...
14.12.2021
High
Apache Log4j2 2.14.1 Information Disclosure
leonjza
16.12.2021
High
Log4Shell HTTP Header Injection
sinn3r
12.01.2022

Type:

CWE-502

(Deserialization of Untrusted Data)

CVSS2 => (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
9.3/10
10/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Sonicwall -> Email security 
Siemens -> Mindsphere 
Siemens -> Spectrum power 7 
Siemens -> Navigator 
Siemens -> Teamcenter 
Siemens -> Captial 
Siemens -> NX 
Siemens -> Vesys 
Siemens -> Comos 
Siemens -> Opcenter intelligence 
Siemens -> Xpedition enterprise 
Siemens -> Desigo cc advanced reports 
Siemens -> Operation scheduler 
Siemens -> Xpedition package integrator 
Siemens -> Desigo cc info center 
Siemens -> Sentron powermanager 
Siemens -> E-car operation center 
Siemens -> Siguard dsa 
Siemens -> Energy engage 
Siemens -> Sipass integrated 
Siemens -> Energyip 
Siemens -> Siveillance command 
Siemens -> Energyip prepay 
Siemens -> Siveillance control pro 
Siemens -> Gma-manager 
Siemens -> Siveillance identity 
Siemens -> Head-end system universal device integration system 
Siemens -> Siveillance vantage 
Siemens -> Industrial edge management 
Siemens -> Siveillance viewpoint 
Siemens -> Industrial edge management hub 
Siemens -> Solid edge cam pro 
Siemens -> Logo\! soft comfort 
Siemens -> Solid edge harness design 
Siemens -> Mendix 
Siemens -> Spectrum power 4 
Netapp -> Active iq unified manager 
Netapp -> Cloud insights 
Netapp -> Cloud manager 
Netapp -> Cloud secure agent 
Netapp -> Oncommand insight 
Netapp -> Ontap tools 
Netapp -> Snapcenter 
Intel -> Audio development kit 
Intel -> Computer vision annotation tool 
Intel -> Data center manager 
Intel -> Genomics kernel library 
Intel -> Oneapi sample browser 
Intel -> Secure device onboard 
Intel -> Sensor solution firmware development kit 
Intel -> System debugger 
Intel -> System studio 
Fedoraproject -> Fedora 
Debian -> Debian linux 
Cisco -> Enterprise chat and email 
Cisco -> Sd-wan vmanage 
Cisco -> Workload optimization manager 
Cisco -> Cloudcenter workload manager 
Cisco -> Evolved programmable network manager 
Cisco -> Smart phy 
Cisco -> Unified intelligence center 
Cisco -> Common services platform collector 
Cisco -> Finesse 
Cisco -> Ucs central 
Cisco -> Unified sip proxy 
Cisco -> Connected mobile experiences 
Cisco -> Fog director 
Cisco -> Ucs director 
Cisco -> Unified workforce optimization 
Cisco -> Contact center domain manager 
Cisco -> Identity services engine 
Cisco -> Unified communications manager 
Cisco -> Contact center management portal 
Cisco -> Integrated management controller supervisor 
Cisco -> Unified communications manager im and presence service 
Cisco -> Crosswork data gateway 
Cisco -> Intersight virtual appliance 
Cisco -> Unified contact center enterprise 
Cisco -> Crosswork network controller 
Cisco -> Iot operations dashboard 
Cisco -> Unified contact center express 
Cisco -> Crosswork optimization engine 
Cisco -> Network assurance engine 
Cisco -> Unified customer voice portal 
Cisco -> Advanced malware protection virtual private cloud appliance 
Cisco -> Crosswork platform infrastructure 
Cisco -> Network services orchestrator 
Cisco -> Unity connection 
Cisco -> Automated subsea tuning 
Cisco -> Crosswork zero touch provisioning 
Cisco -> Nexus dashboard 
Cisco -> Video surveillance operations manager 
Cisco -> Broadworks 
Cisco -> Customer experience cloud agent 
Cisco -> Nexus insights 
Cisco -> Virtual topology system 
Cisco -> Business process automation 
Cisco -> Cyber vision sensor management extension 
Cisco -> Optical network controller 
Cisco -> Virtualized infrastructure manager 

 References:
https://logging.apache.org/log4j/2.x/security.html
http://www.openwall.com/lists/oss-security/2021/12/10/1
http://www.openwall.com/lists/oss-security/2021/12/10/2
http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html
https://security.netapp.com/advisory/ntap-20211210-0007/
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
http://www.openwall.com/lists/oss-security/2021/12/10/3
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
https://www.oracle.com/security-alerts/alert-cve-2021-44228.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/
http://www.openwall.com/lists/oss-security/2021/12/13/1
http://www.openwall.com/lists/oss-security/2021/12/13/2
https://twitter.com/kurtseifried/status/1469345530182455296
https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html
https://www.debian.org/security/2021/dsa-5020
https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf
http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html
http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html
http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html
http://www.openwall.com/lists/oss-security/2021/12/14/4
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html
https://www.kb.cert.org/vuls/id/930724
http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html
http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html
http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html
http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html
http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html
http://www.openwall.com/lists/oss-security/2021/12/15/3
https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf
https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/

Copyright 2022, cxsecurity.com

 

Back to Top