It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in an information leak and remote code execution in some environments and local code execution in all environments. Log4j 2.16.0 (Java 8) and 2.12.2 (Java 7) fix this issue by removing support for message lookup patterns and disabling JNDI functionality by default.
Se descubrió que la corrección para abordar CVE-2021-44228 en Apache Log4j versiones 2.15.0 estaba incompleta en ciertas configuraciones no predeterminadas. Esto podría permitir a los atacantes con control sobre los datos de entrada de Thread Context Map (MDC) cuando la configuración de registro utiliza un Pattern Layout no predeterminado con un Context Lookup (por ejemplo, $${ctx:loginId}) o un Thread Context Map pattern (%X, %mdc, o %MDC) para elaborar datos de entrada maliciosos utilizando un patrón JNDI Lookup que resulta en una fuga de información y ejecución de código remoto en algunos entornos y ejecución de código local en todos los entornos. Log4j versiones 2.16.0 (Java 8) y 2.12.2 (Java 7) solucionan este problema eliminando el soporte para los patrones de búsqueda de mensajes y deshabilitando la funcionalidad JNDI por defecto
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
| Attack Vector | NETWORK |
|---|---|
| Attack Complexity | HIGH |
| Privileges Required | NONE |
| User Interaction | NONE |
| Scope | CHANGED |
| Confidentiality Impact | HIGH |
| Integrity Impact | HIGH |
| Availability Impact | HIGH |
AV:N/AC:H/Au:N/C:P/I:P/A:P
| Access Vector | NETWORK |
|---|---|
| Access Complexity | HIGH |
| Authentication | NONE |
| Confidentiality Impact | PARTIAL |
| Integrity Impact | PARTIAL |
| Availability Impact | PARTIAL |
| Source | Type | Description |
|---|---|---|
| [email protected] | Secondary |
en
CWE-917
|
| [email protected] | Primary |
en
CWE-917
|
| Vendor | Product | Version | Update | Type |
|---|---|---|---|---|
| apache | log4j | * | <built-in method update of dict object at 0x72a9cc644d00> | Application |
| apache | log4j | * | <built-in method update of dict object at 0x72a9cc5c12c0> | Application |
| apache | log4j | 2.0 | <built-in method update of dict object at 0x72a9cd0c3300> | Application |
| apache | log4j | 2.0 | <built-in method update of dict object at 0x72a9b0c9a880> | Application |
| apache | log4j | 2.0 | <built-in method update of dict object at 0x72a9cc6453c0> | Application |
| apache | log4j | 2.0 | <built-in method update of dict object at 0x72a9cc645a40> | Application |
| cvat | computer_vision_annotation_tool | - | <built-in method update of dict object at 0x72a9cd0c0440> | Application |
| intel | audio_development_kit | - | <built-in method update of dict object at 0x72a9cc644c40> | Application |
| intel | datacenter_manager | - | <built-in method update of dict object at 0x72a9cc7efd00> | Application |
| intel | genomics_kernel_library | - | <built-in method update of dict object at 0x72a9cc645540> | Application |
| intel | oneapi | - | <built-in method update of dict object at 0x72a9cd0c2f40> | Application |
| intel | secure_device_onboard | - | <built-in method update of dict object at 0x72a9cd0c3fc0> | Application |
| intel | sensor_solution_firmware_development_kit | - | <built-in method update of dict object at 0x72a9cc46fc80> | Application |
| intel | system_debugger | - | <built-in method update of dict object at 0x72a9b0c9b280> | Application |
| intel | system_studio | - | <built-in method update of dict object at 0x72a9cc645ac0> | Application |
| siemens | sppa-t3000_ses3000_firmware | * | <built-in method update of dict object at 0x72a9cc644b00> | Operating System |
| siemens | captial | * | <built-in method update of dict object at 0x72a9cc645880> | Application |
| siemens | captial | 2019.1 | <built-in method update of dict object at 0x72a9cc8300c0> | Application |
| siemens | captial | 2019.1 | <built-in method update of dict object at 0x72a9cd0c3380> | Application |
| siemens | comos | * | <built-in method update of dict object at 0x72a9b0c3fe00> | Application |
| siemens | desigo_cc_advanced_reports | 4.0 | <built-in method update of dict object at 0x72a9cd0c2940> | Application |
| siemens | desigo_cc_advanced_reports | 4.1 | <built-in method update of dict object at 0x72a9cd0c2540> | Application |
| siemens | desigo_cc_advanced_reports | 4.2 | <built-in method update of dict object at 0x72a9b0794d00> | Application |
| siemens | desigo_cc_advanced_reports | 5.0 | <built-in method update of dict object at 0x72a9b07343c0> | Application |
| siemens | desigo_cc_advanced_reports | 5.1 | <built-in method update of dict object at 0x72a9b0c3e600> | Application |
| siemens | desigo_cc_info_center | 5.0 | <built-in method update of dict object at 0x72a9b0c9bb80> | Application |
| siemens | desigo_cc_info_center | 5.1 | <built-in method update of dict object at 0x72a9cc645280> | Application |
| siemens | e-car_operation_center | * | <built-in method update of dict object at 0x72a9cc7ecfc0> | Application |
| siemens | energy_engage | 3.1 | <built-in method update of dict object at 0x72a9cc627700> | Application |
| siemens | energyip | 8.5 | <built-in method update of dict object at 0x72a9cc7ed6c0> | Application |
| siemens | energyip | 8.6 | <built-in method update of dict object at 0x72a9b07959c0> | Application |
| siemens | energyip | 8.7 | <built-in method update of dict object at 0x72a9b0797ec0> | Application |
| siemens | energyip | 9.0 | <built-in method update of dict object at 0x72a9cc646cc0> | Application |
| siemens | energyip_prepay | 3.7 | <built-in method update of dict object at 0x72a9b0c99980> | Application |
| siemens | energyip_prepay | 3.8 | <built-in method update of dict object at 0x72a9cc646e40> | Application |
| siemens | gma-manager | * | <built-in method update of dict object at 0x72a9cc646740> | Application |
| siemens | head-end_system_universal_device_integration_system | * | <built-in method update of dict object at 0x72a9cc644bc0> | Application |
| siemens | industrial_edge_management | * | <built-in method update of dict object at 0x72a9cc646680> | Application |
| siemens | industrial_edge_management_hub | * | <built-in method update of dict object at 0x72a9cc6464c0> | Application |
| siemens | logo\!_soft_comfort | * | <built-in method update of dict object at 0x72a9cc646180> | Application |
| siemens | mendix | * | <built-in method update of dict object at 0x72a9cc6459c0> | Application |
| siemens | mindsphere | * | <built-in method update of dict object at 0x72a9cc646f40> | Application |
| siemens | navigator | * | <built-in method update of dict object at 0x72a9cc645300> | Application |
| siemens | nx | * | <built-in method update of dict object at 0x72a9cc646a40> | Application |
| siemens | opcenter_intelligence | * | <built-in method update of dict object at 0x72a9cc646280> | Application |
| siemens | operation_scheduler | * | <built-in method update of dict object at 0x72a9cc646fc0> | Application |
| siemens | sentron_powermanager | 4.1 | <built-in method update of dict object at 0x72a9cc645c80> | Application |
| siemens | sentron_powermanager | 4.2 | <built-in method update of dict object at 0x72a9cc6462c0> | Application |
| siemens | siguard_dsa | 4.2 | <built-in method update of dict object at 0x72a9cc646e80> | Application |
| siemens | siguard_dsa | 4.3 | <built-in method update of dict object at 0x72a9cc6454c0> | Application |
| siemens | siguard_dsa | 4.4 | <built-in method update of dict object at 0x72a9cc644b80> | Application |
| siemens | sipass_integrated | 2.80 | <built-in method update of dict object at 0x72a9cc645a80> | Application |
| siemens | sipass_integrated | 2.85 | <built-in method update of dict object at 0x72a9cc645ec0> | Application |
| siemens | siveillance_command | * | <built-in method update of dict object at 0x72a9b07958c0> | Application |
| siemens | siveillance_control_pro | * | <built-in method update of dict object at 0x72a9b0794080> | Application |
| siemens | siveillance_identity | 1.5 | <built-in method update of dict object at 0x72a9b0796900> | Application |
| siemens | siveillance_identity | 1.6 | <built-in method update of dict object at 0x72a9b0795380> | Application |
| siemens | siveillance_vantage | * | <built-in method update of dict object at 0x72a9b0795600> | Application |
| siemens | siveillance_viewpoint | * | <built-in method update of dict object at 0x72a9b0796680> | Application |
| siemens | solid_edge_cam_pro | * | <built-in method update of dict object at 0x72a9b0795480> | Application |
| siemens | solid_edge_harness_design | * | <built-in method update of dict object at 0x72a9cc5c0880> | Application |
| siemens | solid_edge_harness_design | 2020 | <built-in method update of dict object at 0x72a9b0796040> | Application |
| siemens | solid_edge_harness_design | 2020 | <built-in method update of dict object at 0x72a9b07957c0> | Application |
| siemens | solid_edge_harness_design | 2020 | <built-in method update of dict object at 0x72a9b0794cc0> | Application |
| siemens | spectrum_power_4 | * | <built-in method update of dict object at 0x72a9b0797780> | Application |
| siemens | spectrum_power_4 | 4.70 | <built-in method update of dict object at 0x72a9b0794c40> | Application |
| siemens | spectrum_power_4 | 4.70 | <built-in method update of dict object at 0x72a9b0795b80> | Application |
| siemens | spectrum_power_4 | 4.70 | <built-in method update of dict object at 0x72a9b0796c40> | Application |
| siemens | spectrum_power_7 | * | <built-in method update of dict object at 0x72a9b0794b40> | Application |
| siemens | spectrum_power_7 | 2.30 | <built-in method update of dict object at 0x72a9b0794840> | Application |
| siemens | spectrum_power_7 | 2.30 | <built-in method update of dict object at 0x72a9b0794200> | Application |
| siemens | spectrum_power_7 | 2.30 | <built-in method update of dict object at 0x72a9cc575c40> | Application |
| siemens | teamcenter | * | <built-in method update of dict object at 0x72a9cc576740> | Application |
| siemens | tracealertserverplus | * | <built-in method update of dict object at 0x72a9cc575d40> | Application |
| siemens | vesys | * | <built-in method update of dict object at 0x72a9cc575640> | Application |
| siemens | vesys | 2019.1 | <built-in method update of dict object at 0x72a9b0d3fbc0> | Application |
| siemens | vesys | 2019.1 | <built-in method update of dict object at 0x72a9b0d3ff00> | Application |
| siemens | vesys | 2019.1 | <built-in method update of dict object at 0x72a9b0d3c5c0> | Application |
| siemens | xpedition_enterprise | - | <built-in method update of dict object at 0x72a9b0d3ea80> | Application |
| siemens | xpedition_package_integrator | - | <built-in method update of dict object at 0x72a9b0d3ef00> | Application |
| debian | debian_linux | 10.0 | <built-in method update of dict object at 0x72a9b0d3efc0> | Operating System |
| debian | debian_linux | 11.0 | <built-in method update of dict object at 0x72a9b0d3e740> | Operating System |
| sonicwall | email_security | * | <built-in method update of dict object at 0x72a9b0d3c840> | Application |
| fedoraproject | fedora | 34 | <built-in method update of dict object at 0x72a9b0d3fb80> | Operating System |
| fedoraproject | fedora | 35 | <built-in method update of dict object at 0x72a9b0d3ee00> | Operating System |
| siemens | 6bk1602-0aa12-0tp0_firmware | * | <built-in method update of dict object at 0x72a9b0d3d580> | Operating System |
| siemens | 6bk1602-0aa22-0tp0_firmware | * | <built-in method update of dict object at 0x72a9b0d3f0c0> | Operating System |
| siemens | 6bk1602-0aa32-0tp0_firmware | * | <built-in method update of dict object at 0x72a9b0d3d400> | Operating System |
| siemens | 6bk1602-0aa42-0tp0_firmware | * | <built-in method update of dict object at 0x72a9b0d3f5c0> | Operating System |
| siemens | 6bk1602-0aa52-0tp0_firmware | * | <built-in method update of dict object at 0x72a9b0d3ee40> | Operating System |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:apache:log4j:2.0:-:*:*:*:*:*:* |
| Yes | cpe:2.3:a:apache:log4j:2.0:beta9:*:*:*:*:*:* |
| Yes | cpe:2.3:a:apache:log4j:2.0:rc1:*:*:*:*:*:* |
| Yes | cpe:2.3:a:apache:log4j:2.0:rc2:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:a:cvat:computer_vision_annotation_tool:-:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:intel:audio_development_kit:-:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:intel:datacenter_manager:-:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:intel:genomics_kernel_library:-:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:intel:oneapi:-:*:*:*:*:eclipse:*:* |
| Yes | cpe:2.3:a:intel:secure_device_onboard:-:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:intel:sensor_solution_firmware_development_kit:-:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:intel:system_debugger:-:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:intel:system_studio:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:siemens:sppa-t3000_ses3000_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:siemens:sppa-t3000_ses3000:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:a:siemens:captial:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:captial:2019.1:-:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:captial:2019.1:sp1912:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:comos:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.1:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.2:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.1:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:desigo_cc_info_center:5.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:desigo_cc_info_center:5.1:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:e-car_operation_center:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:energy_engage:3.1:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:energyip:8.5:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:energyip:8.6:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:energyip:8.7:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:energyip:9.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:energyip_prepay:3.7:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:energyip_prepay:3.8:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:gma-manager:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:head-end_system_universal_device_integration_system:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:industrial_edge_management:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:industrial_edge_management_hub:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:logo\!_soft_comfort:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:mendix:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:mindsphere:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:navigator:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:nx:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:opcenter_intelligence:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:operation_scheduler:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:sentron_powermanager:4.1:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:sentron_powermanager:4.2:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:siguard_dsa:4.2:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:siguard_dsa:4.3:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:siguard_dsa:4.4:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:sipass_integrated:2.80:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:sipass_integrated:2.85:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:siveillance_command:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:siveillance_control_pro:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:siveillance_identity:1.5:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:siveillance_identity:1.6:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:siveillance_vantage:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:siveillance_viewpoint:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:solid_edge_cam_pro:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:solid_edge_harness_design:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:solid_edge_harness_design:2020:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:solid_edge_harness_design:2020:-:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:solid_edge_harness_design:2020:sp2002:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:spectrum_power_4:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:spectrum_power_4:4.70:-:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:spectrum_power_4:4.70:sp7:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:spectrum_power_4:4.70:sp8:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:spectrum_power_7:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:spectrum_power_7:2.30:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:spectrum_power_7:2.30:-:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:spectrum_power_7:2.30:sp2:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:teamcenter:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:tracealertserverplus:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:vesys:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:vesys:2019.1:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:vesys:2019.1:-:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:vesys:2019.1:sp1912:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:xpedition_enterprise:-:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:siemens:xpedition_package_integrator:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:a:sonicwall:email_security:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:siemens:6bk1602-0aa12-0tp0:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:siemens:6bk1602-0aa12-0tp0_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:siemens:6bk1602-0aa22-0tp0:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:siemens:6bk1602-0aa22-0tp0_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:siemens:6bk1602-0aa32-0tp0:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:siemens:6bk1602-0aa32-0tp0_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:siemens:6bk1602-0aa42-0tp0:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:siemens:6bk1602-0aa42-0tp0_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:siemens:6bk1602-0aa52-0tp0:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:siemens:6bk1602-0aa52-0tp0_firmware:*:*:*:*:*:*:*:* |