ID CVE-2017-5645
Summary In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
References
Vulnerable Configurations
  • Apache Software Foundation Log4j 2.0 Alpha1
    cpe:2.3:a:apache:log4j:2.0:alpha1
  • Apache Software Foundation Log4j 2.0 Alpha2
    cpe:2.3:a:apache:log4j:2.0:alpha2
  • Apache Software Foundation Log4j 2.0 Beta1
    cpe:2.3:a:apache:log4j:2.0:beta1
  • Apache Software Foundation Log4j 2.0 Beta2
    cpe:2.3:a:apache:log4j:2.0:beta2
  • Apache Software Foundation Log4j 2.0 Beta3
    cpe:2.3:a:apache:log4j:2.0:beta3
  • Apache Software Foundation Log4j 2.0 Beta4
    cpe:2.3:a:apache:log4j:2.0:beta4
  • Apache Software Foundation Log4j 2.0 Beta5
    cpe:2.3:a:apache:log4j:2.0:beta5
  • Apache Software Foundation Log4j 2.0 Beta6
    cpe:2.3:a:apache:log4j:2.0:beta6
  • Apache Software Foundation Log4j 2.0 Beta7
    cpe:2.3:a:apache:log4j:2.0:beta7
  • Apache Software Foundation Log4j 2.0 Beta8
    cpe:2.3:a:apache:log4j:2.0:beta8
  • Apache Software Foundation Log4j 2.0 Beta9
    cpe:2.3:a:apache:log4j:2.0:beta9
  • Apache Software Foundation Log4j 2.0 Release Candidate 1
    cpe:2.3:a:apache:log4j:2.0:rc1
  • Apache Software Foundation Log4j 2.0 Release Candidate 2
    cpe:2.3:a:apache:log4j:2.0:rc2
  • Apache Software Foundation Log4j 2.0.1
    cpe:2.3:a:apache:log4j:2.0.1
  • Apache Software Foundation Log4j 2.0.2
    cpe:2.3:a:apache:log4j:2.0.2
  • Apache Software Foundation Log4j 2.1
    cpe:2.3:a:apache:log4j:2.1
  • Apache Software Foundation Log4j 2.2
    cpe:2.3:a:apache:log4j:2.2
  • Apache Software Foundation Log4j 2.3
    cpe:2.3:a:apache:log4j:2.3
  • Apache Software Foundation Log4j 2.4
    cpe:2.3:a:apache:log4j:2.4
  • Apache Software Foundation Log4j 2.4.1
    cpe:2.3:a:apache:log4j:2.4.1
  • Apache Software Foundation Log4j 2.5
    cpe:2.3:a:apache:log4j:2.5
  • Apache Software Foundation Log4j 2.6
    cpe:2.3:a:apache:log4j:2.6
  • Apache Software Foundation Log4j 2.6.1
    cpe:2.3:a:apache:log4j:2.6.1
  • Apache Software Foundation Log4j 2.6.2
    cpe:2.3:a:apache:log4j:2.6.2
  • Apache Software Foundation Log4j 2.7
    cpe:2.3:a:apache:log4j:2.7
  • Apache Software Foundation Log4j 2.8
    cpe:2.3:a:apache:log4j:2.8
  • Apache Software Foundation Log4j 2.8.1
    cpe:2.3:a:apache:log4j:2.8.1
  • cpe:2.3:a:netapp:oncommand_api_services
    cpe:2.3:a:netapp:oncommand_api_services
  • cpe:2.3:a:netapp:oncommand_insight
    cpe:2.3:a:netapp:oncommand_insight
  • cpe:2.3:a:netapp:oncommand_workflow_automation
    cpe:2.3:a:netapp:oncommand_workflow_automation
  • cpe:2.3:a:netapp:service_level_manager
    cpe:2.3:a:netapp:service_level_manager
  • cpe:2.3:a:netapp:snapcenter
    cpe:2.3:a:netapp:snapcenter
  • cpe:2.3:a:netapp:storage_automation_store
    cpe:2.3:a:netapp:storage_automation_store
  • Red Hat Enterprise Linux 6.0
    cpe:2.3:o:redhat:enterprise_linux:6.0
  • Red Hat Enterprise Linux 6.7
    cpe:2.3:o:redhat:enterprise_linux:6.7
  • Red Hat Enterprise Linux (RHEL) 7.0 (7)
    cpe:2.3:o:redhat:enterprise_linux:7.0
  • Red Hat Enterprise Linux 7.3
    cpe:2.3:o:redhat:enterprise_linux:7.3
  • Red Hat Enterprise Linux 7.4
    cpe:2.3:o:redhat:enterprise_linux:7.4
  • Red Hat Enterprise Linux 7.5
    cpe:2.3:o:redhat:enterprise_linux:7.5
  • Red Hat Enterprise Linux 7.6
    cpe:2.3:o:redhat:enterprise_linux:7.6
  • RedHat Enterprise Linux Desktop 7.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
  • RedHat Enterprise Linux Server 7.0
    cpe:2.3:o:redhat:enterprise_linux_server:7.0
  • Red Hat Enterprise Linux Server Advanced mission critical Update Support (AUS) 7.4
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4
  • Red Hat Enterprise Linux Server Advanced mission critical Update Support (AUS) 7.6
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6
  • Red Hat Enterprise Linux Server Extended Update Support (EUS) 7.4
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4
  • Red Hat Enterprise Linux Server Extended Update Support (EUS) 7.5
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5
  • Red Hat Enterprise Linux Server Extended Update Support (EUS) 7.6
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6
  • Red Hat Enterprise Linux Server TUS 7.4
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4
  • Red Hat Enterprise Linux Server Telecommunications Update Service (TUS) 7.6
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6
  • RedHat Enterprise Linux Workstation 7.0
    cpe:2.3:o:redhat:enterprise_linux_workstation:7.0
  • Oracle API Gateway 11.1.2.4.0
    cpe:2.3:a:oracle:api_gateway:11.1.2.4.0
  • cpe:2.3:a:oracle:autovue_vuelink_integration:21.0.0
    cpe:2.3:a:oracle:autovue_vuelink_integration:21.0.0
  • cpe:2.3:a:oracle:autovue_vuelink_integration:21.0.1
    cpe:2.3:a:oracle:autovue_vuelink_integration:21.0.1
  • cpe:2.3:a:oracle:banking_platform:2.6.0
    cpe:2.3:a:oracle:banking_platform:2.6.0
  • cpe:2.3:a:oracle:banking_platform:2.6.1
    cpe:2.3:a:oracle:banking_platform:2.6.1
  • cpe:2.3:a:oracle:banking_platform:2.6.2
    cpe:2.3:a:oracle:banking_platform:2.6.2
  • cpe:2.3:a:oracle:bi_publisher:11.1.1.7.0
    cpe:2.3:a:oracle:bi_publisher:11.1.1.7.0
  • cpe:2.3:a:oracle:bi_publisher:11.1.1.9.0
    cpe:2.3:a:oracle:bi_publisher:11.1.1.9.0
  • cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0
    cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0
  • cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0
    cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0
  • cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.1
    cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.1
  • Oracle Communications Messaging Server 6.3
    cpe:2.3:a:oracle:communications_messaging_server:6.3
  • Oracle Communications Messaging Server 7.0
    cpe:2.3:a:oracle:communications_messaging_server:7.0
  • Oracle Communications Messaging Server 7.0.5
    cpe:2.3:a:oracle:communications_messaging_server:7.0.5
  • Oracle Communications Messaging Server 8.0
    cpe:2.3:a:oracle:communications_messaging_server:8.0
  • Oracle Communications Online Mediation Controller 6.1
    cpe:2.3:a:oracle:communications_online_mediation_controller:6.1
  • cpe:2.3:a:oracle:communications_pricing_design_center:11.1
    cpe:2.3:a:oracle:communications_pricing_design_center:11.1
  • cpe:2.3:a:oracle:communications_pricing_design_center:12.0
    cpe:2.3:a:oracle:communications_pricing_design_center:12.0
  • Oracle Communications Service Broker 6.0
    cpe:2.3:a:oracle:communications_service_broker:6.0
  • cpe:2.3:a:oracle:configuration_manager:12.1.2.0.2
    cpe:2.3:a:oracle:configuration_manager:12.1.2.0.2
  • cpe:2.3:a:oracle:configuration_manager:12.1.2.0.5
    cpe:2.3:a:oracle:configuration_manager:12.1.2.0.5
  • cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.3.0
    cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.3.0
  • Oracle Enterprise Manager Base Platform 12.1.0.5
    cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5
  • cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0
    cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0
  • cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:12.1.0.5
    cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:12.1.0.5
  • cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.2.0.0
    cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.2.0.0
  • cpe:2.3:a:oracle:enterprise_manager_for_mysql_database:13.2.2.0.0
    cpe:2.3:a:oracle:enterprise_manager_for_mysql_database:13.2.2.0.0
  • cpe:2.3:a:oracle:enterprise_manager_for_oracle_database:12.1.0.8
    cpe:2.3:a:oracle:enterprise_manager_for_oracle_database:12.1.0.8
  • cpe:2.3:a:oracle:enterprise_manager_for_oracle_database:13.2.2
    cpe:2.3:a:oracle:enterprise_manager_for_oracle_database:13.2.2
  • cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.1.1.1
    cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.1.1.1
  • cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.2.1.1
    cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.2.1.1
  • Oracle Financial Services Analytical Applications Infrastructure 8.0.0.0.0
    cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.0.0.0
  • Oracle Financial Services Analytical Applications Infrastructure 8.0.1.0.0
    cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.1.0.0
  • Oracle Financial Services Analytical Applications Infrastructure 8.0.2.0.0
    cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.2.0.0
  • Oracle Financial Services Analytical Applications Infrastructure 8.0.3.0.0
    cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.3.0.0
  • Oracle Financial Services Analytical Applications Infrastructure 8.0.4.0.0
    cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.4.0.0
  • Oracle Financial Services Analytical Applications Infrastructure 8.0.5.0.0
    cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.5.0.0
  • cpe:2.3:a:oracle:financial_services_behavior_detection_platform:6.1.1
    cpe:2.3:a:oracle:financial_services_behavior_detection_platform:6.1.1
  • cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.4
    cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.4
  • cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.5
    cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.5
  • cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.4
    cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.4
  • cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.5
    cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.5
  • cpe:2.3:a:oracle:financial_services_profitability_management:6.1.1
    cpe:2.3:a:oracle:financial_services_profitability_management:6.1.1
  • Oracle Financial Services Profitability Management 8.0.0.0.0
    cpe:2.3:a:oracle:financial_services_profitability_management:8.0.0.0.0
  • Oracle Financial Services Profitability Management 8.0.1.0.0
    cpe:2.3:a:oracle:financial_services_profitability_management:8.0.1.0.0
  • Oracle Financial Services Profitability Management 8.0.2.0.0
    cpe:2.3:a:oracle:financial_services_profitability_management:8.0.2.0.0
  • Oracle Financial Services Profitability Management 8.0.3.0.0
    cpe:2.3:a:oracle:financial_services_profitability_management:8.0.3.0.0
  • Oracle Financial Services Profitability Management 8.0.4.0.0
    cpe:2.3:a:oracle:financial_services_profitability_management:8.0.4.0.0
  • Oracle Financial Services Profitability Management 8.0.5.0.0
    cpe:2.3:a:oracle:financial_services_profitability_management:8.0.5.0.0
  • Oracle FLEXCUBE Investor Servicing 12.0.4
    cpe:2.3:a:oracle:flexcube_investor_servicing:12.0.4
  • Oracle FLEXCUBE Investor Servicing 12.1.0
    cpe:2.3:a:oracle:flexcube_investor_servicing:12.1.0
  • Oracle FLEXCUBE Investor Servicing 12.3.0
    cpe:2.3:a:oracle:flexcube_investor_servicing:12.3.0
  • cpe:2.3:a:oracle:flexcube_investor_servicing:12.4.0
    cpe:2.3:a:oracle:flexcube_investor_servicing:12.4.0
  • Oracle FLEXCUBE Investor Servicing 14.0.0
    cpe:2.3:a:oracle:flexcube_investor_servicing:14.0.0
  • Oracle Fusion Middleware MapViewer 12.2.1.2
    cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.2
  • cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3
    cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3
  • cpe:2.3:a:oracle:goldengate_application_adapters:12.3.2.1.1
    cpe:2.3:a:oracle:goldengate_application_adapters:12.3.2.1.1
  • Oracle Identity Analytics 11.1.1.5.8
    cpe:2.3:a:oracle:identity_analytics:11.1.1.5.8
  • cpe:2.3:a:oracle:identity_management_suite:11.1.2.3.0
    cpe:2.3:a:oracle:identity_management_suite:11.1.2.3.0
  • cpe:2.3:a:oracle:identity_management_suite:12.2.1.3.0
    cpe:2.3:a:oracle:identity_management_suite:12.2.1.3.0
  • cpe:2.3:a:oracle:insurance_calculation_engine:10.1.1
    cpe:2.3:a:oracle:insurance_calculation_engine:10.1.1
  • cpe:2.3:a:oracle:insurance_calculation_engine:10.2.1
    cpe:2.3:a:oracle:insurance_calculation_engine:10.2.1
  • cpe:2.3:a:oracle:insurance_policy_administration:10.0
    cpe:2.3:a:oracle:insurance_policy_administration:10.0
  • cpe:2.3:a:oracle:insurance_policy_administration:10.1
    cpe:2.3:a:oracle:insurance_policy_administration:10.1
  • cpe:2.3:a:oracle:insurance_policy_administration:10.2
    cpe:2.3:a:oracle:insurance_policy_administration:10.2
  • cpe:2.3:a:oracle:insurance_policy_administration:11.0
    cpe:2.3:a:oracle:insurance_policy_administration:11.0
  • cpe:2.3:a:oracle:insurance_rules_palette:10.0
    cpe:2.3:a:oracle:insurance_rules_palette:10.0
  • cpe:2.3:a:oracle:insurance_rules_palette:10.1
    cpe:2.3:a:oracle:insurance_rules_palette:10.1
  • cpe:2.3:a:oracle:insurance_rules_palette:10.2
    cpe:2.3:a:oracle:insurance_rules_palette:10.2
  • cpe:2.3:a:oracle:insurance_rules_palette:11.0
    cpe:2.3:a:oracle:insurance_rules_palette:11.0
  • cpe:2.3:a:oracle:insurance_rules_palette:11.1
    cpe:2.3:a:oracle:insurance_rules_palette:11.1
  • Oracle JD Edwards EnterpriseOne Tools 9.2
    cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2
  • cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0
    cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0
  • cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0
    cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0
  • cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0
    cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0
  • Oracle MySQL Enterprise Monitor 3.4.2.4181
    cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.2.4181
  • cpe:2.3:a:oracle:peoplesoft_enterprise_fin_install:9.2
    cpe:2.3:a:oracle:peoplesoft_enterprise_fin_install:9.2
  • cpe:2.3:a:oracle:policy_automation:10.4.7
    cpe:2.3:a:oracle:policy_automation:10.4.7
  • cpe:2.3:a:oracle:policy_automation:12.1.0
    cpe:2.3:a:oracle:policy_automation:12.1.0
  • cpe:2.3:a:oracle:policy_automation:12.1.1
    cpe:2.3:a:oracle:policy_automation:12.1.1
  • cpe:2.3:a:oracle:policy_automation:12.2.0
    cpe:2.3:a:oracle:policy_automation:12.2.0
  • cpe:2.3:a:oracle:policy_automation:12.2.1
    cpe:2.3:a:oracle:policy_automation:12.2.1
  • cpe:2.3:a:oracle:policy_automation:12.2.2
    cpe:2.3:a:oracle:policy_automation:12.2.2
  • cpe:2.3:a:oracle:policy_automation:12.2.3
    cpe:2.3:a:oracle:policy_automation:12.2.3
  • cpe:2.3:a:oracle:policy_automation:12.2.4
    cpe:2.3:a:oracle:policy_automation:12.2.4
  • cpe:2.3:a:oracle:policy_automation:12.2.5
    cpe:2.3:a:oracle:policy_automation:12.2.5
  • cpe:2.3:a:oracle:policy_automation:12.2.6
    cpe:2.3:a:oracle:policy_automation:12.2.6
  • cpe:2.3:a:oracle:policy_automation:12.2.7
    cpe:2.3:a:oracle:policy_automation:12.2.7
  • cpe:2.3:a:oracle:policy_automation:12.2.8
    cpe:2.3:a:oracle:policy_automation:12.2.8
  • cpe:2.3:a:oracle:policy_automation:12.2.9
    cpe:2.3:a:oracle:policy_automation:12.2.9
  • cpe:2.3:a:oracle:policy_automation:12.2.10
    cpe:2.3:a:oracle:policy_automation:12.2.10
  • cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6
    cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6
  • cpe:2.3:a:oracle:policy_automation_for_mobile_devices:10.4.7
    cpe:2.3:a:oracle:policy_automation_for_mobile_devices:10.4.7
  • cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.1.0
    cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.1.0
  • cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.1.1
    cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.1.1
  • cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.0
    cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.0
  • cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.1
    cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.1
  • cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.2
    cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.2
  • cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.3
    cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.3
  • cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.4
    cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.4
  • cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.5
    cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.5
  • cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.6
    cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.6
  • cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.7
    cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.7
  • cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.8
    cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.8
  • cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.9
    cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.9
  • cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.10
    cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.10
  • cpe:2.3:a:oracle:retail_clearance_optimization_engine:14.0.5
    cpe:2.3:a:oracle:retail_clearance_optimization_engine:14.0.5
  • cpe:2.3:a:oracle:retail_extract_transform_and_load:13.0
    cpe:2.3:a:oracle:retail_extract_transform_and_load:13.0
  • cpe:2.3:a:oracle:retail_extract_transform_and_load:13.1
    cpe:2.3:a:oracle:retail_extract_transform_and_load:13.1
  • cpe:2.3:a:oracle:retail_extract_transform_and_load:13.2
    cpe:2.3:a:oracle:retail_extract_transform_and_load:13.2
  • cpe:2.3:a:oracle:retail_integration_bus:14.0.0
    cpe:2.3:a:oracle:retail_integration_bus:14.0.0
  • cpe:2.3:a:oracle:retail_integration_bus:14.1.0
    cpe:2.3:a:oracle:retail_integration_bus:14.1.0
  • Oracle Retail Integration Bus 15.0
    cpe:2.3:a:oracle:retail_integration_bus:15.0
  • cpe:2.3:a:oracle:retail_integration_bus:16.0
    cpe:2.3:a:oracle:retail_integration_bus:16.0
  • cpe:2.3:a:oracle:retail_open_commerce_platform:5.3.0
    cpe:2.3:a:oracle:retail_open_commerce_platform:5.3.0
  • cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.0
    cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.0
  • Oracle Retail Open Commerce Platform 6.0.1
    cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.1
  • cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3
    cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3
  • Oracle Siebel UI Framework 18.7
    cpe:2.3:a:oracle:siebel_ui_framework:18.7
  • Oracle Siebel UI Framework 18.8
    cpe:2.3:a:oracle:siebel_ui_framework:18.8
  • Oracle Siebel UI Framework 18.9
    cpe:2.3:a:oracle:siebel_ui_framework:18.9
  • Oracle SOA Suite 12.1.3.0.0
    cpe:2.3:a:oracle:soa_suite:12.1.3.0.0
  • cpe:2.3:a:oracle:soa_suite:12.2.2.0.0
    cpe:2.3:a:oracle:soa_suite:12.2.2.0.0
  • cpe:2.3:a:oracle:tape_library_acsls:8.4
    cpe:2.3:a:oracle:tape_library_acsls:8.4
  • cpe:2.3:a:oracle:utilities_work_and_asset_management:1.9.1.2.12
    cpe:2.3:a:oracle:utilities_work_and_asset_management:1.9.1.2.12
CVSS
Base: 7.5 (as of 24-04-2017 - 13:37)
Impact:
Exploitability:
CWE CWE-502
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Misc.
    NASL id ORACLE_SECURE_GLOBAL_DESKTOP_JAN_2018_CPU.NASL
    description The version of Oracle Secure Global Desktop installed on the remote host is 5.3 and is missing a security patch from the January 2018 Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities: - The included OpenSSL library has a off-by-one out-of-bounds read flaw within the X509v3_addr_get_afi() function of crypto/x509v3/v3_addr.c when handling the IPAddressFamily extension of X.509 certificates. A content-dependent attacker, with a specially crafted request, could potentially read limited memory information. (CVE-2017-3735) - The included OpenSSL library has a carry propagating flaw within the bn_sqrx8x_internal() function in crypto/bn/asm/x86_64-mont5.pl when handling RSA / DSA encryption. A content-dependent attacker, with a specially crafted request, could potentially determine the private key. (CVE-2017-3736) - The included Apache Log4j contains a flaw due to improper validation of log events before deserializing. A remote attacker, with a specially crafted log event, could potentially execute arbitrary script code. (CVE-2017-5645)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 106199
    published 2018-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106199
    title Oracle Secure Global Desktop Multiple Vulnerabilities (January 2018 CPU)
  • NASL family Misc.
    NASL id ORACLE_ENTERPRISE_MANAGER_JUL_2018_CPU.NASL
    description The version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by multiple vulnerabilities in the Enterprise Manager Base Platform component.
    last seen 2019-02-21
    modified 2018-12-21
    plugin id 111152
    published 2018-07-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111152
    title Oracle Enterprise Manager Cloud Control Multiple Vulnerabilities (July 2018 CPU)
  • NASL family Junos Local Security Checks
    NASL id JUNIPER_SPACE_JSA_10838.NASL
    description According to its self-reported version number, the remote Junos Space version is prior to 17.2R1. It is, therefore, affected by multiple vulnerabilities.
    last seen 2019-02-21
    modified 2018-08-03
    plugin id 108520
    published 2018-03-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=108520
    title Juniper Junos Space < 17.2R1 Multiple Vulnerabilities (JSA10838)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-2808.NASL
    description An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix(es) : * It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645) * A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970) * It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information. (CVE-2015-6644) * It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the 'InResponseTo' field in the response. (CVE-2017-2582) * It was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). (CVE-2017-7536) The CVE-2017-2582 issue was discovered by Hynek Mlnarik (Red Hat) and the CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat).
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 103526
    published 2017-09-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=103526
    title RHEL 7 : JBoss EAP (RHSA-2017:2808)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-2809.NASL
    description An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix(es) : * It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645) * A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970) * It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information. (CVE-2015-6644) * It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the 'InResponseTo' field in the response. (CVE-2017-2582) * It was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). (CVE-2017-7536) The CVE-2017-2582 issue was discovered by Hynek Mlnarik (Red Hat) and the CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat).
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 103527
    published 2017-09-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=103527
    title RHEL 6 : JBoss EAP (RHSA-2017:2809)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-2811.NASL
    description An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2). With this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.0.8. Refer to the JBoss Enterprise Application Platform 7.0.8 Release Notes, linked to in the References section, for information on the most significant bug fixes and enhancements included in this release. Security Fix(es) : * It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645) * A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970) * It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information. (CVE-2015-6644) * It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the 'InResponseTo' field in the response. (CVE-2017-2582) * It was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). (CVE-2017-7536) The CVE-2017-2582 issue was discovered by Hynek Mlnarik (Red Hat) and the CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat).
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 103500
    published 2017-09-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=103500
    title RHEL 6 / 7 : eap7-jboss-ec2-eap (RHSA-2017:2811)
  • NASL family CGI abuses
    NASL id MYSQL_ENTERPRISE_MONITOR_3_4_8.NASL
    description According to its self-reported version, the MySQL Enterprise Monitor application running on the remote host is 3.4.x prior to 3.4.8, or 4.0.x prior to 4.0.5, or 8.0.x prior to 8.0.1. It is, therefore, affected by multiple vulnerabilities as noted in the July 2018 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additional information. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2018-12-21
    plugin id 111593
    published 2018-08-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111593
    title MySQL Enterprise Monitor 3.4.x < 3.4.8 / 4.0.x < 4.0.5 / 8.0.x < 8.0.1 Multiple Vulnerabilities (July 2018 CPU)
  • NASL family Misc.
    NASL id ORACLE_IDENTITY_MANAGEMENT_CPU_OCT_2018.NASL
    description The remote host is missing the October 2018 Critical Patch Update for Oracle Identity Manager. It is, therefore, affected by multiple vulnerabilities as described in the October 2018 critical patch update advisory : - An unspecified vulnerability in the Oracle Identity Management Suite in the Suite Level Patch Issues (Apache Log4j) subcomponent could allow an unauthenticated, remote attacker with network access via HTTP to compromise Oracle Identity Management Suite. (CVE-2017-5645) - An unspecified vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware in the Advanced Console subcomponent could allow an unauthenticated, remote attacker with network access via HTTP to compromise Oracle Identity Manager. (CVE-2018-3179) - An unspecified vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware in the Installer (jackson-databind) subcomponent could allow an unauthenticated, remote attacker with network access via HTTP to compromise Oracle Identity Manager. (CVE-2017-15095) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2018-12-13
    plugin id 118330
    published 2018-10-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118330
    title Oracle Identity Manager Multiple Vulnerabilities (October 2018 CPU)
  • NASL family Windows
    NASL id ORACLE_BI_PUBLISHER_OCT_2018_CPU.NASL
    description The version of Oracle Business Intelligence Publisher running on the remote host is 11.1.1.7.x prior to 11.1.1.7.181016, 11.1.1.9.x prior to 11.1.1.9.181016, 12.2.1.3.x prior to 12.2.1.3.181016, or 12.2.1.4.x prior to 12.2.1.4.181016. It is, therefore, affected by multiple vulnerabilities as noted in the October 2018 Critical Patch Update advisory: - A deserialization vulnerability exists in Apache Log4j 2.x before 2.8.2. An unauthenticated, remote attacker can exploit this, via a specially crafted binary, to execute arbitrary code on the target host (CVE-2017-5645). - An information disclosure vulnerability exists in Analytics Server, Oracle BI Publisher.Supported version affected is 12.2.1.3.0 An unauthenticated, remote attacker can exploit this, via HTTP, to disclose potentially sensitive information. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Business Intelligence Enterprise Edition, attacks may significantly impact additional products (CVE-2018-3204). - A deserialization vulnerability exists in Apache Batik 1.x before 1.10 due to subclass of `AbstractDocument`. An unauthenticated, remote attacker can exploit this, via deserializing subclass of `AbstractDocument`, to execute arbitrary code on the target host (CVE-2018-8013). Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2019-01-03
    plugin id 120948
    published 2019-01-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120948
    title Oracle Business Intelligence Publisher Multiple Vulnerabilities (October 2018 CPU)
  • NASL family Web Servers
    NASL id ORACLE_HTTP_SERVER_CPU_JAN_2018.NASL
    description The version of Oracle HTTP Server installed on the remote host is affected by multiple vulnerabilities as noted in the January 2018 CPU advisory.
    last seen 2019-02-21
    modified 2019-01-25
    plugin id 106299
    published 2018-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106299
    title Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (January 2018 CPU)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-B8358CDA24.NASL
    description Security fix for CVE-2017-5645 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-02-02
    plugin id 101708
    published 2017-07-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101708
    title Fedora 26 : log4j12 (2017-b8358cda24)
  • NASL family Misc.
    NASL id ORACLE_WEBLOGIC_SERVER_CPU_APR_2018.NASL
    description The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 109201
    published 2018-04-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109201
    title Oracle WebLogic Server Multiple Vulnerabilities (April 2018 CPU)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-511EBFA8A3.NASL
    description Security fix for CVE-2017-5645 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-02-01
    plugin id 99955
    published 2017-05-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99955
    title Fedora 25 : log4j (2017-511ebfa8a3)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2017-2423.NASL
    description An update for log4j is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Log4j is a tool to help the programmer output log statements to a variety of output targets. Security Fix(es) : * It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 102878
    published 2017-09-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102878
    title CentOS 7 : log4j (CESA-2017:2423)
  • NASL family Web Servers
    NASL id SUN_JAVA_WEB_SERVER_7_0_27.NASL
    description According to its self-reported version, the Oracle iPlanet Web Server (formerly known as Sun Java System Web Server) running on the remote host is 7.0.x prior to 7.0.27 Patch 26834070. It is, therefore, affected by an unspecified vulnerability in the Network Security Services (NSS) library with unknown impact.
    last seen 2019-02-21
    modified 2018-08-03
    plugin id 106349
    published 2018-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106349
    title Oracle iPlanet Web Server 7.0.x < 7.0.27 NSS Unspecified Vulnerability (January 2018 CPU)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-2638.NASL
    description An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2). With this update, the jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 6.4.17. Security Fix(es) : * It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645) * A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664) * A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525) Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 103044
    published 2017-09-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=103044
    title RHEL 6 : jboss-ec2-eap (RHSA-2017:2638)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-2635.NASL
    description An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix(es) : * It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645) * A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664) * A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525) Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 103041
    published 2017-09-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=103041
    title RHEL 6 : JBoss EAP (RHSA-2017:2635)
  • NASL family Misc.
    NASL id ORACLE_OATS_CPU_JUL_2018.NASL
    description The version of Oracle Application Testing Suite installed on the remote host is affected by multiple vulnerabilities : - A remote code execution vulnerability exists in Apache Log4j 2.x before 2.8.2 due to the ability to receive serialized log events from another application. An unauthenticated, remote attacker can exploit this, via a specially crafted message, to execute arbitrary code on the remote host. (CVE-2017-5645) - A remote code execution vulnerability exists in Spring Framework due to the exposure of STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. An unauthenticated, remote attacker can exploit this, via a specially crafted message, to execute arbitrary code on the remote host. (CVE-2018-1275)
    last seen 2019-02-21
    modified 2018-09-17
    plugin id 111210
    published 2018-07-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111210
    title Oracle Application Testing Suite Multiple Vulnerabilities (April / July 2018 CPU)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2017-1214.NASL
    description According to the version of the log4j package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-14
    plugin id 103072
    published 2017-09-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=103072
    title EulerOS 2.0 SP2 : log4j (EulerOS-SA-2017-1214)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2017-2423.NASL
    description From Red Hat Security Advisory 2017:2423 : An update for log4j is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Log4j is a tool to help the programmer output log statements to a variety of output targets. Security Fix(es) : * It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)
    last seen 2019-02-21
    modified 2018-07-25
    plugin id 102345
    published 2017-08-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102345
    title Oracle Linux 7 : log4j (ELSA-2017-2423)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-2CCFBD650A.NASL
    description Security fix for CVE-2017-5645 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-02-01
    plugin id 99988
    published 2017-05-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99988
    title Fedora 24 : log4j (2017-2ccfbd650a)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-11EDC0D6C3.NASL
    description Security fix for CVE-2017-5645 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-02-01
    plugin id 101576
    published 2017-07-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101576
    title Fedora 26 : log4j (2017-11edc0d6c3)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-2423.NASL
    description An update for log4j is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Log4j is a tool to help the programmer output log statements to a variety of output targets. Security Fix(es) : * It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 102348
    published 2017-08-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102348
    title RHEL 7 : log4j (RHSA-2017:2423)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2017-1213.NASL
    description According to the version of the log4j package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-14
    plugin id 103071
    published 2017-09-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=103071
    title EulerOS 2.0 SP1 : log4j (EulerOS-SA-2017-1213)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-7E0FF7F73A.NASL
    description Security fix for CVE-2017-5645 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-02-02
    plugin id 100745
    published 2017-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100745
    title Fedora 24 : log4j12 (2017-7e0ff7f73a)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-3399.NASL
    description An update is now available for Red Hat JBoss Enterprise Application Platform 5 for Red Hat Enterprise Linux 5 and Red Hat JBoss Enterprise Application Platform 5 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This asynchronous patch is a security update for log4j package in Red Hat JBoss Enterprise Application Platform 5.2.0. Security Fix(es) : * It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 105209
    published 2017-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105209
    title RHEL 6 : JBoss EAP (RHSA-2017:3399)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-2637.NASL
    description An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix(es) : * It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645) * A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664) * A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525) Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.
    last seen 2019-02-21
    modified 2018-07-27
    plugin id 103043
    published 2017-09-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=103043
    title RHEL 5 : JBoss EAP (RHSA-2017:2637)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-1801.NASL
    description An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6 and Red Hat JBoss Web Server 3.1 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 1 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Security Fix(es) : * It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645) * A vulnerability was discovered in tomcat's handling of pipelined requests when 'Sendfile' was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647) * A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664) * A vulnerability was discovered in tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application. (CVE-2017-5648)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 112177
    published 2018-08-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=112177
    title RHEL 6 / 7 : Red Hat JBoss Web Server 3.1.0 Service Pack 1 (RHSA-2017:1801)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-2636.NASL
    description An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix(es) : * It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645) * A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664) * A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525) Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 103042
    published 2017-09-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=103042
    title RHEL 7 : JBoss EAP (RHSA-2017:2636)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20170807_LOG4J_ON_SL7_X.NASL
    description Security Fix(es) : - It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)
    last seen 2019-02-21
    modified 2018-12-27
    plugin id 102666
    published 2017-08-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102666
    title Scientific Linux Security Update : log4j on SL7.x (noarch)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-8348115ACD.NASL
    description Security fix for CVE-2017-5645 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-02-02
    plugin id 100746
    published 2017-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100746
    title Fedora 25 : log4j12 (2017-8348115acd)
redhat via4
advisories
  • bugzilla
    id 1443635
    title CVE-2017-5645 log4j: Socket receiver deserialization vulnerability
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhba:tst:20150364001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhba:tst:20150364002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhba:tst:20150364003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20150364004
    • OR
      • AND
        • comment log4j is earlier than 0:1.2.17-16.el7_4
          oval oval:com.redhat.rhsa:tst:20172423005
        • comment log4j is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20172423006
      • AND
        • comment log4j-javadoc is earlier than 0:1.2.17-16.el7_4
          oval oval:com.redhat.rhsa:tst:20172423009
        • comment log4j-javadoc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20172423010
      • AND
        • comment log4j-manual is earlier than 0:1.2.17-16.el7_4
          oval oval:com.redhat.rhsa:tst:20172423007
        • comment log4j-manual is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20172423008
    rhsa
    id RHSA-2017:2423
    released 2017-08-07
    severity Important
    title RHSA-2017:2423: log4j security update (Important)
  • rhsa
    id RHSA-2017:1417
  • rhsa
    id RHSA-2017:1801
  • rhsa
    id RHSA-2017:1802
  • rhsa
    id RHSA-2017:2633
  • rhsa
    id RHSA-2017:2635
  • rhsa
    id RHSA-2017:2636
  • rhsa
    id RHSA-2017:2637
  • rhsa
    id RHSA-2017:2638
  • rhsa
    id RHSA-2017:2808
  • rhsa
    id RHSA-2017:2809
  • rhsa
    id RHSA-2017:2810
  • rhsa
    id RHSA-2017:2811
  • rhsa
    id RHSA-2017:2888
  • rhsa
    id RHSA-2017:2889
  • rhsa
    id RHSA-2017:3244
  • rhsa
    id RHSA-2017:3399
  • rhsa
    id RHSA-2017:3400
rpms
  • log4j-0:1.2.17-16.el7_4
  • log4j-javadoc-0:1.2.17-16.el7_4
  • log4j-manual-0:1.2.17-16.el7_4
refmap via4
bid 97702
confirm
misc https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
sectrack
  • 1040200
  • 1041294
Last major update 24-04-2017 - 20:32
Published 17-04-2017 - 17:59
Last modified 18-06-2019 - 20:15
Back to Top