Lucene search

graylog -- remote code execution in log4j from user-controlled log input

🗓️ 14 Nov 2021 00:00:00Reported by FreeBSDType

Log4j 2.15.0 incomplete fix for CVE-2021-4422

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 199
IBM Security Bulletins	Security Bulletin: IBM MQ Blockchain bridge dependencies are vulnerable to an issue in Apache Log4j (CVE-2021-45046)	20 Dec 202111:51	–	ibm
IBM Security Bulletins	Security Bulletin: Apache Log4j vulnerability impacts IBM Sterling Global Mailbox (CVE-2021-45046)	7 Feb 202211:17	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Pak for Data System 1.0 is vulnerable to arbitrary code execution due to Apache Log4j ( CVE-2021-45046)	27 Jan 202206:33	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Apache Log4j affect IBM App Connect for Manufacturing 2.0 (CVE-2021-45046)	22 Dec 202108:41	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in Apache Log4j affect IBM Db2 Web Query for i	21 Dec 202117:06	–	ibm
IBM Security Bulletins	Security Bulletin: There are multiple vulnerabilities in the Apache Log4j used in IBM® QRadar Risk Manager that may allow for remote code execution (RCE).	7 Jan 202216:37	–	ibm
IBM Security Bulletins	Security Bulletin: Apache Log4j Vulnerability Affects IBM Secure Proxy (CVE-2021-44228)	21 Dec 202104:01	–	ibm
IBM Security Bulletins	Security Bulletin: Apache Log4j Vulnerability Afffects IBM Secure Proxy (CVE-2021-45046)	21 Dec 202121:33	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Apache Log4j affects IBM Cloud Private (CVE-2021-45046)	27 Jan 202212:22	–	ibm
IBM Security Bulletins	Security Bulletin: Apache Log4j Vulnerability Affects IBM Secure External Authentication Server (CVE-2021-44228)	21 Dec 202103:55	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
FreeBSD	any	noarch	graylog	4.2.4	UNKNOWN

Source	Link
logging	www.logging.apache.org/log4j/2.x/security.html
github	www.github.com/Graylog2/graylog2-server/commit/d3e441f
github	www.github.com/Graylog2/graylog2-server/commit/dd24b85

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

14 Nov 2021 00:00Current

2.1Low risk

Vulners AI Score2.1

CVSS29.3

CVSS310

EPSS0.94381