Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.LOG4J_LOG4SHELL_SIP_INVITE.NBIN
HistoryDec 12, 2021 - 12:00 a.m.

SIP Script Remote Command Execution via log4shell

2021-12-1200:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
86
JSON

The remote host appears to be running SIP. SIP itself is not vulnerable to Log4Shell; however, the SIP application could potentially be affected if it attempts to log packet data via a vulnerable log4j library.

A negative result from this plugin does not prove conclusively that the remote system is not affected by Log4Shell, only that any scripts the SIP proxy may be running do not create the conditions that are exploitable via the Log4Shell flaw.

Binary data log4j_log4shell_sip_invite.nbin
VendorProductVersionCPE
apachelog4jcpe:/a:apache:log4j
JSON