Linux Distros Unpatched Vulnerability : CVE-2023-26464

🗓️ 05 Mar 2025 00:00:00Reported by TenableType

Unpatched vulnerability CVE-2023-26464 affects Linux/Unix packages with no vendor patch available.

Reporter	Title	Published	Views	Family All 73
IBM Security Bulletins	Security Bulletin: IBM Jazz for Service Management is vulnerable due to issues in JDOM, Apache Log4j 1.x, Apache ActiveMQ and Apache Camel	24 Jun 202511:53	–	ibm
IBM Security Bulletins	Security Bulletin: An IBM QRadar SIEM SNMP protocol is vulnerable to a denial of service, SQL injection and could allow a remote attacker to execute arbitrary code on the system.	15 May 202408:35	–	ibm
IBM Security Bulletins	Security Bulletin: TADDM is vulnerable to a denial of service vulnerability in Apache-Log4j (CVE-2023-26464)	23 Mar 202318:03	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Spectrum Control is vulnerable to weakness related to Apache Log4j	23 Jun 202310:37	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Log4j affects IBM Integrated Analytics System [CVE-2023-26464]	28 Sep 202415:27	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Apache Log4j affects IBM Security Access Manager for Enterprise Single Sign-On	25 Jul 202304:26	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability from log4j-1.2.16.jar affect IBM Operations Analytics - Log Analysis (CVE-2023-26464)	25 May 202306:50	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Content Navigator is affected by Log4J 1.2.14	7 May 202613:31	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Log4j affects IBM Cloud Pak for Data Systems 1.0 (CPDS 1.0) [CVE-2023-26464]	7 May 202506:19	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Apache Log4j	2 May 202322:11	–	ibm

Source	Link
access	www.access.redhat.com/security/cve/cve-2023-26464
ubuntu	www.ubuntu.com/security/CVE-2023-26464
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(226295);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/09/29");

  script_cve_id("CVE-2023-26464");

  script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2023-26464");

  script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
  script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.

  - ** UNSUPPORTED WHEN ASSIGNED ** When using the Chainsaw or SocketAppender components with Log4j 1.x on JRE
    less than 1.7, an attacker that manages to cause a logging entry involving a specially-crafted (ie, deeply
    nested) hashmap or hashtable (depending on which logging component is in use) to be processed could
    exhaust the available memory in the virtual machine and achieve Denial of Service when the object is
    deserialized. This issue affects Apache Log4j before 2. Affected users are recommended to update to Log4j
    2.x. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
    (CVE-2023-26464)

Note that Nessus relies on the presence of the package as reported by the vendor.");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2023-26464");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/CVE-2023-26464");
  script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-26464");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2023-26464");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/03/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/03/05");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:7");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache-log4j1.2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:log4j");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:log4j-javadoc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:log4j-manual");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:log4j");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:log4j-javadoc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:log4j-manual");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("set_linux_os_id.nasl", "ssh_get_info2.nasl");
  script_require_keys("Host/OS/identifier", "Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched");
  script_require_ports("Host/OS/CentOS Linux-7", "Host/OS/Red Hat Enterprise Linux-6", "Host/OS/Red Hat Enterprise Linux-7", "Host/OS/Ubuntu Linux-14.04", "Host/OS/Ubuntu Linux-16.04", "Host/OS/Ubuntu Linux-18.04", "Host/OS/Ubuntu Linux-20.04");

  exit(0);
}

if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/CentOS/rpm-list")) && empty_or_null(get_one_kb_item("Host/Debian/dpkg-l")) && empty_or_null(get_one_kb_item("Host/RedHat/rpm-list"))) audit(AUDIT_PACKAGE_LIST_MISSING);

include('linux_unpatched.inc');

var distro_constraints_array = {
  "Ubuntu Linux-14.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "14.04",
        "pkgs": [
          {"reference": "liblog4j1.2-java"},
          {"reference": "liblog4j1.2-java-doc"}
        ]
      }
    ]
  },
  "Ubuntu Linux-16.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "16.04",
        "pkgs": [
          {"reference": "apache-log4j1.2"}
        ]
      }
    ]
  },
  "Ubuntu Linux-18.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "18.04",
        "pkgs": [
          {"reference": "apache-log4j1.2"}
        ]
      }
    ]
  },
  "Ubuntu Linux-20.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "20.04",
        "pkgs": [
          {"reference": "apache-log4j1.2"}
        ]
      }
    ]
  },
  "CentOS Linux-7": {
    "package_manager": "rpm-list",
    "constraints": [
      {
        "release": "7",
        "pkgs": [
          {"reference": "log4j"},
          {"reference": "log4j-javadoc"},
          {"reference": "log4j-manual"}
        ]
      }
    ]
  },
  "Red Hat Enterprise Linux-6": {
    "package_manager": "rpm-list",
    "constraints": [
      {
        "release": "6",
        "pkgs": [
          {"reference": "log4j"},
          {"reference": "log4j-javadoc"},
          {"reference": "log4j-manual"}
        ]
      }
    ]
  },
  "Red Hat Enterprise Linux-7": {
    "package_manager": "rpm-list",
    "constraints": [
      {
        "release": "7",
        "pkgs": [
          {"reference": "log4j"},
          {"reference": "log4j-javadoc"},
          {"reference": "log4j-manual"}
        ]
      }
    ]
  }
};

var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);

if (!empty_or_null(report))
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : report
  );
  exit(0);
}
else
{
  audit(AUDIT_HOST_NOT, 'affected');
}

29 Sep 2025 00:00Current

6.8Medium risk

Vulners AI Score6.8

CVSS 3.17.5

EPSS0.00125

SSVC