Linux Distros Unpatched Vulnerability : CVE-2023-31038

🗓️ 05 Mar 2025 00:00:00Reported by TenableType

Linux systems vulnerable to SQL injection in Log4cxx's ODBC appender, update recommended.

Reporter	Title	Published	Views	Family All 18
Circl	CVE-2023-31038	5 Oct 202513:19	–	circl
CNNVD	Apache Log4cxx SQL注入漏洞	8 May 202300:00	–	cnnvd
CVE	CVE-2023-31038	8 May 202308:54	–	cve
Cvelist	CVE-2023-31038 Apache Log4cxx: SQL injection when using ODBC appender	8 May 202308:54	–	cvelist
Debian CVE	CVE-2023-31038	8 May 202308:54	–	debiancve
EUVD	EUVD-2023-35375	3 Oct 202520:07	–	euvd
NVD	CVE-2023-31038	8 May 202309:15	–	nvd
OSV	DEBIAN-CVE-2023-31038	8 May 202309:15	–	osv
OSV	OPENSUSE-SU-2024:13545-1 liblog4cxx-devel-1.1.0-1.1 on GA media	15 Jun 202400:00	–	osv
OSV	UBUNTU-CVE-2023-31038	8 May 202309:15	–	osv

Source	Link
security-tracker	www.security-tracker.debian.org/tracker/CVE-2023-31038
ubuntu	www.ubuntu.com/security/CVE-2023-31038
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(226714);
  script_version("1.8");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/05/21");

  script_cve_id("CVE-2023-31038");

  script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2023-31038");

  script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
  script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.

  - SQL injection in Log4cxx when using the ODBC appender to send log messages to a database. No fields sent
    to the database were properly escaped for SQL injection. This has been the case since at least version
    0.9.0(released 2003-08-06) Note that Log4cxx is a C++ framework, so only C++ applications are affected.
    Before version 1.1.0, the ODBC appender was automatically part of Log4cxx if the library was found when
    compiling the library. As of version 1.1.0, this must be both explicitly enabled in order to be compiled
    in. Three preconditions must be met for this vulnerability to be possible: 1. Log4cxx compiled with ODBC
    support(before version 1.1.0, this was auto-detected at compile time) 2. ODBCAppender enabled for logging
    messages to, generally done via a config file 3. User input is logged at some point. If your application
    does not have user input, it is unlikely to be affected. Users are recommended to upgrade to version 1.1.0
    which properly binds the parameters to the SQL statement, or migrate to the new DBAppender class which
    supports an ODBC connection in addition to other databases. Note that this fix does require a
    configuration file update, as the old configuration files will not configure properly. An example is shown
    below, and more information may be found in the Log4cxx documentation on the ODBCAppender. Example of old
    configuration snippet: <appender name=SqlODBCAppender class=ODBCAppender> <param name=sql
    value=INSERT INTO logs (message) VALUES ('%m') /> ... other params here ... </appender> The migrated
    configuration snippet with new ColumnMapping parameters: <appender name=SqlODBCAppender
    class=ODBCAppender> <param name=sql value=INSERT INTO logs (message) VALUES (?) /> <param
    name=ColumnMapping value=message/> ... other params here ... </appender> (CVE-2023-31038)

Note that Nessus relies on the presence of the package as reported by the vendor.");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-31038");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/CVE-2023-31038");
  script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:U/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:U/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-31038");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/05/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/03/05");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:22.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:24.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:25.04");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:25.10");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:11.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:12.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:log4cxx");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:log4cxx");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025-2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("set_linux_os_id.nasl", "ssh_get_info2.nasl");
  script_require_keys("Host/OS/identifier", "Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched");
  script_require_ports("Host/OS/Debian Linux-11", "Host/OS/Debian Linux-12", "Host/OS/Ubuntu Linux-14.04", "Host/OS/Ubuntu Linux-16.04", "Host/OS/Ubuntu Linux-18.04", "Host/OS/Ubuntu Linux-20.04", "Host/OS/Ubuntu Linux-22.04", "Host/OS/Ubuntu Linux-24.04", "Host/OS/Ubuntu Linux-25.04", "Host/OS/Ubuntu Linux-25.10");

  exit(0);
}

if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l"))) audit(AUDIT_PACKAGE_LIST_MISSING);

include('linux_unpatched.inc');

var distro_constraints_array = {
  "Debian Linux-12": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "12",
        "pkgs": [
          {"reference": "liblog4cxx-dev"},
          {"reference": "liblog4cxx-doc"},
          {"reference": "liblog4cxx15"}
        ]
      }
    ]
  },
  "Debian Linux-11": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "11",
        "pkgs": [
          {"reference": "liblog4cxx-dev"},
          {"reference": "liblog4cxx-doc"},
          {"reference": "liblog4cxx11"}
        ]
      }
    ]
  },
  "Ubuntu Linux-14.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "14.04",
        "pkgs": [
          {"reference": "log4cxx"}
        ]
      }
    ]
  },
  "Ubuntu Linux-16.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "16.04",
        "pkgs": [
          {"reference": "log4cxx"}
        ]
      }
    ]
  },
  "Ubuntu Linux-18.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "18.04",
        "pkgs": [
          {"reference": "log4cxx"}
        ]
      }
    ]
  },
  "Ubuntu Linux-20.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "20.04",
        "pkgs": [
          {"reference": "log4cxx"}
        ]
      }
    ]
  },
  "Ubuntu Linux-22.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "22.04",
        "pkgs": [
          {"reference": "log4cxx"}
        ]
      }
    ]
  },
  "Ubuntu Linux-24.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "24.04",
        "pkgs": [
          {"reference": "log4cxx"}
        ]
      }
    ]
  },
  "Ubuntu Linux-25.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "25.04",
        "pkgs": [
          {"reference": "log4cxx"}
        ]
      }
    ]
  },
  "Ubuntu Linux-25.10": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "25.10",
        "pkgs": [
          {"reference": "log4cxx"}
        ]
      }
    ]
  }
};

var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);

if (!empty_or_null(report))
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : report
  );
  exit(0);
}
else
{
  audit(AUDIT_HOST_NOT, 'affected');
}

21 May 2026 00:00Current

7.2High risk

Vulners AI Score7.2

CVSS 3.18.8

EPSS0.00985

SSVC

linux vulnerability issue sql injection log4cxx odbc appender update recommended migration configuration