DATABASE RESOURCES PRICING ABOUT US

{"id": "RHSA-2022:0507", "vendorId": null, "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2022:0507) Important: Red Hat JBoss Data Virtualization 6.4.8.SP2 security update", "description": "Red Hat JBoss Data Virtualization is a lean data integration solution that provides easy, real-time, and unified data access across disparate sources to multiple applications and users. JBoss Data Virtualization makes data spread across physically distinct systems - such as multiple databases, XML files, and even Hadoop systems - appear as a set of tables in a local database.\n\nThis Service Pack release of Red Hat JBoss Data Virtualization 6.4.8.SP2 (Service Pack 2) serves as a replacement for Red Hat JBoss Data Virtualization 6.4.8 and Red Hat JBoss Data Virtualization 6.4.8.SP1, and mitigates the impact of the log4j CVE's referenced in this document by removing the affected classes from the patch.\n\nNote: customers should update their EAP 6.4 installation with the corresponding security fixes that have been released for that (see RHSA-2022:0437 and https://access.redhat.com/site/solutions/625683)\n\nSecurity Fix(es):\n\n* log4j: deserialization of untrusted data in SocketServer (CVE-2019-17571)\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n* log4j: improper validation of certificate with host mismatch in SMTP appender (CVE-2020-9488)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "published": "2022-02-10T17:22:10", "modified": "2022-02-10T17:23:29", "epss": [{"cve": "CVE-2019-17571", "epss": 0.97467, "percentile": 0.99931, "modified": "2023-06-13"}, {"cve": "CVE-2020-9488", "epss": 0.0026, "percentile": 0.62378, "modified": "2023-06-06"}, {"cve": "CVE-2021-4104", "epss": 0.94101, "percentile": 0.98723, "modified": "2023-05-23"}, {"cve": "CVE-2022-23302", "epss": 0.00618, "percentile": 0.75828, "modified": "2023-06-14"}, {"cve": "CVE-2022-23305", "epss": 0.00357, "percentile": 0.68124, "modified": "2023-06-14"}, {"cve": "CVE-2022-23307", "epss": 0.01262, "percentile": 0.83687, "modified": "2023-06-14"}], "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 9.0}, "severity": "HIGH", "exploitabilityScore": 8.0, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://access.redhat.com/errata/RHSA-2022:0507", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2019-17571", "CVE-2020-9488", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "immutableFields": [], "lastseen": "2023-08-16T15:27:36", "viewCount": 63, "enchantments": {"backreferences": {"references": [{"type": "almalinux", "idList": ["ALSA-2022:0290"]}, {"type": "amazon", "idList": ["ALAS-2022-1562", "ALAS2-2022-1739"]}, {"type": "atlassian", "idList": ["ATLASSIAN:FE-7344"]}, {"type": "attackerkb", "idList": ["AKB:0B6C144F-2E5A-4D5E-B629-E45C2530CB94", "AKB:FB2F65B2-D10B-4622-AEE6-41AAD3C1E6E7"]}, {"type": "centos", "idList": ["CESA-2017:2423", "CESA-2021:5206"]}, {"type": "cert", "idList": ["VU:930724"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-1720"]}, {"type": "checkpoint_security", "idList": ["CPS:SK176865"]}, {"type": "cloudlinux", "idList": ["CLSA-2022:1642429400"]}, {"type": "cve", "idList": ["CVE-2019-17571", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2065-1:5EEFC", "DEBIAN:DSA-5020-1:32A64"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-17571", "DEBIANCVE:CVE-2020-9488", "DEBIANCVE:CVE-2021-4104", "DEBIANCVE:CVE-2022-23302", "DEBIANCVE:CVE-2022-23305", "DEBIANCVE:CVE-2022-23307"]}, {"type": "f5", "idList": ["F5:K24554520", "F5:K61529042"]}, {"type": "github", "idList": ["GHSA-2QRG-X229-3V8Q", "GHSA-FP5R-V3W9-4333"]}, {"type": "githubexploit", "idList": ["2AF7350D-AB79-5AB5-8AF9-0F351CE13D30", "342CC1B7-6E24-5767-A7B1-90B95A91B503", "3DFE8091-03AE-565B-A198-BD509784502C", "6083DCC3-CA9C-58A4-9FBC-983DF1E52584", "6DA59A94-0CD1-5357-8F01-2BF3230F9017", "958F00F1-C4FC-5213-82EA-290A530F859B", "A4A33F39-BA6F-5AC0-B72C-30F0E4D6CD56", "B5D61CFC-8A10-5D92-B72B-D002C1D7AF33", "B9B4FADB-2546-5DFD-A26E-B1FC4C07FCE7", "C2D99D6A-1A8C-5D55-BBB7-34A978AAC642", "C76F7089-967B-5A7F-B8DA-629452876A2A", "CC4175EB-3B91-5ABB-A700-84FC1105AAD5", "D298A3C8-E215-5549-B1A0-D01215070203", "E07C4625-66EE-5E09-880C-251E6273C21A", "EBBBCCE8-232D-5227-B6F8-A797B6B8D4ED"]}, {"type": "hivepro", "idList": ["HIVEPRO:205916945365E4C9EB9829951A82295A"]}, {"type": "ibm", "idList": ["023C54E1D297D5AA9E7F44F8089DE35CB079281FA1776467BF8B7A7AD4FE252E", "26DFDDEA8EB90F9881D2DF1DF2281A85874E3DEDC9CAEBB69B263FC6408C7D49", "7D41EC7322B1884F1456683D61F0429C832EB63621E340A85374D62A5B50036A", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "88B2960ACDA41F47CBFD8BC7C1E9CCA61BDAE7F4F0D0022EF5DD572B5CE173B5", "8B3A7050651CC6061B73CF1E86EE2419DD50F4F27FC07E4130D25ADDF14EFCF8", "B97713A9D1C3353360B57D1AD1EC137AB7A100FBE009625EB3FD31558B3B3304", "CE6A6F0970C169F7DBE65AA5DFCFCEC0BEA99E837906D043FD4B6D3BF7A87D67", "D4552FDC70931CD8B4AD1900AAFD91F4395F28D6E61914A873226147AFDAF729", "D64BC5FE778E62F52FAF1A558C46AB9C63D2D06A74FDE22CC1A16BB67C6A0E8C", "E8825B71ACE31BFAA5662E2357C5EEB425BA842AC21E60C761364799BFD2FEE3", "FACE47A144B851A6BB630C0FD63FA2BFBE0A19AFE0A7E1A993E530FC0BA6BE90"]}, {"type": "kaspersky", "idList": ["KLA12407"]}, {"type": "nessus", "idList": ["APACHE_LOG4J_1_2.NASL", "CENTOS_RHSA-2021-5206.NASL", "DEBIAN_DLA-2065.NASL", "DEBIAN_DLA-2852.NASL", "DEBIAN_DSA-5020.NASL", "OPENSUSE-2020-51.NASL", "OPENSUSE-2021-1612.NASL", "OPENSUSE-2021-1631.NASL", "OPENSUSE-2021-4111.NASL", "OPENSUSE-2021-4112.NASL", "ORACLELINUX_ELSA-2017-2423.NASL", "ORACLELINUX_ELSA-2021-5206.NASL", "ORACLELINUX_ELSA-2022-0290.NASL", "ORACLELINUX_ELSA-2022-9056.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_JAN_2022.NASL", "REDHAT-RHSA-2017-2423.NASL", "REDHAT-RHSA-2021-5206.NASL", "REDHAT-RHSA-2021-5269.NASL", "SUSE_SU-2021-14866-1.NASL", "SUSE_SU-2021-4111-1.NASL", "SUSE_SU-2021-4112-1.NASL", "SUSE_SU-2021-4115-1.NASL", "SUSE_SU-2022-0212-1.NASL", "SUSE_SU-2022-0214-1.NASL", "SUSE_SU-2022-14881-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310892065"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2021"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-5206", "ELSA-2022-0290", "ELSA-2022-9056"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:3FADA4B80DBBF178154C0729CFC1358F", "QUALYSBLOG:42335884011D582222F08AEF81D70B94", "QUALYSBLOG:5059D1C3913FB6542F3283A66F9B3A43"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:18D49792276E208F17E7D64BCE2FDEF6", "RAPID7BLOG:9CB105938BDE92F573A2DE68BC20CF46"]}, {"type": "redhat", "idList": ["RHSA-2017:2423", "RHSA-2022:0289"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-9488", "RH:CVE-2021-4104", "RH:CVE-2021-44228", "RH:CVE-2022-23302", "RH:CVE-2022-23305", "RH:CVE-2022-23307"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:0051-1", "OPENSUSE-SU-2021:1612-1", "OPENSUSE-SU-2021:1631-1", "OPENSUSE-SU-2021:4111-1", "OPENSUSE-SU-2021:4112-1", "OPENSUSE-SU-2022:0214-1", "OPENSUSE-SU-2022:0226-1"]}, {"type": "symantec", "idList": ["SMNTC-19793"]}, {"type": "thn", "idList": ["THN:1D10167F5D53B2791D676CF56488D5D9", "THN:76D7572EDBE770410D6F0518DAD8B0AD"]}, {"type": "threatpost", "idList": ["THREATPOST:46837E7270195429E1D891848E911254"]}, {"type": "ubuntu", "idList": ["USN-4495-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-17571", "UB:CVE-2020-9488", "UB:CVE-2021-4104", "UB:CVE-2022-23302", "UB:CVE-2022-23305", "UB:CVE-2022-23307"]}]}, "dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2022:0290"]}, {"type": "amazon", "idList": ["ALAS-2022-1562", "ALAS-2023-1718", "ALAS2-2022-1739", "ALAS2-2022-1750"]}, {"type": "arista", "idList": ["ARISTA:0070"]}, {"type": "atlassian", "idList": ["ATLASSIAN:FE-7344", "BAM-21696", "BAM-21697", "CONFSERVER-59549", "CONFSERVER-78991", "CRUC-8529", "CWD-5802", "FE-7344", "FE-7368", "FE-7400", "JRASERVER-73885"]}, {"type": "attackerkb", "idList": ["AKB:0B6C144F-2E5A-4D5E-B629-E45C2530CB94", "AKB:FB2F65B2-D10B-4622-AEE6-41AAD3C1E6E7"]}, {"type": "centos", "idList": ["CESA-2017:2423", "CESA-2021:5206", "CESA-2022:0442"]}, {"type": "cert", "idList": ["VU:930724"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-1720"]}, {"type": "checkpoint_security", "idList": ["CPS:SK176865"]}, {"type": "cloudlinux", "idList": ["CLSA-2022:1642429400", "CLSA-2022:1643918500", "CLSA-2022:1644500972", "CLSA-2022:1655843011"]}, {"type": "cnvd", "idList": ["CNVD-2022-01775", "CNVD-2022-05785", "CNVD-2022-05852", "CNVD-2022-08370"]}, {"type": "cve", "idList": ["CVE-2019-17571", "CVE-2020-9488", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2065-1:517F5", "DEBIAN:DLA-2065-1:5EEFC", "DEBIAN:DLA-2852-1:37D89", "DEBIAN:DLA-2905-1:3AD13", "DEBIAN:DSA-4686-1:A3244", "DEBIAN:DSA-4686-1:EDCC0", "DEBIAN:DSA-5020-1:32A64"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-17571", "DEBIANCVE:CVE-2020-9488", "DEBIANCVE:CVE-2021-4104", "DEBIANCVE:CVE-2022-23302", "DEBIANCVE:CVE-2022-23305", "DEBIANCVE:CVE-2022-23307"]}, {"type": "f5", "idList": ["F5:K00322972", "F5:K15111130", "F5:K24554520", "F5:K34002344", "F5:K59563964", "F5:K61529042", "F5:K97120268"]}, {"type": "gentoo", "idList": ["GLSA-202209-02"]}, {"type": "github", "idList": ["GHSA-2QRG-X229-3V8Q", "GHSA-3W6P-8F82-GW8R", "GHSA-65FG-84F6-3JQ3", "GHSA-F7VH-QWP3-X37M", "GHSA-FP5R-V3W9-4333", "GHSA-VWQQ-5VRC-XW9H", "GHSA-W9P3-5CR8-M3JJ"]}, {"type": "githubexploit", "idList": ["2AF7350D-AB79-5AB5-8AF9-0F351CE13D30", "342CC1B7-6E24-5767-A7B1-90B95A91B503", "3DFE8091-03AE-565B-A198-BD509784502C", "6083DCC3-CA9C-58A4-9FBC-983DF1E52584", "6D4C4841-374D-5EAC-B46A-3D900E02EEDB", "6DA59A94-0CD1-5357-8F01-2BF3230F9017", "7EBB252B-ED12-585F-86E9-BE348721984E", "B9B4FADB-2546-5DFD-A26E-B1FC4C07FCE7", "C2D99D6A-1A8C-5D55-BBB7-34A978AAC642", "C76F7089-967B-5A7F-B8DA-629452876A2A", "CC4175EB-3B91-5ABB-A700-84FC1105AAD5", "D298A3C8-E215-5549-B1A0-D01215070203", "DECBAC7B-9235-5E00-81C1-142CD41306FB"]}, {"type": "hivepro", "idList": ["HIVEPRO:205916945365E4C9EB9829951A82295A"]}, {"type": "ibm", "idList": ["014D42A4B1AF0BC556DD624E07D6BCF5E9F2F23FCE02471BB3F58278DF2FF765", "023C54E1D297D5AA9E7F44F8089DE35CB079281FA1776467BF8B7A7AD4FE252E", "026861C8F37CB442AEB06F08CB67784AB6226E1C2C5830E2D4227D71E9453C5B", "04D3658F043D6F4A2AA1B2F519A7E89C112641C7C4E2E58E14BEC11BA66E803D", "053134070CB8D6609B7F157DC74146FFBCB3EBE941406A677E889C3CAF773364", "05A1D58708802BF8C1674EE32BEC4344254929330218CAD68AA838AA7F549BF7", "087CD3B8800A1EB017C933808D8D5E610496ED972CA8243894CB2435705F3CAF", "08803B708D4CA95FF8DD68A4DE7FBE7DEAA67387194E25D8CD693B135E7332D9", "08C5ED1F3E47E1FABE2752DAE40446E385D6C5EB30C70D7C739509CE04B06788", "0A02CE8F8480935E6DF427BB57D104E85B5FC8B8CBB9B30D41DA61284FC0C04F", "0AE80E7D1B92F5584C0652988A6BC58F1CE1E37349CB543C23A7BCE8C2445CCD", "0B62A979A39E5FDD103EF50E44280DC84E1DA4B8937991D39D2F70B94DE5CDC6", "0B878F5D9824E894676260088D1B44F3EEACB4DFCA20BC99A6BB6ECFC75A7972", "0CF13F8FB4FD77C6593C265FA8F397D0C4324FC1F07F86C436B4937E98B25DBF", "0E8555641D8CDA8EC9035ED3EB5F648F408D4DF211176B6798C8D8C65318F3F5", "0FEF4738C59C97322DBD25A9806D1EE3E131F117AF9CA9C33F3A6098A981AE66", "119CECCEFDE70646119DD7521398162DB4527F17D79DC46F5852AD60ADE965F6", "1657BF6406E7BEEC2F294F65B40F7FF5A51DF9737173E7634E109E2031E0AE1E", "178747CFB8042E516CF1AB34F6D530ACE1CD919FFD0DA372792B07A5E23A36DD", "18A47CF24DAFF468D1B3E48E56A7C723BAAB5077F0C1ED2DC22653DD05320A38", "1999DB7DA98AE073A34DD83F5547894F0F8C1DC9FB860A963E2002A469B5FC74", "19FC2C39014EED648C0A6D9F7F9D260C28D73DE658FD34F4EEC23ABD59034BC8", "1AEC66B946906A8F4682C35B7C619499014756DEA99B2673B7DD17DB8DFF256D", "1E3D2EA1F1DC4C649D606C67B0E6A75D48A875A0956C0348E361CA3B2CB89899", "209DDCAB6F475A868DA84DD19D31132027FF62B259B6541CA0C9859AD7CF6ED3", "210BE5BCF995033D93AD152A3413E946C87FA9E242CD051D6228488AC0FD790C", "2317B63F9B053CE76F1D936DB5288531851264E0A0B7CBCF7C27C90D007568F4", "24788EE0E98DD110216E44ED965A5D9F543670037D32B049BA08AB2FCE99954B", "261D21204C9E2060DE70CAB5932236C5EFB2EE37E8BD5A2C64CC6F1DFE9C5D11", "26DFDDEA8EB90F9881D2DF1DF2281A85874E3DEDC9CAEBB69B263FC6408C7D49", "27D05CF3EFA4803263C8E1208A1231E86FFB57D4B4143C21D96897480161D556", "28E0CB5C99EA2D9D29E76348BDEA32969117AF8D0FAE1B64E67CFEE258A643A3", "292F5BAC93F853B8BBA2A930CAE27FA661DE46B781E89708C9F85D54E38DEFC3", "29FE721AD7A4963438359EC095572AFEF72FE29D59BAFE257194EF35A48CEB4C", "2E3576FC9DB523E4FB2CBA935633AE28BB3DCBE18A90FB77A0F3E1112A899144", "2F6D6F1C528741F14485F042B34A95DE694B60A3181908A18D87FD341EB6EA6C", "30A0E9F889B3548B9BD0339A7DD9F4F3D51821FE906234D247C17BB05B831873", "30E9FB4250193CA2C5AB02F5095C96F34F2044E06280324E18E38EEFD7C1490E", "3155E4C578E235596C383461692E605196F27EF7EBE1510C68AECA994099E83C", "3182625767F77414E4F551A3C35D21062B444542453E79F9D8C2AE1D16DA1DD8", "3488E915423ECEBD3018203FEB042F8318BC4BC8817DD4B6762443657F27D739", "34C62F8C9BA8A3F48C2C371F5DC178D685A81D56716C94C7C68D95273F0299F6", "37E104987DDBCB98288C981D0121D7E0E9C8345C5AF2BCE774DAAE155427E747", "391497C0561245DDD642355186334454720532967F235718B715C33BDAC8C78A", "3C5C2DC0C6FC28CCC7819C9A096664A68AA7EC71D69523DC99D44FC54A9CDBBE", "3CBFD550ACC21F55BA277385D55E9A5728E39670190F73721EF53E5BD91FBBBF", "3FE63A3F5C5015BF12CBC5431C7DB0BF49847105404A82C433D9F62224F6903F", "417B78DA055B353E1C4296014B7B196E84BCD416F841687102400D42FF10C754", "41CB9666A88AE67D4A0558674B8CFDA62F160B6DDCBA3C10576515447887CF12", "44AB81145F56D1DFCE25BD0377256BF4F249F090106634935902C6B2AB63091D", "4D64B63A4F0E352D01AE83B8439314D9AB2CE9D2A7C6840F1B20FFB4E0BD61A3", "4D7D6CE6B9BA698BFB9B758C15E38ED5972AE720478AC2AAD2A202C6748BA969", "4E6A04B12CD0B1B6DEFA7C6ABF7649A38727A95A07B1BD211B03B0BDF4022C04", "4E77D6807CCB5F39F0079A9612FD44F47C18AEBAF1D9AA7EBBCB816C3FD025B9", "506E8C92E0B76D834A33E4AE02E5206A0ABF28570630F6E4A780D13A5238D647", "511182968CEDB172B8730661A03A2F4C78BA383091EEAD7D8936E457AE6A6443", "557FEAA9FD49A623B36AA794CBD78D1D6EA826F1C2AEA89A3A506E39C9747F0D", "55B26E0461C3762CE34B9A024103EA4D7F7AB0CCFFF0990F7B7E24F913809384", "57F982DDC8E03D61C084B264B2F96B821210E01A5741363B87BC4BC12601EF3E", "5BB3B8EF53C6357C441C8592F64A284C30E9C1D6F5379087C40684A770A870AA", "5D661EA5B801079F3B7AF6D31A8566154E3150C1E3398EC1CFA32E9398BF38D3", "5D7B9C32ADDEC5820C2B88A1E661434F8E24A1888CE3125477B6824FF3D8DA5B", "5D920E9D5E204CFD2E98E2C7018611E5EB64DCF6A6E438058868CC33565AFED5", "5EB805FBA32A419246DDD86FFCA6C34246C092FCBCD8608B3ABC4B0A77FFDAA2", "5F63ABEFB797143F56BA76FEE84E3501E931CCBDCCE79A4A8D534956DD75AF3B", "624EC50571DDA528048438572DF31F565C12E5D78AC4A7054EB0C733BB3DA3C4", "643467CC62A4AA0827E72D95EDF8439DE29D565BBC4287107E15278272180D23", "6633AEA14C5B5430B41209886E7739DD57F4002A86E88200DD915838C1355A84", "6655F0CA454D34B530E468D672328E7DE915E373D5DF7A2E41376F7E2B588F5F", "6741052F2A7BCCF76F84825C9FE706D98BCF279A0C055A783796DC802C323E13", "67888E8EA83126B823C64DF445FE590186D22B46F294306313C37B870873F831", "6840E382EE942A9397B675871CFE07C9D9D7C263A5C99161F984424E4BA0BB61", "68C9A924DE162BF93100DE379E651BE25F0603409D7A4401BB7E28C5F636BDB3", "68F256DC5E144D5A2404101E56A66160645897F9BB7E8600047077C626B2FE43", "693E0AD85F6E19F2CA7356E03CABE34515DA0B593F3C3F3144F6F403F3141066", "69C147CB642B39AA3250947FC1868ED542CC9C2C3BED4BA821CAD9BA0F178E84", "6A69ACF0EE1811481AE8E3F5E1758736876A6CCE84E1581A12FFCCD1B7CD4F30", "6B543690A90E292F8431281EAF7C8B61CA43BDF8462824FA9587CA14A4287518", "6B7E183EC35674B746DB7086B6A65F4C3CF3F256A6A5F607AE65074E1355241E", "6DF2E72D03F9AA8435A0A58D154D82EDF5203309F8C81C42E35CBC71D2A79BDD", "6FBF074F8D8E8E6000FCF6488B84CA43AEFB7DEF10B2CEFF0E7D0AE1140ADA41", "7018EA10DE2465F2CED3EBD20C60B0C8CF98504CD285795F73CA24A2863F5465", "702EA7A7270B22201B759E4304BBA64A08CC2B2DB9B31A65BFE5F7B8EE68A000", "738000B8445D724BA90A3721AA90AF1E32A31E66429EC83FA370C038A4CDE8ED", "73DEE30800CCC9325D5F1586487B2795A5B59E4F564CA3DF38C3A192975E9546", "73EAFB98AF656367DD4CBD6C4D9BDB98FBF39B358F625D93589F37D52771AA8D", "7473C0056DBBEF7C541ECDFB31E947DC1520282F5E0172B7C965A9DECA661856", "747C7023F8D283A88FE9778F37629C7BF2E2A7E5268A695905F9F28590BF76D3", "7518149B47C708BC85C48E7DCC6C884A795B049BDA62763731929AE94A2D74B5", "764D43B19DB882B179B2481514054E45C07FF586B99F1C4000C1226C3914117B", "77A5CD46FD3C6940EFC34DE8C8AA831927106A12E0E3EAC862A5D46723F4092E", "799E22A0B313A80AA913F26586384A61E5E0908C4DC4366D683B19D6B359930D", "79F27EA8D0C27492E095D11A78FA60F4F4AF9FD3E6253C90F069133418B26369", "7A1D4AFC62D444E93951F6A46CA35876DD42680BFCB9DD562AE0F80A2C338D67", "7AA351B847C7732E8B7AE01A83A77CC863325C3B53A57FDDE54F4DF8D16D14C1", "7CC29EC0FEC5AE2795B41685E99747E5F4622427116C32A61EDA1A96E00FB35D", "7CE0B3947D8196985B00E6EB61ED45938560312360058DDC3063CF3D7BE03A81", "7D41EC7322B1884F1456683D61F0429C832EB63621E340A85374D62A5B50036A", "7D4A2B8204853C2F9D7609FF18BDA1CA6FACC39361487DB8DDF6D40FB6E92420", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "7F94C5CDDDC51ECE1C166F6CE37D2771A340AF5113460E54FEB1483857799253", "8029732ED0F09752998510B9F7DF2B4B6A11EE16C2878BAB607F0FDB9C437E82", "807F02BF5D04D1D709B1D383A56D073A3E2ABB5E058B819FF145C9C80E083AF4", "822A5D5DDFBAB14222D402C61CEAC1259D980506DB6102BD80EB619551AE1961", "8379030AC78250788BA6A1EC3EE817EC994974E9473C0EECB5D7ACD3FDDA8ED6", "8387CADEEB9AD0E38758303B1E6B37B37C256D2B869802656DF93547861A6E7D", "83AD6F5CAFB9C45D9169EC79DAD316AF1A872ADE2380EB094BA1BF97BED4BFDE", "873E4E7D31B3D0678D775F72B794EC936D165E1CF0679FF3C31754D430863C36", "88B2960ACDA41F47CBFD8BC7C1E9CCA61BDAE7F4F0D0022EF5DD572B5CE173B5", "88BEF8D462F9F45D43371BBC22C02A72C821C23EF01CD835DCD90CD91B6DEFC1", "8B1D9C3BB3CE6364BD0FE7732D06F394D6218ADAB37D1876856BEEE8923DFA4A", "8B3A7050651CC6061B73CF1E86EE2419DD50F4F27FC07E4130D25ADDF14EFCF8", "8B5BD9969FEA68AF3C45FDA3DB03870CCDA9156F542B0046F1CE349090DB826D", "8D1076175653373CF0972E3AB3E49C700B9C36E8D89205B4EAF9845AB1E9DC6F", "8D902B719598684128A34639AA16F1EDF6856E69A3A9FD47AE77E5043BF92C99", "8DF9A8E408DDD53ACE9BBB12309922440D3663888328A730ADDC42264249FC7B", "8E830A705E9625551CC04A65CE871921C56AF78FC9C95A3F3F0004441F342FED", "8EFB8A654D3536DD4481500A7680D75E0B2A04D2F63C829CAE130B12A35D7ED3", "902F7607CB7B0F5850701264764BF02D898EFF65A72CDC73B37E92F64BCCBCDB", "906B64791AA71F432F14BB58CCAEE6A9622AD741C3E459C5C2594F4C546B7BA9", "91D7C6C9A5739FEE5F42D389A6790AF75591DE3F4B00792DEC9B2F9736C9AA92", "924107D9B02B18393D3A9C581C7A30F6BF2CE559C23EC57F1E3C3A0DD8F4C7FB", "92A25ACC7CA97D427DA5F098FEAD958217F50C6C07BA13888E0C08A046DD5DA3", "95B1F80B256487D0B1138355698820E492933E1B787C86EB0300B5F6C159070B", "964EE2C764F7458340F9E5F9A309885284E9AF6B8CDA79E5C6C2B4DC7B69EFA7", "9B0F66C4EFFAAF9FDB1B504C2B624740D85D778570BFE202D803740E0C99076C", "9C638946C07968147BC89DE8BAE5211C4767A334F7213E99654F7C02ADD0E910", "9D535841DFB625485F828C1AD532A5F722DFDE1766DF97C23C9B7A1E20BF46B4", "9DF953BC7DECA4AEB37E6E5B0033CA33D3284BD52F59162C055604134EA029E5", "9E08A11DD23150C79E969A8FA933F7C903468F74CE144600AC32149CD9CCC3CD", "9E6FA1F3A9A1191971251B93D23C36DEAAB0788ADEF80DBC0987592BC5E6D5C3", "9FD1AC6E7F93ABD6198F576C4AC025E8DFA5007533DBD2FE78CC5BE3497FF3D6", "A0B4098936C66E228AC654C663118F5F0E7E0914D4F2BB96A80428BB72E88742", "A0DA60B6875AE87AD557CCAE1AAF020757185304D5D1246DA18673A711319E91", "A13D8E66D7296C6851E5FD3A79983B0714CFCBDD4D8CE2D2BA543E342E028FB7", "A150C2E017839DE1F5CBC686332D12515358F881E715C75E1B2D5509C5D5362A", "A1680316198638EA55AFA837EE37AE44184E9B8BCA2B9FD668F06E417908DF87", "A3752C1A8387F15196CA7D38FEBCF0DB0EFEE9BA80E9F901A057B44A5C47F353", "A37E5717689B00C6C5250CBA163458C6583896012F223709BE3E09BF9944B0DE", "A6A496B2E032EDA1F9C9B0D3982C6A52B7D925C02D0F2EFE157394C4851AEBA7", "A6D9D4111807AA4EB0126419E70851CE3116CAE1D7000C36A1B26DAEBCF4424F", "A74B006308C9A5B8978B427A12282CE7740E5A2E6AE2BE9AA3FC87E2CC5147EF", "A8769BC2B0DB66C792D9EFA7CBEF5668B22FB52A475E194FEB169B3B4BC31FD6", "AA4341CCBA4C26885B09D2F1E2A8320B8F40F9DD2D2B4201F7C7E24199579E80", "AAB14D78054A85A0638FC4EFD7F09686429CB02C6B45FF1ECAFA55C27A050635", "AD5C7F7150FBD846C587F5FAD0D7C7B48F81990F52A351F824E5CBBBAC83F163", "AEF7A95EE3DB6896F5C04951844A71B4C94EDDD29868D0C8038CC869982B4892", "AFD7DBF6EEC4522D8263C37017B0864C1F7BAB4FBD23EC03D38B2484DE07311A", "AFFC971A929ABC4A5177F4FBA7D32B82C0ACBC71AEFBBD3E440D08B12B022B51", "B1A68CACAA6679250CA76269F03D20A3A14E734FC434CC8F824869D436C7691E", "B1E783E91A97561EE54A4BE33B7D89DFD62A0102849652E6400BEB141CD42469", "B2BF691AA266FF88FFAD2044089D57580EE40D4E84146B077C5D55063FF15586", "B431011ABF67E8DD4F4E3E4C9F9FD0B1E6E07733191BA7206314070644F2CAF0", "B47B01CFCEE320F0AE033C32D22579706D0B59585EDEDF3D908CA06FA3E92084", "B4E820AD02AFA9A6FFF21A8A1E58FC3B4CCBE776135D3A61B5EEFABE2D5E6B0F", "B5810DD31544DECD338CCD71F5C05C78B267068FE3FD01928B5545B05BEE5FA0", "B58992EA53B96C8C776B82848FDB98622967C138FC24D243C68CB7F40B73EE4E", "B5B313A73D0B335F18892EC4196F2ABB099764E6FF53E09B6A30800B58EACAB5", "B97713A9D1C3353360B57D1AD1EC137AB7A100FBE009625EB3FD31558B3B3304", "BA4185EFC85E26A08AB57ADBAA3A45DD6AD2DB5D4C5B073C7F980FF5D77C4DE0", "BBA20026A90E4F85555F0C8BD6248AE07F7DE01D687CD62F0159CF4B22E7DA25", "BCA4DDDC22FE85DAB9D2E5ADDAEAD6563E17D19717B4C182BB170A0C9FFE053A", "C2D7FDE6929D1789B9A1618D087E5DCB3FC2780B2EC1CA3CFF40FDF3AD014A8E", "C3C5FE937F9B39A4332DECDB77B6C1455F6CC418EFB6C64C1E780755E7FD1E3B", "C3CC9C6067F468B5E8ED9105BE61107CCE29495A0D130C16712741E71E88E9E5", "C5300EA28DA92FE5400667667270AEE539B4648C41D04FA7B270FB33DE4673B6", "C633E3F919C9BCD1EAFB625FB054DC01CA44ECB316E9D13E7A22A44BF1FFF391", "C69647146C8A4405C9EC9ED2FB39442FE3398CC6836DB5B0631585B94D9D4079", "C717E3C358B1EA0AC9E1701DBA722015744796BC3CBA66E7AD79D30CEB45BD60", "C95EF271B0237B71243BDA3549504EB22E0DD9DED53FF9746E19657C0AFA1DB6", "CA643463AA3DD27CF347651D7B084BEA39601B3E21A99AD0FE90A4163037F126", "CB1A96B060B639265D7CCD4E0C186EA367A7C82E1756FDF32E57D9F350AD3873", "CB2FE0501D66CCAFD24272A9B3057D9AF493BB73E63B4F14928A1DCC9D22A51B", "CBDB352135F35E50D1EDF94C431A5A57B2DE17935CB3F0D6B7B9FF3C9FE7A3B7", "CD830B69FCF725D31185573C52F166739E409761B2F08F350213C1F2D7933098", "CDB95A8580AD247B239607B2769A506C10A81055AF8F4063AA0D26A850A33B58", "CDF06F9CE941D8BA4EB50A4537C60963F9E723DC6C21E570A655A0FCA0A6764A", "CEBCA68E903EDA603D607844229DFCF4454411F02836A215BCE53BF108AD589B", "CFDD5A9C7B8C9F6AFEAF6B1C68FF8C11BEADF52EE2E731CBCD194CACB1898BD6", "D0C2BBF5E828BE52CE92F28682B6950B3B526488699E5EB08A2EE2EB5B1D4C35", "D1B56895A302CB106810B80548010A8993C467A6D8B6EA61EB430703400A5ED8", "D21F7F512A88CA9BDAC1DDEC3EC46B827F8888D53EFBD5E335A27023C7A16EB9", "D406490E70A52CFB0315F27FCD957BFAE7E7B2887A6C73BE83E3F514F1153348", "D4552FDC70931CD8B4AD1900AAFD91F4395F28D6E61914A873226147AFDAF729", "D568FA3B382C6BE9CD6C3F6692E51D4BA042C287F4A6C7DFC1395A1EE4BFA175", "D64BC5FE778E62F52FAF1A558C46AB9C63D2D06A74FDE22CC1A16BB67C6A0E8C", "D677F4DB1390FE714B817B24CE7D654078B51BA146F6C4537E43D85D3A2B0CC2", "D86D8C366E2D62A174FC13CC280E324FC50FDC33BE3CAC167AB7E803409C8C2E", "D908DDC72AA29C650430DBB0140A05335CA1A6D3BD0D4034C54B4E2D80DB9EB9", "D9425756DF631BB7CA03B3451BD1F9C557325B8A2BB0CD34A22102962A0F4213", "D9DA80F42942BF2AE861A25807D73FB3CC5278F385F44A69EDF3332A73B6B7A7", "DA815A7C4A42ED491F84873B4248BBC6BF0CD175F8AA4219C89E764FB61FECD4", "DE0FD4B46D08CEF1DEAA575A9047B1B4606E41D3DD7B29408B8769EA341B71D5", "DE8C5DCB7F07498942725CF8F7905DBA001C7B89D3D36370CC303A274CB9A8EB", "DEAB63B690E03D8E8203ACA19836C2D36A8ED9D5C66A32CCF4F7F6B6C9F8DE84", "E2AA9B11D88890FE4ED3C245CC3A519ACAAD11F11F032D2AE032FE428B8C4012", "E2B86254D720126A86E0D868B69F73304F67BBA828605033D214DA145B7078F4", "E2E1AB8B9E10CF0970D428552F10FD3FEA7D405315E7CCA6431E3F0E8079B159", "E46E249A2A7ED001BEF59F483830A2690EC2B94A16D5E8A1028E94B1AA23DA4C", "E5029DD7DA3FDCEAB13FDB9D0B634A06F7F47565C556ABBCC97B9CB137EEA1A2", "E648FE893730BFA7050949B16F8159E217D9122952837F128792CC653052A172", "E6EE20198BD4C32711820E67FB3A052C1C4BCF0D11A5A4BBA683215A3FA5825E", "E775C68CA18D51E91E688F1880BD5AF1955B5F4DF7397FA28CC721E37DAFB99A", "E7B26BFFEBAF5940128604225876F93CFFC27DB258C37295462DEA72EAA99A13", "E7FB5735ADA60C1184A568F1F506520CF55F0E3A61B381ABCF4FF3C5090C8998", "E8302DECE1CECF16A05E7F8FBA08D33074F30279F18CDDBABA912B9C9DF9F32D", "E8825B71ACE31BFAA5662E2357C5EEB425BA842AC21E60C761364799BFD2FEE3", "E8BA6A75873A4594BE92FFE48C361848E9581DAA153EABDC1D071E1A59172338", "ED962C022CE6B7157A6A1DC3A2A82F64E0886D5E173F3FA15D86D6E90286EBBF", "EE31BACFE4E2531B3AC2273027A23C49C59978284694658A79B4BC6797F86ACB", "F02EA1DD204629897DA1861F147A272B72A3FA34A5315D58B896A636EAE341F5", "F0A55A55FE75D7879ACE84F93E653F8A50B8249B2C7592738EB4BD78485CC785", "F1319E2508F5C112B37A4A6D292A000AB7AB824FB75E0C9F8948F655DFA754E6", "F20FBF9D136DA66B16B24CC6A66369A721A4C8C12FA296FC3E2278352AA17707", "F2C60EF9E96AA9B7F20810A32ABE6C58279506718A61C2BD9D6A6DF787CD9EA7", "F35EB0C55F08CA4C671A4E6D2454A08936C6D1CD868709D0EE04FB71FFC263C1", "F50A6F6BA5B32FE7E7B5465ACFA2151CE81FE9DEB6C0E87419E72E0A87BE39EA", "F6697F7B335B13964F9055910F3DE232E816E18DF95389E89281CB35606768FB", "F80F79BA6DF67B9B276F50883A8B337A4582F3460556D772819BB4B8E40450AB", "F86E22B7D4364B00DDE20B4FC7BF8FBECA6DFB9BBB025F902E24119D4762DB2F", "F8F03C35A3C8AEA5027E6C01D991D7E1C3A4A0C9EAE0D875ACF760D1D56B8B9C", "F9ED99C3F4B2D868A3826BA34135EFCC7EF1978329C535488F23E6CF98DA913D", "FACE47A144B851A6BB630C0FD63FA2BFBE0A19AFE0A7E1A993E530FC0BA6BE90", "FE6D95CEEFE9596CD6D6134F8326AB13E3C97D550B3E62F57DECDBDBC51C329A"]}, {"type": "kaspersky", "idList": ["KLA12407"]}, {"type": "mageia", "idList": ["MGASA-2023-0141"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:0A61417A438C7DDFAF7749BDD909CF11"]}, {"type": "nessus", "idList": ["AL2_ALAS-2022-1750.NASL", "ALA_ALAS-2022-1562.NASL", "ALA_ALAS-2023-1718.NASL", "ALMA_LINUX_ALSA-2022-0290.NASL", "APACHE_LOG4J_1_2.NASL", "APACHE_LOG4J_1_X_MULTIPLE_VULNERABILITIES.NASL", "APACHE_LOG4J_2_13_2.NASL", "CENTOS_RHSA-2017-2423.NASL", "CENTOS_RHSA-2021-5206.NASL", "CENTOS_RHSA-2022-0442.NASL", "DEBIAN_DLA-2065.NASL", "DEBIAN_DLA-2852.NASL", "DEBIAN_DLA-2905.NASL", "DEBIAN_DSA-4686.NASL", "DEBIAN_DSA-5020.NASL", "EULEROS_SA-2022-1276.NASL", "EULEROS_SA-2022-1330.NASL", "EULEROS_SA-2022-1744.NASL", "GENTOO_GLSA-202209-02.NASL", "JIRA_9_0_0_JRASERVER-73885.NASL", "LOG4J_VULNERABLE_ECOSYSTEM_LAUNCHER.NASL", "MYSQL_ENTERPRISE_MONITOR_8_0_30.NASL", "NUTANIX_NXSA-AOS-5_20_3_5.NASL", "NUTANIX_NXSA-AOS-5_20_4.NASL", "NUTANIX_NXSA-AOS-6_0_2_6.NASL", "NUTANIX_NXSA-AOS-6_1.NASL", "NUTANIX_NXSA-AOS-6_1_1.NASL", "OPENSUSE-2020-51.NASL", "OPENSUSE-2021-1612.NASL", "OPENSUSE-2021-1631.NASL", "OPENSUSE-2021-4111.NASL", "OPENSUSE-2021-4112.NASL", "OPENSUSE-2022-0038-1.NASL", "OPENSUSE-2022-0214-1.NASL", "OPENSUSE-2022-0226-1.NASL", "ORACLELINUX_ELSA-2017-2423.NASL", "ORACLELINUX_ELSA-2021-5206.NASL", "ORACLELINUX_ELSA-2022-0290.NASL", "ORACLELINUX_ELSA-2022-0442.NASL", "ORACLELINUX_ELSA-2022-9056.NASL", "ORACLELINUX_ELSA-2022-9419.NASL", "ORACLE_BPM_CPU_APR_2022.NASL", "ORACLE_E-BUSINESS_CPU_APR_2021.NASL", "ORACLE_E-BUSINESS_CPU_JUL_2022.NASL", "ORACLE_ENTERPRISE_MANAGER_CPU_APR_2022.NASL", "ORACLE_IDENTITY_MANAGEMENT_CPU_APR_2022.NASL", "ORACLE_JDEVELOPER_CPU_APR_2022.NASL", "ORACLE_OATS_CPU_JUL_2023.NASL", "ORACLE_PRIMAVERA_GATEWAY_CPU_JUL_2020.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_OCT_2020.NASL", "ORACLE_TUXEDO_CPU_APR_2022.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_APR_2020.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_APR_2022.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_JAN_2022.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_OCT_2020.NASL", "REDHAT-RHSA-2017-1801.NASL", "REDHAT-RHSA-2017-2423.NASL", "REDHAT-RHSA-2017-2638.NASL", "REDHAT-RHSA-2017-2811.NASL", "REDHAT-RHSA-2017-3399.NASL", "REDHAT-RHSA-2020-3817.NASL", "REDHAT-RHSA-2021-5206.NASL", "REDHAT-RHSA-2021-5269.NASL", "REDHAT-RHSA-2022-0289.NASL", "REDHAT-RHSA-2022-0290.NASL", "REDHAT-RHSA-2022-0291.NASL", "REDHAT-RHSA-2022-0294.NASL", "REDHAT-RHSA-2022-0436.NASL", "REDHAT-RHSA-2022-0438.NASL", "REDHAT-RHSA-2022-0439.NASL", "REDHAT-RHSA-2022-0442.NASL", "REDHAT-RHSA-2022-0447.NASL", "REDHAT-RHSA-2022-0448.NASL", "REDHAT-RHSA-2022-0475.NASL", "REDHAT-RHSA-2022-0524.NASL", "REDHAT-RHSA-2022-1296.NASL", "REDHAT-RHSA-2022-1297.NASL", "REDHAT-RHSA-2022-5053.NASL", "REDHAT-RHSA-2022-5459.NASL", "REDHAT-RHSA-2022-5460.NASL", "SL_20211220_LOG4J_ON_SL7_X.NASL", "SUSE_SU-2020-14267-1.NASL", "SUSE_SU-2021-14866-1.NASL", "SUSE_SU-2021-4111-1.NASL", "SUSE_SU-2021-4112-1.NASL", "SUSE_SU-2021-4115-1.NASL", "SUSE_SU-2022-0212-1.NASL", "SUSE_SU-2022-0214-1.NASL", "SUSE_SU-2022-0226-1.NASL", "SUSE_SU-2022-14881-1.NASL", "UBUNTU_USN-4495-1.NASL", "UBUNTU_USN-5223-1.NASL", "UBUNTU_USN-5998-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704686", "OPENVAS:1361412562310852991", "OPENVAS:1361412562310892065"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2020", "ORACLE:CPUAPR2021", "ORACLE:CPUAPR2022", "ORACLE:CPUAPR2023", "ORACLE:CPUJAN2021", "ORACLE:CPUJAN2022", "ORACLE:CPUJAN2023", "ORACLE:CPUJUL2020", "ORACLE:CPUJUL2022", "ORACLE:CPUJUL2023", "ORACLE:CPUOCT2020", "ORACLE:CPUOCT2021", "ORACLE:CPUOCT2022"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-5206", "ELSA-2022-0290", "ELSA-2022-0442", "ELSA-2022-9056", "ELSA-2022-9419"]}, {"type": "osv", "idList": ["OSV:DLA-2065-1", "OSV:DLA-2852-1", "OSV:DSA-5020-1", "OSV:GHSA-2QRG-X229-3V8Q", "OSV:GHSA-3W6P-8F82-GW8R", "OSV:GHSA-65FG-84F6-3JQ3", "OSV:GHSA-F7VH-QWP3-X37M", "OSV:GHSA-FP5R-V3W9-4333", "OSV:GHSA-VWQQ-5VRC-XW9H", "OSV:GHSA-W9P3-5CR8-M3JJ"]}, {"type": "prion", "idList": ["PRION:CVE-2021-4104", "PRION:CVE-2022-23302", "PRION:CVE-2022-23305", "PRION:CVE-2022-23307"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:3FADA4B80DBBF178154C0729CFC1358F", "QUALYSBLOG:42335884011D582222F08AEF81D70B94", "QUALYSBLOG:5059D1C3913FB6542F3283A66F9B3A43", "QUALYSBLOG:A0F20902D80081B44813D92C6DCCDAAF", "QUALYSBLOG:D140886B3C4505719904327B06F12032"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:18D49792276E208F17E7D64BCE2FDEF6", "RAPID7BLOG:9CB105938BDE92F573A2DE68BC20CF46"]}, {"type": "redhat", "idList": ["RHSA-2017:1801", "RHSA-2017:1802", "RHSA-2017:2423", "RHSA-2017:2633", "RHSA-2017:2638", "RHSA-2017:2810", "RHSA-2017:2811", "RHSA-2017:2888", "RHSA-2017:2889", "RHSA-2017:3244", "RHSA-2017:3399", "RHSA-2017:3400", "RHSA-2019:1545", "RHSA-2020:2391", "RHSA-2020:3626", "RHSA-2020:3779", "RHSA-2020:3817", "RHSA-2020:5568", "RHSA-2021:0603", "RHSA-2021:1044", "RHSA-2021:5107", "RHSA-2021:5134", "RHSA-2021:5141", "RHSA-2021:5148", "RHSA-2021:5183", "RHSA-2021:5184", "RHSA-2021:5186", "RHSA-2021:5206", "RHSA-2021:5269", "RHSA-2022:0289", "RHSA-2022:0290", "RHSA-2022:0291", "RHSA-2022:0294", "RHSA-2022:0430", "RHSA-2022:0435", "RHSA-2022:0436", "RHSA-2022:0437", "RHSA-2022:0438", "RHSA-2022:0439", "RHSA-2022:0442", "RHSA-2022:0444", "RHSA-2022:0445", "RHSA-2022:0446", "RHSA-2022:0447", "RHSA-2022:0448", "RHSA-2022:0449", "RHSA-2022:0450", "RHSA-2022:0467", "RHSA-2022:0469", "RHSA-2022:0475", "RHSA-2022:0497", "RHSA-2022:0524", "RHSA-2022:0527", "RHSA-2022:0553", "RHSA-2022:0661", "RHSA-2022:1296", "RHSA-2022:1297", "RHSA-2022:1299", "RHSA-2022:5053", "RHSA-2022:5458", "RHSA-2022:5459", "RHSA-2022:5460"]}, {"type": "redhatcve", "idList": ["RH:CVE-2017-5645", "RH:CVE-2019-17571", "RH:CVE-2020-9488", "RH:CVE-2021-4104", "RH:CVE-2021-44228", "RH:CVE-2022-23302", "RH:CVE-2022-23305", "RH:CVE-2022-23307"]}, {"type": "rocky", "idList": ["RLSA-2022:0290"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:0051-1", "OPENSUSE-SU-2021:1612-1", "OPENSUSE-SU-2021:1631-1", "OPENSUSE-SU-2021:4111-1", "OPENSUSE-SU-2021:4112-1", "OPENSUSE-SU-2022:0038-1", "OPENSUSE-SU-2022:0040-1", "OPENSUSE-SU-2022:0214-1", "OPENSUSE-SU-2022:0226-1"]}, {"type": "symantec", "idList": ["SMNTC-111264", "SMNTC-19793"]}, {"type": "thn", "idList": ["THN:1D10167F5D53B2791D676CF56488D5D9", "THN:76D7572EDBE770410D6F0518DAD8B0AD", "THN:933FE23273AB5250B949633A337D44E1"]}, {"type": "threatpost", "idList": ["THREATPOST:46837E7270195429E1D891848E911254"]}, {"type": "trellix", "idList": ["TRELLIX:7B9C31B3E2F1A079101A700230D5A5C0"]}, {"type": "ubuntu", "idList": ["USN-4495-1", "USN-5223-1", "USN-5223-2", "USN-5998-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-17571", "UB:CVE-2020-9488", "UB:CVE-2021-4104", "UB:CVE-2021-44228", "UB:CVE-2022-23302", "UB:CVE-2022-23305", "UB:CVE-2022-23307"]}, {"type": "veracode", "idList": ["VERACODE:22224", "VERACODE:25078", "VERACODE:33348", "VERACODE:33755", "VERACODE:33763", "VERACODE:33766", "VERACODE:3919"]}]}, "exploitation": null, "score": {"value": 0.9, "vector": "NONE"}, "epss": [{"cve": "CVE-2019-17571", "epss": 0.97471, "percentile": 0.99936, "modified": "2023-05-03"}, {"cve": "CVE-2020-9488", "epss": 0.0026, "percentile": 0.62236, "modified": "2023-05-03"}, {"cve": "CVE-2021-4104", "epss": 0.94101, "percentile": 0.98694, "modified": "2023-05-03"}, {"cve": "CVE-2022-23302", "epss": 0.00811, "percentile": 0.7931, "modified": "2023-05-03"}, {"cve": "CVE-2022-23305", "epss": 0.00357, "percentile": 0.67903, "modified": "2023-05-03"}, {"cve": "CVE-2022-23307", "epss": 0.01262, "percentile": 0.8357, "modified": "2023-05-03"}], "vulnersScore": 0.9}, "_state": {"dependencies": 1692211575, "score": 1692211938, "epss": 0}, "_internal": {"score_hash": "2d4c8da71f343246c60b2eef16b721bd"}, "affectedPackage": [], "vendorCvss": {"severity": "important"}}

{"ibm": [{"lastseen": "2022-04-14T23:40:47", "description": "## Abstract\n\nIBM Sterling B2B Integrator and Sterling Filegateway NOT Affected by CVE-2021-4104, CVE-2021- 44832, CVE-2019-17571, CVE-2022-23307, CVE-2022-23305,CVE-2022-23302 and CVE-2020-9488 Exploit. \nSecurity Bulletin\n\n## Content\n\n**Summary**\n\nIBM Sterling B2B Integrator and Sterling Filegateway Products are NOT Affected by CVE-2021-4104, CVE-2021- 44832, CVE-2019-17571, CVE-2022-23307, CVE-2022-23305,CVE-2022-23302 and CVE-2020-9488 Exploit\n\n**Vulnerability Details**\n\nAfter conducting extensive research product code base, it is determined that none of the products outlined below are vulnerable to CVE-2021-4104, CVE-2021- 44832, CVE-2019-17571, CVE-2022-23307, CVE-2022-23305, CVE-2022-23302 and CVE-2020-9488.\n\n * IBM Sterling B2B Integrator\n * IBM Sterling Filegateway\n\n**Updated Wednesday, January 6, 2022**\n\nRefer to the IBM Sterling B2B Integrator and IBM Sterling Filegateway security bulletins for **additional information**:\n\n<https://www.ibm.com/support/pages/node/6527248>\n\n<https://www.ibm.com/support/pages/node/6537664>\n\n \n**Get Notified about Future Security Bulletins**\n\nSubscribe to [My Notifications](<http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n**References**\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\n**Related Information**\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n[{\"Type\":\"MASTER\",\"Line of Business\":{\"code\":\"LOB02\",\"label\":\"AI Applications\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SS3JSW\",\"label\":\"IBM Sterling B2B Integrator\"},\"ARM Category\":[{\"code\":\"a8m50000000Cjy9AAC\",\"label\":\"Security-\\u003ESecurity Vulnerability\"}],\"ARM Case Number\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"All Versions\"}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-03T20:50:59", "type": "ibm", "title": "IBM Sterling B2B Integrator and Sterling Filegateway NOT Affected by CVE-2021-4104, CVE-2021- 44832, CVE-2019-17571, CVE-2022-23307, CVE-2022-23305, CVE-2022-23302 and CVE-2020-9488 Exploit", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571", "CVE-2020-9488", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-03-03T20:50:59", "id": "A150C2E017839DE1F5CBC686332D12515358F881E715C75E1B2D5509C5D5362A", "href": "https://www.ibm.com/support/pages/node/6538948", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-24T05:58:04", "description": "## Summary\n\nThe following security issues have been identified in the log4j-1.2.16.jar included as part of the IBM Operations Analytics - Log Analysis product.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-4104](<https://vulners.com/cve/CVE-2021-4104>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data when the attacker has write access to the Log4j configuration. If the deployed application is configured to use JMSAppender, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215048](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215048>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9493](<https://vulners.com/cve/CVE-2020-9493>) \n** DESCRIPTION: **Apache Chainsaw could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw when reading the log events. By sending specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203829](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203829>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23305](<https://vulners.com/cve/CVE-2022-23305>) \n** DESCRIPTION: **Apache Log4j is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the JDBCAppender, which could allow the attacker to view, add, modify or delete information in the back-end database. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217461](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217461>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-23302](<https://vulners.com/cve/CVE-2022-23302>) \n** DESCRIPTION: **Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9488](<https://vulners.com/cve/CVE-2020-9488>) \n** DESCRIPTION: **Apache Log4j is vulnerable to a man-in-the-middle attack, caused by improper certificate validation with host mismatch in the SMTP appender. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180824](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180824>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2022-23307](<https://vulners.com/cve/CVE-2022-23307>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the in Apache Chainsaw component. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-17571](<https://vulners.com/cve/CVE-2019-17571>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nLog Analysis| 1.3.x \n \n## Remediation/Fixes\n\nVersion| Fix details \n---|--- \nIBM Operations Analytics - Log Analysis version 1.3.x| Upgrade to Log Analysis version 1.3.7 Fix Pack 2 \nDownload the [1.3.7-TIV-IOALA-FP2](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Operations%20Analytics&product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Log+Analysis&release=1.3.7&platform=All&function=fixId&fixids=1.3.7-TIV-IOALA-FP2_signed&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"1.3.7-TIV-IOALA-FP2\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-19T06:36:49", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in log4j-1.2.16.jar used by IBM Operations Analytics - Log Analysis", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571", "CVE-2020-9488", "CVE-2020-9493", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-09-19T06:36:49", "id": "E46E249A2A7ED001BEF59F483830A2690EC2B94A16D5E8A1028E94B1AA23DA4C", "href": "https://www.ibm.com/support/pages/node/6606605", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-24T05:54:26", "description": "## Summary\n\nApache Log4j is used by IBM Sterling Order Management as part of its logging utility and we strongly recommend upgrading to the latest supported version of log4j that was released as part of the latest FixPack.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-9488](<https://vulners.com/cve/CVE-2020-9488>) \n** DESCRIPTION: **Apache Log4j is vulnerable to a man-in-the-middle attack, caused by improper certificate validation with host mismatch in the SMTP appender. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180824](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180824>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-9493](<https://vulners.com/cve/CVE-2020-9493>) \n** DESCRIPTION: **Apache Chainsaw could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw when reading the log events. By sending specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203829](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203829>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-17571](<https://vulners.com/cve/CVE-2019-17571>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23302](<https://vulners.com/cve/CVE-2022-23302>) \n** DESCRIPTION: **Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23305](<https://vulners.com/cve/CVE-2022-23305>) \n** DESCRIPTION: **Apache Log4j is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the JDBCAppender, which could allow the attacker to view, add, modify or delete information in the back-end database. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217461](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217461>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-4104](<https://vulners.com/cve/CVE-2021-4104>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data when the attacker has write access to the Log4j configuration. If the deployed application is configured to use JMSAppender, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215048](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215048>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23307](<https://vulners.com/cve/CVE-2022-23307>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the in Apache Chainsaw component. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Sterling Order Management| 10.0 \nIBM Sterling Order Management| 9.5.x \n \n\n\n## Remediation/Fixes\n\nIBM strongly recommends addressing the vulnerability now by upgrading to the latest fixpack that has the upgraded version of log4j. Please note the fixpack only applies to IBM Sterling Order Management version 10 and if you are running IBM Sterling Order Management version 9.5 a product upgrade must be completed first. IBM Sterling Order Management version 9.5 reached end of support April 30, 2022.\n\nOrder Management installing Fix Pack 30 - <https://www.ibm.com/docs/en/order-management-sw/10.0?topic=software-fixes-by-fix-pack-version#fp30>\n\nFix Pack 30 download location - [https://www.ibm.com/support/fixcentral/swg/selectFixes?fixids=10.0.0.0-Sterling-SSFF-All-fp30-Installer&amp;product=ibm%2FOther%20software%2FSterling%20Selling%20and%20Fulfillment%20Foundation&amp;source=dbluesearch&amp;mhsrc=ibmsearch_a&amp;mhq=10.0.0.0-Sterling-SSFF-All-fp30-Installer%20&amp;function=fixId&amp;parent=ibm/Other%20software](<https://www.ibm.com/support/fixcentral/swg/selectFixes?fixids=10.0.0.0-Sterling-SSFF-All-fp30-Installer&product=ibm%2FOther%20software%2FSterling%20Selling%20and%20Fulfillment%20Foundation&source=dbluesearch&mhsrc=ibmsearch_a&mhq=10.0.0.0-Sterling-SSFF-All-fp30-Installer%20&function=fixId&parent=ibm/Other%20software>)\n\nmigrating to log4j2 - <https://www.ibm.com/docs/en/order-management-sw/10.0?topic=software-migrating-log4j2>\n\ncustomizing log4j2 - <https://www.ibm.com/docs/en/order-management-sw/10.0?topic=software-customizing-log4j2>\n\nRolling back log4j1 - <https://www.ibm.com/docs/en/order-management-sw/10.0?topic=log4j2-rolling-back-log4j1x>\n\n## Workarounds and Mitigations\n\nIBM strongly recommends addressing the vulnerability now by executing above steps in product version 10.0. Version 9.5 reached end of support as of April 30, 2022. If you need further clarifications regarding 9.5 end of support, log4j and version 9.5 please contact IBM support.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-20T18:18:17", "type": "ibm", "title": "Security Bulletin: IBM Sterling Order Management migration strategy to Apache Log4j vulnerability (see CVEs below)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571", "CVE-2020-9488", "CVE-2020-9493", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-10-20T18:18:17", "id": "906B64791AA71F432F14BB58CCAEE6A9622AD741C3E459C5C2594F4C546B7BA9", "href": "https://www.ibm.com/support/pages/node/6830971", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-24T05:54:43", "description": "## Summary\n\nApache Log4j 1.x vulnerabilities may impact IBM InfoSphere Information Server which uses Apache Log4j for logging.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-23302](<https://vulners.com/cve/CVE-2022-23302>) \n** DESCRIPTION: **Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9488](<https://vulners.com/cve/CVE-2020-9488>) \n** DESCRIPTION: **Apache Log4j is vulnerable to a man-in-the-middle attack, caused by improper certificate validation with host mismatch in the SMTP appender. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180824](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180824>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2022-23307](<https://vulners.com/cve/CVE-2022-23307>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the in Apache Chainsaw component. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-17571](<https://vulners.com/cve/CVE-2019-17571>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-4104](<https://vulners.com/cve/CVE-2021-4104>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data when the attacker has write access to the Log4j configuration. If the deployed application is configured to use JMSAppender, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215048](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215048>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9493](<https://vulners.com/cve/CVE-2020-9493>) \n** DESCRIPTION: **Apache Chainsaw could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw when reading the log events. By sending specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203829](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203829>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23305](<https://vulners.com/cve/CVE-2022-23305>) \n** DESCRIPTION: **Apache Log4j is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the JDBCAppender, which could allow the attacker to view, add, modify or delete information in the back-end database. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217461](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217461>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nInfoSphere Information Server| 11.7 \n \n\n\n## Remediation/Fixes\n\n_Product_| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \nInfoSphere Information Server, Information Server on Cloud| 11.7| [DT144440](<https://www.ibm.com/mysupport/aCI3p000000XjEi> \"DT144440\" ) \n| \\--Apply InfoSphere Information Server version [11.7.1.0](<https://www.ibm.com/support/docview.wss?uid=ibm10878310> \"11.7.1.0\" ) \n\\--Apply InfoSphere Information Server version [11.7.1.4](<https://www.ibm.com/support/pages/node/6620275> \"11.7.1.4\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-14T22:13:39", "type": "ibm", "title": "Security Bulletin: IBM InfoSphere Information Server may be affected by vulnerabilities in Apache log4j 1.x version", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571", "CVE-2020-9488", "CVE-2020-9493", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-10-14T22:13:39", "id": "E6EE20198BD4C32711820E67FB3A052C1C4BCF0D11A5A4BBA683215A3FA5825E", "href": "https://www.ibm.com/support/pages/node/6829357", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-24T06:03:18", "description": "## Summary\n\nApache Log4j is used by IBM Spectrum LSF Suite and IBM Platform Process Manager as part of its logging infrastructure. These vulnerabilities can be addressed by executing steps detailed in the Workaround section. These issues will be addressed in the next fix patch release 10.2.0.13 by end of July 2022.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-4104](<https://vulners.com/cve/CVE-2021-4104>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data when the attacker has write access to the Log4j configuration. If the deployed application is configured to use JMSAppender, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215048](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215048>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9488](<https://vulners.com/cve/CVE-2020-9488>) \n** DESCRIPTION: **Apache Log4j is vulnerable to a man-in-the-middle attack, caused by improper certificate validation with host mismatch in the SMTP appender. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180824](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180824>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2022-23302](<https://vulners.com/cve/CVE-2022-23302>) \n** DESCRIPTION: **Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23307](<https://vulners.com/cve/CVE-2022-23307>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the in Apache Chainsaw component. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-17571](<https://vulners.com/cve/CVE-2019-17571>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9493](<https://vulners.com/cve/CVE-2020-9493>) \n** DESCRIPTION: **Apache Chainsaw could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw when reading the log events. By sending specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203829](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203829>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23305](<https://vulners.com/cve/CVE-2022-23305>) \n** DESCRIPTION: **Apache Log4j is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the JDBCAppender, which could allow the attacker to view, add, modify or delete information in the back-end database. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217461](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217461>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Spectrum LSF Suite| 10.2.0.6, 10.2.0.7, 10.2.0.8, 10.2.0.9, 10.2.0.10, 10.2.0.11, 10.2.0.12 \nIBM Platform Process Manager| 10.2.0.6, 10.2.0.7, 10.2.0.8, 10.2.0.9, 10.2.0.10, 10.2.0.11, 10.2.0.12 \n \n\n\n## Remediation/Fixes\n\nFix Pack will be released once available. 10.2.0.13 will be available by Q2\n\n## Workarounds and Mitigations\n\nProduct | \n\nVRMF\n\n| \n\nAPAR\n\n| \n\nRemediation/First Fix \n \n---|---|---|--- \n \nIBM Spectrum LSF Suite\n\nIBM Platform Process Manager\n\n| \n\n10.2.0.6\n\n10.2.0.7\n\n10.2.0.8\n\n10.2.0.9\n\n10.2.0.10\n\n10.2.0.11\n\n10.2.0.12\n\n| \n\nNone\n\n| \n\nExecuting these steps will remove the vulnerbilities in log4j:\n\nRemove the JMSAppender.class, SMTPAppender.class, SMTPAppender$1.class, JMSSink.class, SocketServer.class, SimpleSocketServer.class and JDBCAppender.class from log4j-*.jar file\n\n1). find $JS_HOME -name \"log4j-*.jar\" -exec zip -q -d {} org/apache/log4j/net/JMSAppender.class \\;\n\nfind $JS_HOME -name \"log4j-*.jar\" -exec zip -q -d {} org/apache/log4j/net/SMTPAppender.class \\;\n\nfind $JS_HOME -name \"log4j-*.jar\" -exec zip -q -d {} org/apache/log4j/net/SMTPAppender\\$1.class \\;\n\nfind $JS_HOME -name \"log4j-*.jar\" -exec zip -q -d {} org/apache/log4j/net/JMSSink.class \\;\n\nfind $JS_HOME -name \"log4j-*.jar\" -exec zip -q -d {} org/apache/log4j/net/SocketServer.class \\;\n\nfind $JS_HOME -name \"log4j-*.jar\" -exec zip -q -d {} org/apache/log4j/net/SimpleSocketServer.class \\;\n\nfind $JS_HOME -name \"log4j-*.jar\" -exec zip -q -d {} org/apache/log4j/jdbc/JDBCAppender.class \\;\n\n2). reboot service\n\njadmin stop\n\njadmin start \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-06-22T22:12:35", "type": "ibm", "title": "Security Bulletin: IBM Spectrum LSF Suite and IBM Platform Process Manager are vulnerable to arbitrary code execution and denial of service due to Apache Log4j (CVE-2021-4104, CVE-2020-9488, CVE-2022-23302, CVE-2022-23307, CVE-2022-23305)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571", "CVE-2020-9488", "CVE-2020-9493", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-06-22T22:12:35", "id": "73DEE30800CCC9325D5F1586487B2795A5B59E4F564CA3DF38C3A192975E9546", "href": "https://www.ibm.com/support/pages/node/6597675", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-24T06:10:26", "description": "## Summary\n\nThere are multiple vulnerabilities in Apache Log4j (CVE-2021-4104, CVE-2022-23302, CVE-2022-23305, and CVE-2022-23307) as described in the vulnerability details section. Apache Log4j v1 is used by Db2 Web Query for i for generating logs and diagnostic traces in some of its components. IBM has addressed the vulnerability in Db2 Web Query for i by upgrading to Apache Log4j 2.17. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-23307](<https://vulners.com/cve/CVE-2022-23307>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the in Apache Chainsaw component. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23305](<https://vulners.com/cve/CVE-2022-23305>) \n** DESCRIPTION: **Apache Log4j is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the JDBCAppender, which could allow the attacker to view, add, modify or delete information in the back-end database. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217461](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217461>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-23302](<https://vulners.com/cve/CVE-2022-23302>) \n** DESCRIPTION: **Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-4104](<https://vulners.com/cve/CVE-2021-4104>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data when the attacker has write access to the Log4j configuration. If the deployed application is configured to use JMSAppender, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215048](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215048>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Db2 Web Query for i| 2.2.0 \n \n\n\n## Remediation/Fixes\n\nIBM strongly recommends addressing the vulnerability now by upgrading. \n\n\nThe issues can be fixed by upgrading to a higher Db2 Web Query for i release level. \nDb2 Web Query for i release 2.2.0 is impacted. The fix is to upgrade to either release 2.2.1 or 2.3.0 and to apply the latest group Program Temporary Fix (PTF) for the release. \n\nUpgrade to release 2.2.1 or 2.3.0 depending on the IBM i release level: \n\n\n \n\n\n| \n\nIBM i 7.4\n\n| \n\nIBM i 7.3\n\n| \n\nIBM i 7.2\n\n| \n\nIBM i 7.1 \n \n---|---|---|---|--- \n \nDb2 Web Query for i \n\n\n| \n\n2.3.0\n\n| \n\n2.3.0 \n\n\n| \n\n2.2.1 \n\n\n| \n\n2.2.1 \n \n \n\n\nThe group PTF numbers and minimum required levels for the fix for each IBM i release are: \n\n\nDb2 Web Query for i \n\n\n| \n\nIBM i 7.4\n\n| \n\nIBM i 7.3\n\n| \n\nIBM i 7.2\n\n| \n\nIBM i 7.1 \n \n---|---|---|---|--- \n \n2.3.0 \n\n\n| \n\nSF99654 level 4 \n\n\n| \n\nSF99533 level 4 \n\n\n| \n\nN/A \n\n\n| \n\nN/A \n \n2.2.1 \n\n\n| \n\nSF99653 level 12 \n\n\n| \n\nSF99433 level 12 \n\n\n| \n\nSF99434 level 12 \n\n\n| \n\nSF99435 level 12 \n \n \nFor information on upgrading to Db2 Web Query for i release 2.2.1 or 2.3.0, refer to the Installation and Upgrades link at <https://ibm.biz/db2wq-wiki>. \n\nGroup Program Temporary Fixes (PTFs) can be downloaded from [https://www.ibm.com/support/fixcentral/.](<https://www.ibm.com/support/fixcentral/>)\n\n_Important note: IBM recommends that all users running unsupported versions of affected products upgrade to supported and fixed version of affected products._\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-25T14:48:34", "type": "ibm", "title": "Security Bulletin: Due to use of Apache Log4j, IBM Db2 Web Query for i is vulnerable to arbitrary code execution (CVE-2021-4104, CVE-2022-23302, and CVE-2022-23307) and SQL injection (CVE-2022-23305)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-01-25T14:48:34", "id": "6B7E183EC35674B746DB7086B6A65F4C3CF3F256A6A5F607AE65074E1355241E", "href": "https://www.ibm.com/support/pages/node/6550822", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-24T06:07:51", "description": "## Summary\n\nApache-Log4j - CVE-2021-4104, Apache-Log4j - CVE-2022-23302, Apache-Log4j - CVE-2022-23305, Apache-Log4j - CVE-2022-23307\n\n## Vulnerability Details\n\nRefer to the security bulletin(s) listed in the Remediation/Fixes section\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nTNPM| 1.4.x \n \n## Remediation/Fixes\n\nBelow are the CVE Details -\n\n**# Apache-Log4j - CVE-2021-4104 :** \nA flaw was found in the Java logging library Apache Log4j in version 1.x. JMSAppender in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if the deployed application is configured to use JMSAppender and to the attacker's JNDI LDAP endpoint.\n\n**# Apache-Log4j - CVE-2022-23302 :** \nA flaw was found in the Java logging library Apache Log4j in version 1.x. JMSSink in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if JMSSink is deployed and has been configured to perform JNDI requests.\n\n**# Apache-Log4j - CVE-2022-23305 :** \nA flaw was found in the Java logging library Apache Log4j in version 1.x. JDBCAppender in Log4j 1.x is vulnerable to SQL injection in untrusted data. This allows a remote attacker to run SQL statements in the database if the deployed application is configured to use JDBCAppender with certain interpolation tokens.\n\n**# Apache-Log4j - CVE-2022-23307 :** \nA flaw was found in the log4j 1.x chainsaw component, where the contents of certain log entries are deserialized and possibly permit code execution. This flaw allows an attacker to send a malicious request with serialized data to the server to be deserialized when the chainsaw component is run.\n\n**These are the mitigation steps for the above mentioned issues :**\n\n * Comment out or remove JMSAppender, JMSSink, JDBCAppender in the Log4j configuration if it is used. There can be other log4j.xml files if configured additionally on customer's environment apart from below mentioned xmls.[Here $WMCROOT=/appl/virtuo (Virtuo Directory)] \n\n 1. $WMCROOT/as/server/default/conf/log4j.xml\n 2. $WMCROOT/conf/logging/cli/log4j.xml\n * Remove the JMSAppender, JMSSink, JDBCAppender class and Chainsaw classes from the classpath. \n\n 1. Take backup of below used log4j jars\n 2. Stop all the application services - as, asd, alarmcache, nccache and loader instances (as these components could be using log4j)\n 3. Execute the following command - \n\n 1. zip -q -d log4j*.jar org/apache/log4j/net/JMSAppender.class \n 2. zip -q -d log4j*.jar org/apache/log4j/net/JMSSink.class \n 3. zip -q -d log4j*.jar org/apache/log4j/jdbc/JDBCAppender.class \n 4. zip -q -d log4j*.jar org/apache/log4j/chainsaw/* \n 4. JMSAppender.class, JMSSink.class, JDBCAppender.class and Chainsaw classes can be found in following locations - [Here $WMCROOT=/appl/virtuo (Virtuo Directory)] \n\n 1. $WMCROOT/as/client/log4j.jar\n 2. $WMCROOT/as/lib/log4j-boot.jar\n 3. $WMCROOT/as/server/default/lib/log4j.jar\n 4. $WMCROOT/lib/tp/log4j.jar\n 5. Start all the services which were stopped in step #2\n * Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.\n\n## Workarounds and Mitigations\n\nFor an external (e.g. internet facing) attacker to exploit the aforementioned vulnerabilities is likely to have less possibility as as the application is deployed on local servers.\n\nVulnerability components/classes mentioned previously are not enabled by default, are not used in our application, and can be disabled. So the attack vector is greatly reduced as it depends on an attacker having to write access to compromise the configuration. Additionally, the application admin can change user permissions of respective files and restrict users.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-19T08:40:04", "type": "ibm", "title": "Security Bulletin: Vulnerability in Apache Log4j affects IBM Netcool Performance Manager", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-03-19T08:40:04", "id": "92A25ACC7CA97D427DA5F098FEAD958217F50C6C07BA13888E0C08A046DD5DA3", "href": "https://www.ibm.com/support/pages/node/6538352", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-24T06:04:28", "description": "## Summary\n\nMultple vulnerabilities exist in Apache log4j that could allow someone to execute arbitrary code on the system. Apache Log4j v1 is used by Cloud Pak System in order to generate logs and diagnostic traces in some of its components; IBM DB2 , IBM Tivoli Monitoring, IBM Spectrum Scale and IBM WebSphere Application Server. IBM Cloud Pak System has addressed these vulnerabilities. This security bulletin applies to Cloud Pak System, Cloud Pak System Software and Cloud Pak System Software Suite.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-23307](<https://vulners.com/cve/CVE-2022-23307>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the in Apache Chainsaw component. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23305](<https://vulners.com/cve/CVE-2022-23305>) \n** DESCRIPTION: **Apache Log4j is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the JDBCAppender, which could allow the attacker to view, add, modify or delete information in the back-end database. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217461](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217461>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-23302](<https://vulners.com/cve/CVE-2022-23302>) \n** DESCRIPTION: **Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-4104](<https://vulners.com/cve/CVE-2021-4104>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data when the attacker has write access to the Log4j configuration. If the deployed application is configured to use JMSAppender, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215048](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215048>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nSystems: W3500, W550 and W4600\n\nMain Product(s) Version(s)\n\n| \n\nVersion(s)\n\n| \n\nAffected Supporting Products Version(s) \n \n---|---|--- \n \nIBM Cloud Pak System \n\n| \n\nv2.3, v2.3.0.1, v2.3.1.1\n\n| \n\nNotice DB2 LUW 10.5 and DB2 LUW 11.1 end of support as per Withdrawal Announcements [ 920-049](<https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?subtype=ca&infotype=an&appname=iSource&supplier=897&letternum=ENUS920-049>) and [918-138 ](<https://www-01.ibm.com/common/ssi/ShowDoc.wss?docURL=/common/ssi/rep_ca/8/897/ENUS918-138/index.html&request_locale=en>)respectively. \n \nIBM Cloud Pak System \n\n| \n\nv2.3.2.0, v2.3.3.1, v2.3.3.2, v2.3.3.3, v2.3.3.3 interim fix 1\n\n| \n\nDB2. LUW 11.5 \n \nIBM Cloud Pak System Software Suite\n\n| \n\nv2.3, v2.3.0.1, v2.3.1.1\n\n| \n\nNotice DB2 LUW 10.5 and DB2 LUW 11.1 end of support as per Withdrawal Announcements [ 920-049](<https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?subtype=ca&infotype=an&appname=iSource&supplier=897&letternum=ENUS920-049>) and [918-138 ](<https://www-01.ibm.com/common/ssi/ShowDoc.wss?docURL=/common/ssi/rep_ca/8/897/ENUS918-138/index.html&request_locale=en>)respectively. \n \nIBM Cloud Pak System Software Suite\n\n| \n\nv2.3.2.0, v2.3.3.1, v2.3.3.2, v2.3.3.3, v2.3.3.3 interim fix 1\n\n| \n\nDB2. LUW 11.5 \n \n \n\n\n## Remediation/Fixes\n\nFor unsupported version/release/platform IBM recommends upgrading to a fixed, supported version of the product. \n\nApache log4jv1 is vulnerable to CVE-2021-4104 in non default configuration if applications use JMSAppender class which is not the default for Cloud Pak System. Cloud Pak System log4jv1 instances updates to log4j v2.17.1 with IBM Cloud Pak System v2.3.3.4. Cloud Pak System DB2 updated to V11.5.7 special build. Tivoli Monitoring ( ITM) updated to ITM 6.3.0.7 Interim fix 2a, IBM Spectrum Scale (5.0.5.12) ptype 1.2.19.0 and er support for WebSphere Application Server 8.5.5.21 and 9.0.5.11 Was Liberty 22.0.0.3.\n\nIBM strongly recommends addressing the vulnerability by upgrading to the latest fixed supported release of the product.\n\nFor IBM Cloud Pak System V2.3.0 through to V2.3.3.3 Interim Fix 1 upgrade to Cloud Pak System V2.3.3.4 at [Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=PureSystems&product=ibm/WebSphere/IBM+Cloud+Pak+System&release=2.3.3.3&platform=All&function=all>)\n\nInformation on upgrading at : <http://www.ibm.com/support/docview.wss?uid=ibm10887959>\n\nIf you are using product pattern type (pType), please refer to the security bulletin for that specific product.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-30T10:03:47", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Apache Log4j affect IBM Cloud Pak System", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-05-30T10:03:47", "id": "D9DA80F42942BF2AE861A25807D73FB3CC5278F385F44A69EDF3332A73B6B7A7", "href": "https://www.ibm.com/support/pages/node/6590835", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-24T06:04:08", "description": "## Summary\n\nIBM Netezza Analytics uses Log4j version 1.x. IBM Netezza Analytics has addressed the aplicable CVEs\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-23302](<https://vulners.com/cve/CVE-2022-23302>) \n** DESCRIPTION: **Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-17571](<https://vulners.com/cve/CVE-2019-17571>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23305](<https://vulners.com/cve/CVE-2022-23305>) \n** DESCRIPTION: **Apache Log4j is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the JDBCAppender, which could allow the attacker to view, add, modify or delete information in the back-end database. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217461](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217461>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-4104](<https://vulners.com/cve/CVE-2021-4104>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data when the attacker has write access to the Log4j configuration. If the deployed application is configured to use JMSAppender, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215048](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215048>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23307](<https://vulners.com/cve/CVE-2022-23307>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the in Apache Chainsaw component. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-21704](<https://vulners.com/cve/CVE-2022-21704>) \n** DESCRIPTION: **log4js-node module for Node.js could allow a local authenticated attacker to obtain sensitive information, caused by an issue with the default file permissions for log files created by the file, fileSync and dateFile appenders are world-readable. By gaining access to the log files, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217832](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217832>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Netezza Analytics| All versions &lt;= 3.3.10 \n \n## Remediation/Fixes\n\nProduct| VRMF| Remediation/First Fix \n---|---|--- \n \nIBM Netezza Analytics\n\n| 3.4.0| [Link to Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FNetezza+Applications&release=ANALYTICS_3.4&platform=All&function=fixId&fixids=3.4.0.0-IM-Netezza-ANALYTICS-fp11044> \"Link to Fix Central\" ) \n \nNote: IBM Netezza Analytics addresses above CVEs by removing log4j from IBM Netezza Analytics.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-06-03T14:32:29", "type": "ibm", "title": "Security Bulletin: Log4j vulnerabilities affect IBM Netezza Analytics", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571", "CVE-2021-4104", "CVE-2022-21704", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-06-03T14:32:29", "id": "37E104987DDBCB98288C981D0121D7E0E9C8345C5AF2BCE774DAAE155427E747", "href": "https://www.ibm.com/support/pages/node/6554466", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-07-25T05:38:40", "description": "## Summary\n\nMultiple vulnerabilities exist in the Apache Log4j open source library used by IBM Security Access Manager for Enterprise Single Sign-On. These vulnerabilities have been addressed. Customers are encouraged to immediately update their systems.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-23307](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217462>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the in Apache Chainsaw component. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2023-26464](<https://exchange.xforce.ibmcloud.com/vulnerabilities/249785>) \n** DESCRIPTION: **Apache Log4j is vulnerable to a denial of service, caused by a flaw when using the Chainsaw or SocketAppender components. By sending a specially crafted hashmap or hashtable, a remote attacker could exploit this vulnerability to exhaust available memory in the virtual machine, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/249785](<https://exchange.xforce.ibmcloud.com/vulnerabilities/249785>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-23302](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) \n** DESCRIPTION: **Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9493](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203829>) \n** DESCRIPTION: **Apache Chainsaw could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw when reading the log events. By sending specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203829](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203829>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9488](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180824>) \n** DESCRIPTION: **Apache Log4j is vulnerable to a man-in-the-middle attack, caused by improper certificate validation with host mismatch in the SMTP appender. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180824](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180824>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-17571](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173314>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23305](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217461>) \n** DESCRIPTION: **Apache Log4j is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the JDBCAppender, which could allow the attacker to view, add, modify or delete information in the back-end database. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217461](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217461>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-4104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215048>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data when the attacker has write access to the Log4j configuration. If the deployed application is configured to use JMSAppender, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215048](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215048>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Security Access Manager for Enterprise Single-Sign On| 8.2.2 \n \n## Remediation/Fixes\n\nIBM encourages customers to update their systems promptly by applying Fix Pack 15 on IBM Security Access Manager for Enterprise Single-Sign On version 8.2.2 as per the details available [here](<https://www.ibm.com/support/pages/node/7009621> \"here\" ).\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-07-25T04:26:28", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Apache Log4j affects IBM Security Access Manager for Enterprise Single Sign-On", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571", "CVE-2020-9488", "CVE-2020-9493", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307", "CVE-2023-26464"], "modified": "2023-07-25T04:26:28", "id": "873E4E7D31B3D0678D775F72B794EC936D165E1CF0679FF3C31754D430863C36", "href": "https://www.ibm.com/support/pages/node/7014395", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-24T06:04:09", "description": "## Summary\n\nIBM Netezza Analytics for NPS uses Log4j version 1.x. IBM Netezza Analytics for NPS has addressed the aplicable CVEs\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-23302](<https://vulners.com/cve/CVE-2022-23302>) \n** DESCRIPTION: **Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23305](<https://vulners.com/cve/CVE-2022-23305>) \n** DESCRIPTION: **Apache Log4j is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the JDBCAppender, which could allow the attacker to view, add, modify or delete information in the back-end database. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217461](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217461>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-21704](<https://vulners.com/cve/CVE-2022-21704>) \n** DESCRIPTION: **log4js-node module for Node.js could allow a local authenticated attacker to obtain sensitive information, caused by an issue with the default file permissions for log files created by the file, fileSync and dateFile appenders are world-readable. By gaining access to the log files, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217832](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217832>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2022-23307](<https://vulners.com/cve/CVE-2022-23307>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the in Apache Chainsaw component. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-17571](<https://vulners.com/cve/CVE-2019-17571>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Netezza Analytics for NPS| All versions &lt;= 11.2.23 \n \n## Remediation/Fixes\n\nProduct| VRMF| Remediation/First Fix \n---|---|--- \n \nIBM Netezza Analytics for NPS\n\n| 11.2.24| [Link to Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FWebSphere%2FIBM+Cloud+Private+for+Data+System&release=INZA_11.2&platform=All&function=fixId&fixids=11.2.24-WS-ICPDS-INZA-fp10905> \"Link to Fix Central\" ) \n \nNote: IBM Netezza Analytics for NPS addresses above CVEs by removing log4j from IBM Netezza Analytics for NPS.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-06-03T14:32:29", "type": "ibm", "title": "Security Bulletin: Log4j vulnerabilities affect IBM Netezza Analytics for NPS", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571", "CVE-2022-21704", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-06-03T14:32:29", "id": "B97713A9D1C3353360B57D1AD1EC137AB7A100FBE009625EB3FD31558B3B3304", "href": "https://www.ibm.com/support/pages/node/6551856", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-24T06:07:22", "description": "## Summary\n\nIBM App Connect Enterprise &amp; IBM Integration Bus are vulnerable to arbitrary code execution due to Apache Log4j (CVE-2022-23307, CVE-2022-23302) and SQL injection due to Apache Log4j (CVE-2022-23305). This affects the logging infrastructure in IBM App Connect Enterprise and IBM Integration Bus. The fix includes Apache Log4j v2.17.1.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-23305](<https://vulners.com/cve/CVE-2022-23305>) \n** DESCRIPTION: **Apache Log4j is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the JDBCAppender, which could allow the attacker to view, add, modify or delete information in the back-end database. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217461](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217461>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-23307](<https://vulners.com/cve/CVE-2022-23307>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the in Apache Chainsaw component. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23302](<https://vulners.com/cve/CVE-2022-23302>) \n** DESCRIPTION: **Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM App Connect Enterprise | V12.0.1.0 to V12.0.3.0 \nIBM App Connect Enterprise| \n\nV11.0.0.0 to V11.0.0.15\n\nAlso affects IBM App Connect Enterprise Toolkit \n\nV11.0.0.0 to V11.0.0.16 \n \nIBM Integration Bus| V10.0.0.6 to V10.0.0.25 \n \n\n\n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerability now by the applying the appropriate fix to IBM Integration Bus/IBM App Connect Enterprise. **\n\n**In addition, apply the appropriate remediation to IBM Integration Bus Toolkit/IBM App Connect Enterprise Toolkit. \n**\n\n \nNote: This supersedes APARs IT39377 and IT39458\n\n**Product(s)**\n\n| \n\n** **\n\n**Version(s)**\n\n| **APAR**| \n\n**Remediation / Fix and Instructions \n** \n \n---|---|---|--- \nIBM App Connect Enterprise \n| V12.0.1.0 to V12.0.3.0| IT39515| \n\nInterim APAR fix for Windows is available from\n\n[12.0.3.0 IBM Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+App+Connect+Enterprise&release=12.0.3.0&platform=Windows+64-bit,+x86&function=aparId&apars=IT39515> \"\" )\n\n[12.0.2.0 IBM Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+App+Connect+Enterprise&release=12.0.2.0&platform=Windows+64-bit,+x86&function=aparId&apars=IT39515> \"\" )\n\n[12.0.1.0 IBM Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+App+Connect+Enterprise&release=12.0.1.0&platform=Windows+64-bit,+x86&function=aparId&apars=IT39515> \"12.0.1.0 IBM Fix Central\" )\n\nInterim APAR fix for the following platforms is available from [IBM Fix Central ](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+App+Connect+Enterprise&release=12.0.3.0&platform=All&function=aparId&apars=IT39515> \"\" )\n\n * Linux x86-64\n * AIX\n * Linux on System z\n * Linux on Power Little Endian \n \nIBM App Connect Enterprise \n| V11.0.0.0- V11.0.0.15| IT39515| \n\nInterim fix for APAR is available for v11.0.0.10-11.0.0.15 from\n\n[IBM Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+App+Connect+Enterprise&release=11.0.0.15&platform=All&function=aparId&apars=IT39515> \"IBM Fix Central\" ) \n \nIBM Integration Bus \n| V10.0.0.6 to V10.0.0.25| IT39515| \n\nInterim fix for APAR is available for 10.0.0.25 from\n\n[IBM Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/Integration+Bus&release=10.0.0.25&platform=All&function=aparId&apars=IT39515> \"IBM Fix Central\" ) \n \n**Remediation to the IBM Integration Toolkit V10 and IBM App Connect Enterprise Toolkit V11, V12**\n\nDelete the following file: \n$MQSI_FILEPATH/tools/plugins/org.apache.log4j_&lt;version&gt;.v&lt;datestamp&gt;.jar \n \nWhere version is a 3 digit log4j version number and &lt;datestamp&gt; is the build date of the plugin. \n\n * **For example**: org.apache.log4j_1.2.15.v201012070815.jar \n \nNote that after applying this remediation it is not possible to install new patterns in the pattern explorer or install new features / software using the eclipse \"Install Software or Update\" dialog boxes.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-04-01T12:22:27", "type": "ibm", "title": "Security Bulletin: IBM App Connect Enterprise & IBM Integration Bus are vulnerable to arbitrary code execution due to Apache Log4j (CVE-2022-23307, CVE-2022-23302) and SQL injection due to Apache Log4j (CVE-2022-23305)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-04-01T12:22:27", "id": "E648FE893730BFA7050949B16F8159E217D9122952837F128792CC653052A172", "href": "https://www.ibm.com/support/pages/node/6568731", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-24T06:07:59", "description": "## Summary\n\nApache Log4j (CVE-2022-23302, CVE-2022-23305, CVE-2022-23307) is a dependency component shipped with the IBM Netcool/OMNIbus Probe DSL Factory Framework. The latest patch upgraded to Apache Log4j 2.17.1 that remediates the security vulnerabilities.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-23302](<https://vulners.com/cve/CVE-2022-23302>) \n** DESCRIPTION: **Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23305](<https://vulners.com/cve/CVE-2022-23305>) \n** DESCRIPTION: **Apache Log4j is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the JDBCAppender, which could allow the attacker to view, add, modify or delete information in the back-end database. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217461](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217461>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-23307](<https://vulners.com/cve/CVE-2022-23307>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the in Apache Chainsaw component. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Tivoli Netcool/OMNIbus Integrations - Probe DSL Factory Framework| probe-dsl-framework-1_0 up to and including probe-dsl-framework-7_0 \n \n\n\n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerability now. **\n\nUpdated Product(s)| Version(s)| Remediation/Fix/Instructions \n---|---|--- \nIBM Tivoli Netcool/OMNIbus Integrations - Probe DSL Factory Framework| probe-dsl-framework-7_2| Refer to [release notice](<https://www.ibm.com/support/pages/node/727019> \"release notice\" ) for the part number of the new package and instructions for Apache Log4j upgrade \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-16T02:35:57", "type": "ibm", "title": "Security Bulletin: Due to use of Apache Log4j, IBM Netcool/OMNIbus Probe DSL Factory Framework is vulnerable to arbitrary code execution (CVE-2022-23302, CVE-2022-23307) and SQL injection (CVE-2022-23305)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-03-16T02:35:57", "id": "014D42A4B1AF0BC556DD624E07D6BCF5E9F2F23FCE02471BB3F58278DF2FF765", "href": "https://www.ibm.com/support/pages/node/6563857", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-24T06:09:17", "description": "## Summary\n\nMultiple vulnerabilities exist in the Apache Log4j (CVE-2022-23302, CVE-2022-23305, CVE-2022-23307) library used by IBM WebSphere Application Server in the Admin Console and UDDI Registry application. The same Apache library is also used by the IBM WebSphere Application Server Liberty for z/OS in features zosConnect-1.0 and zosConnect-1.2. All vulnerabilities have been addressed previously by removing all existing Apache Log4j versions.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2022-23302](<https://vulners.com/cve/CVE-2022-23302>) \n**DESCRIPTION: **Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2022-23305](<https://vulners.com/cve/CVE-2022-23305>) \n**DESCRIPTION: **Apache Log4j is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the JDBCAppender, which could allow the attacker to view, add, modify or delete information in the back-end database. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217461](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217461>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2022-23307](<https://vulners.com/cve/CVE-2022-23307>) \n**DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the in Apache Chainsaw component. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)** | **Version(s)** \n---|--- \nIBM WebSphere Application Server | 9.0 \nIBM WebSphere Application Server | 8.5 \nIBM WebSphere Application Server | 8.0 \nIBM WebSphere Application Server | 7.0 \nIBM WebSphere Application Server Liberty | 17.0.0.3 - 21.0.0.12 \n \n## Remediation/Fixes\n\nIBM strongly recommends addressing the vulnerabilities now by applying a currently available interim fix or fix pack that contains APAR PH42762. The interim fix PH42762 was provided previously with [Security Bulletin: Multiple vulnerabilities in Apache log4j affect the IBM WebSphere Application Server and IBM WebSphere Application Server Liberty (CVE-2021-4104, CVE-2021-45046)](<https://www.ibm.com/support/pages/node/6526750> \"Security Bulletin: Multiple vulnerabilities in Apache log4j affect the IBM WebSphere Application Server and IBM WebSphere Application Server Liberty \\(CVE-2021-4104, CVE-2021-45046\\)\" ) and the interim fix PH42762 addresses these vulnerabilities for the affected IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. \n\n**For IBM WebSphere Application Server Liberty 17.0.0.3 - 21.0.0.12 using the zosConnect-1.0 or zosConnect-1.2 feature:**\n\n\u00b7 Upgrade to minimal fix pack levels as required by interim fix and then apply Interim Fix [PH42762](<https://www.ibm.com/support/pages/node/6526686> \"PH42762\" ) \n\\--OR-- \n\u00b7 Apply Fix Pack 22.0.0.1 or later.\n\n**For IBM WebSphere Application Server traditional:**\n\n**For V9.0.0.0 through 9.0.5.10:** \n\u00b7 Upgrade to minimal fix pack levels as required by interim fix and then apply Interim Fix [PH42762](<https://www.ibm.com/support/pages/node/6526686> \"PH42762\" ) \n\\--OR-- \n\u00b7 Apply Fix Pack 9.0.5.11 or later (when available). \n\n**For V8.5.0.0 through 8.5.5.20:** \n\u00b7 Upgrade to minimal fix pack levels as required by interim fix and then apply Interim Fix [PH42762](<https://www.ibm.com/support/pages/node/6526686> \"PH42762\" ) \n\\--OR-- \n\u00b7 Apply Fix Pack 8.5.5.21 or later (when available).\n\n**For V8.0.0.0 through 8.0.0.15:** \n\u00b7 Upgrade to 8.0.0.15 and then apply Interim Fix [PH42762](<https://www.ibm.com/support/pages/node/6526686> \"PH42762\" ) \n\n\n**For V7.0.0.0 through 7.0.0.45:** \n\u00b7 Upgrade to 7.0.0.45 and then apply Interim Fix [PH42762](<https://www.ibm.com/support/pages/node/6526686> \"PH42762\" ) \n\n\nAdditional interim fixes may be available and linked off the interim fix download page.\n\nAfter applying the interim fix, follow the **Required next steps** provided previously with [Security Bulletin: Multiple vulnerabilities in Apache log4j affect the IBM WebSphere Application Server and IBM WebSphere Application Server Liberty (CVE-2021-4104, CVE-2021-45046)](<https://www.ibm.com/support/pages/node/6526750> \"Security Bulletin: Multiple vulnerabilities in Apache log4j affect the IBM WebSphere Application Server and IBM WebSphere Application Server Liberty \\(CVE-2021-4104, CVE-2021-45046\\)\" )\n\n_IBM WebSphere Application Server V7.0 and V8.0 are no longer in full support; IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## Workarounds and Mitigations\n\nIf the interim fixes in PH42762 cannot be applied immediately, and the mitigation steps have not been applied previously for [Security Bulletin: Multiple vulnerabilities in Apache log4j affect the IBM WebSphere Application Server and IBM WebSphere Application Server Liberty (CVE-2021-4104, CVE-2021-45046)](<https://www.ibm.com/support/pages/node/6526750>), then follow the temporary mitigation steps for WebSphere Application Server traditional in [Security Bulletin: Multiple vulnerabilities in Apache log4j affect the IBM WebSphere Application Server and IBM WebSphere Application Server Liberty (CVE-2021-4104, CVE-2021-45046)](<https://www.ibm.com/support/pages/node/6526750>). Due to the severity, complexity, and evolving nature of the situation, no mitigation is recommended as a substitute for applying the interim fix.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-17T17:01:30", "type": "ibm", "title": "Security Bulletin: IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to arbitrary code execution and SQL injection due to Apache Log4j. (CVE-2022-23302, CVE-2022-23307, CVE-2022-23305)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2021-45046", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-02-17T17:01:30", "id": "18A47CF24DAFF468D1B3E48E56A7C723BAAB5077F0C1ED2DC22653DD05320A38", "href": "https://www.ibm.com/support/pages/node/6557248", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-24T06:01:11", "description": "## Summary\n\nDocker CLI (CVE-2021-41092) is vulnerable to attacks to obtain sensitive information. Docker CLI is used by IBM Spectrum Discover as part to the infrastructure to manage the images and containers in the system. Apache Log4j (CVE-2021-4104, CVE-2022-23302, CVE-2022-23305, CVE-2022-23307) is vulnerable to attackers to execute arbitrary code to view, add, modify or delete information in the databases. Apache Log4j is used by IBM Spectrum Discover to authenticate inside to the modules of Apache kafka to log events. The fix include upgrade Apache Log4j to v2.17.1.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-23302](<https://vulners.com/cve/CVE-2022-23302>) \n** DESCRIPTION: **Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-4104](<https://vulners.com/cve/CVE-2021-4104>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data when the attacker has write access to the Log4j configuration. If the deployed application is configured to use JMSAppender, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215048](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215048>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23307](<https://vulners.com/cve/CVE-2022-23307>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the in Apache Chainsaw component. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23305](<https://vulners.com/cve/CVE-2022-23305>) \n** DESCRIPTION: **Apache Log4j is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the JDBCAppender, which could allow the attacker to view, add, modify or delete information in the back-end database. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217461](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217461>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41092](<https://vulners.com/cve/CVE-2021-41092>) \n** DESCRIPTION: **Docker CLI could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw when running \"docker login my-private-registry.example.com\" command with a misconfigured configuration file. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to obtain credentials information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/210712](<https://exchange.xforce.ibmcloud.com/vulnerabilities/210712>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s**) \n---|--- \nIBM Spectrum Discover| 2.0.4 \nIBM Spectrum Discover| 2.0.4.1 \nIBM Spectrum Discover| 2.0.4.2 \nIBM Spectrum Discover| 2.0.4.3 \nIBM Spectrum Discover| 2.0.4.4 \n \n## Remediation/Fixes\n\nIBM strongly recommends addressing the vulnerability now by upgrading.\n\nInstalled versions of IBM Spectrum Discover (2.0.4, 2.0.4.1, 2.0.4.2, 2.0.4.3, 2.0.4.4) can be upgraded to fixed version using [IBM Spectrum Discover 2.0.4.5 upgrader](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage&product=ibm/StorageSoftware/IBM+Spectrum+Discover&release=2.0.4.5&platform=All&function=all> \"IBM Spectrum Discover 2.0.4.5 upgrader.\" ) and following the steps provided in our documentation ([IBM Spectrum Discover Documentation](<https://www.ibm.com/docs/en/spectrum-discover/2.0.4?topic=upgrading> \"IBM Spectrum Discover Documentation\" )).\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-18T21:26:30", "type": "ibm", "title": "Security Bulletin: IBM Spectrum Discover is vulnerable to Docker CLI (CVE-2021-41092) and Apache Log4j (CVE-2021-4104, CVE-2022-23302, CVE-2022-23305, CVE-2022-23307) weaknesses", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2021-41092", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-08-18T21:26:30", "id": "924107D9B02B18393D3A9C581C7A30F6BF2CE559C23EC57F1E3C3A0DD8F4C7FB", "href": "https://www.ibm.com/support/pages/node/6568675", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-24T06:05:20", "description": "## Summary\n\nCrypto Hardware Initialization and Maintenance (CHIM) as shipped with IBM Common Cryptographic Architecture (CCA) for MTM 4767 is affected by several vulnerabilities in Apache Log4j (CVE-2021-4104, CVE-2022-23303, CVE 2022-23305 and CVE 2022-23307). CHIM is using Apache Log4j for internal logging purposes of regular user activity. The fix includes Apache Log4j 2.17.1.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-23307](<https://vulners.com/cve/CVE-2022-23307>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the in Apache Chainsaw component. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23302](<https://vulners.com/cve/CVE-2022-23302>) \n** DESCRIPTION: **Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-4104](<https://vulners.com/cve/CVE-2021-4104>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data when the attacker has write access to the Log4j configuration. If the deployed application is configured to use JMSAppender, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215048](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215048>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23305](<https://vulners.com/cve/CVE-2022-23305>) \n** DESCRIPTION: **Apache Log4j is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the JDBCAppender, which could allow the attacker to view, add, modify or delete information in the back-end database. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217461](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217461>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nCCA for MTM 4767 for Linux x64 - Crypto Hardware Initialization and Maintenance (CHIM)| 5.0 - 5.7.11 \n \n\n\n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerability now by upgrading:**\n\n**Product(s)**| **Version(s)**| **Instructions**** \n** \n---|---|--- \nCCA for MTM 4767 for Linux x64 - Crypto Hardware Initialization and Maintenance (CHIM)| 5.0 - 5.7.11| Download and install v5.7.12 (setup4767_5.7.12.bin) \n \nCHIM is bundled with CCA for MTM 4767 for Linux x64 and is a graphical tool used for initializing and configuring CCA.\n\nThe fixed version can be obtained from the [CCA Software Download Page](<https://www.ibm.com/security/cryptocards/pciecc4/software> \"CCA Software Download Page\" ).\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-11T14:31:09", "type": "ibm", "title": "Security Bulletin: Crypto Hardware Initialization and Maintenance is vulnerable to arbitrary code execution due to Apache Log4j (CVE 2021-4104, CVE 2022-23302, CVE 2022-23305, CVE 2022-23307)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23303", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-05-11T14:31:09", "id": "9DF953BC7DECA4AEB37E6E5B0033CA33D3284BD52F59162C055604134EA029E5", "href": "https://www.ibm.com/support/pages/node/6585004", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-24T06:05:24", "description": "## Summary\n\nIBM C\u00faram Social Program Management (SPM) uses the Apache Log4j library for SPM logging infrastructure. There are publicly known vulnerabilities for Apache Log4j (CVE-2022-23302, CVE-2022-23305, CVE-2022-23307) which could allow a remote attacker to execute arbitrary code on the system, or send specially-crafted SQL statements. This IBM owned log4j-ibm-1.2.17.2.jar file is based on materials taken from Apache Log4j 1.2.17.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-23302](<https://vulners.com/cve/CVE-2022-23302>) \n** DESCRIPTION: **Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23305](<https://vulners.com/cve/CVE-2022-23305>) \n** DESCRIPTION: **Apache Log4j is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the JDBCAppender, which could allow the attacker to view, add, modify or delete information in the back-end database. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217461](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217461>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-23307](<https://vulners.com/cve/CVE-2022-23307>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the in Apache Chainsaw component. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nC\u00faram SPM| 7.0.11 \n \n## Remediation/Fixes\n\n**IBM strongly recommends addressing these vulnerabilities now by upgrading.**\n\n**_Product_**| **_VRMF_**| **_Remediation_** \n---|---|--- \nC\u00faram SPM| \n\n7.0.11\n\n| \n\nVisit IBM Fix Central and upgrade to [7.0.11_iFix7](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Smarter%20Cities&product=ibm/Other+software/Curam+Social+Program+Management&release=7.0.11.0_RP&platform=All&function=all> \"7.0.11_iFix7\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-09T11:57:13", "type": "ibm", "title": "Security Bulletin: C\u00faram Social Program Management is vulnerable to arbitrary code execution and SQL injection issues due to Apache Log4j (CVE-2022-23302, CVE-2022-23305, CVE-2022-23307)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-05-09T11:57:13", "id": "CEBCA68E903EDA603D607844229DFCF4454411F02836A215BCE53BF108AD589B", "href": "https://www.ibm.com/support/pages/node/6584095", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-24T06:04:08", "description": "## Summary\n\nApache Log4j is used by IBM Cognos Controller as part of its logging infrastructure. This bulletin addresses the exposure to the Apache Log4j vulnerabilities (CVE-2022-23305, CVE-2022-23302, CVE-2021-4104). Although IBM Cognos Controller is not vulnerable to the listed CVEs, all instances of Apache Log4j v1.x were proactively upgraded to Apache Log4j v2.17.1 for the IBM Cognos Controller 10.4.2 and 10.4.1 streams.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-23305](<https://vulners.com/cve/CVE-2022-23305>) \n** DESCRIPTION: **Apache Log4j is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the JDBCAppender, which could allow the attacker to view, add, modify or delete information in the back-end database. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217461](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217461>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-23302](<https://vulners.com/cve/CVE-2022-23302>) \n** DESCRIPTION: **Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-4104](<https://vulners.com/cve/CVE-2021-4104>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data when the attacker has write access to the Log4j configuration. If the deployed application is configured to use JMSAppender, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215048](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215048>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nIBM Cognos Controller 10.4.2\n\nIBM Cognos Controller 10.4.1\n\nIBM Cognos Controller 10.4.0\n\n## Remediation/Fixes\n\nIf you have the listed affected version, it is strongly recommended that you apply the most recent security update:\n\n**Affected Version**| **Fix Version** \n---|--- \nIBM Cognos Controller 10.4.2| [IBM Cognos Controller 10.4.2 FP1](<https://www.ibm.com/support/pages/node/6556176> \"IBM Cognos Controller 10.4.2 FP1\" ) \nIBM Cognos Controller 10.4.1| [IBM Cognos Controller 10.4.1 IF14](<https://www.ibm.com/support/pages/node/6572655> \"IBM Cognos Controller 10.4.1 IF14\" ) \nIBM Cognos Controller 10.4.0| [IBM Cognos Controller 10.4.2 FP1](<https://www.ibm.com/support/pages/node/6556176> \"IBM Cognos Controller 10.4.2 FP1\" ) \n \n** \nIBM Cognos Controller Cloud**\n\nRemediation for IBM Cognos Controller 10.4.2 Cloud environments has completed and no further action is required.\n\nRemediation for IBM Cognos Controller 10.4.1 Cloud environments will be completed during the next scheduled maintenance weekend. \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-06-03T17:41:47", "type": "ibm", "title": "Security Bulletin: IBM Cognos Controller is affected but not vulnerable to arbitrary code execution and SQL injection due to Apache Log4j v1 vulnerabilities (CVE-2022-23305, CVE-2022-23302, CVE-2021-4104)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305"], "modified": "2022-06-03T17:41:47", "id": "8379030AC78250788BA6A1EC3EE817EC994974E9473C0EECB5D7ACD3FDDA8ED6", "href": "https://www.ibm.com/support/pages/node/6591309", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-24T06:14:33", "description": "## Summary\n\nIBM Security Guardium Insights has addressed the following vulnerabilities.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-17571](<https://vulners.com/cve/CVE-2019-17571>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9488](<https://vulners.com/cve/CVE-2020-9488>) \n** DESCRIPTION: **Apache Log4j is vulnerable to a man-in-the-middle attack, caused by improper certificate validation with host mismatch in the SMTP appender. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180824](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180824>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Security Guardium Insights| 2.0.1 \n \n\n\n## Remediation/Fixes\n\n**Product**\n\n| \n\n**VRMF**\n\n| \n\n**Remediation / First Fix** \n \n---|---|--- \nIBM Security Guardium Insights| 2.0.1| [https://www.ibm.com/software/passportadvantage/?mhsrc=ibmsearch_a&amp;mhq=pasport%20advantage](<https://www.ibm.com/software/passportadvantage/?mhsrc=ibmsearch_a&mhq=pasport%20advantage>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-06T12:30:35", "type": "ibm", "title": "Security Bulletin: IBM Security Guardium Insights is affected by Components with known vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571", "CVE-2020-9488"], "modified": "2021-10-06T12:30:35", "id": "D64BC5FE778E62F52FAF1A558C46AB9C63D2D06A74FDE22CC1A16BB67C6A0E8C", "href": "https://www.ibm.com/support/pages/node/6324741", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-24T05:52:53", "description": "## Summary\n\nlog4j is vulnerable to improper validation of certificate and deserialization of untrusted data. These vulnerabilities are in Apache Zookeeper, Apache Solr and Log Analysis.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-17571](<https://vulners.com/cve/CVE-2019-17571>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9488](<https://vulners.com/cve/CVE-2020-9488>) \n** DESCRIPTION: **Apache Log4j is vulnerable to a man-in-the-middle attack, caused by improper certificate validation with host mismatch in the SMTP appender. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180824](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180824>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nLog Analysis| 1.3.x \n \n## Remediation/Fixes\n\nVersion| Fix details \n---|--- \nIBM Operations Analytics - Log Analysis version 1.3.x| Upgrade to Log Analysis version 1.3.7 Fix Pack 2 \nDownload the [1.3.7-TIV-IOALA-FP2](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Operations%20Analytics&product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Log+Analysis&release=1.3.7&platform=All&function=fixId&fixids=1.3.7-TIV-IOALA-FP2_signed&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"1.3.7-TIV-IOALA-FP2\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-11-17T07:52:33", "type": "ibm", "title": "Security Bulletin: Vulnerabilities from log4j affect IBM Operations Analytics - Log Analysis (CVE-2019-17571, CVE-2020-9488)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571", "CVE-2020-9488"], "modified": "2022-11-17T07:52:33", "id": "2E3576FC9DB523E4FB2CBA935633AE28BB3DCBE18A90FB77A0F3E1112A899144", "href": "https://www.ibm.com/support/pages/node/6606255", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-19T14:34:41", "description": "## Summary\n\nVulnerabilities in Apache Commons and Log4j, such as execution of arbitrary code on the system, man-in-the-middle attack, and information disclosure, could affect the IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments. UPDATED 1/29/2021: Added 7.1 fix for IBM Spectrum Protect for Virtual Environments: Data Protection for VMware UPDATED 5/8/2021: Updated Remediation/Fixes section to correct Platforms for Spectrum Protect Client 8.1 - AIX, Linux, and Windows only.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-17571](<https://vulners.com/cve/CVE-2019-17571>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9488](<https://vulners.com/cve/CVE-2020-9488>) \n** DESCRIPTION: **Apache Log4j is vulnerable to a man-in-the-middle attack, caused by improper certificate validation with host mismatch in the SMTP appender. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180824](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180824>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** Third Party Entry: **177835 \n** DESCRIPTION: **Apache Commons Codec information disclosure \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/177835 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177835>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** Third Party Entry: **177835 \n** DESCRIPTION: **Apache Commons Codec information disclosure \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/177835 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177835>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** Third Party Entry: **177835 \n** DESCRIPTION: **Apache Commons Codec information disclosure \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/177835 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177835>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Spectrum Protect Client| 8.1.0.0-8.1.10.0 \nIBM Spectrum Protect for Virtual Environments: Data Protection for VMware| 8.1.0.0-8.1.10.0 \n7.1.0.0-7.1.8.9 \n \nIBM Spectrum Protect for Virtual Environments: Data Protection for Hyper-V| 8.1.0.0-8.1.10.0 \n \n## Remediation/Fixes\n\n \n\n\n**_IBM Spectrum Protect \nClient Release_**| **_First Fixing \nVRM Level_**| **_Platform_**| **_Link to Fix_** \n---|---|---|--- \n8.1| 8.1.11| AIX \nLinux \nWindows| <https://www.ibm.com/support/pages/node/6367205> \n \n \n\n\n**_IBM Spectrum Protect for Virtual Environments: Data Protection for VMware Release_**| **_First Fixing \nVRM Level_**| **_Platform_**| **_Link to Fix_** \n---|---|---|--- \n8.1| 8.1.11| Linux \nWindows| <https://www.ibm.com/support/pages/node/6152475> \n7.1 \n| 7.1.8.10 \n| Linux \nWindows \n| <https://www.ibm.com/support/pages/node/316625> \n \n \n\n\n**_IBM Spectrum Protect for Virtual Environments: Data Protection for Hyper-V Release_**| **_First Fixing \nVRM Level_**| **_Platform_**| **_Link to Fix_** \n---|---|---|--- \n8.1| 8.1.11| Linux| <https://www.ibm.com/support/pages/node/6152475> \n \n \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-09T07:01:29", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Apache Commons and Log4j affect IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571", "CVE-2020-9488"], "modified": "2021-05-09T07:01:29", "id": "9E6FA1F3A9A1191971251B93D23C36DEAAB0788ADEF80DBC0987592BC5E6D5C3", "href": "https://www.ibm.com/support/pages/node/6371652", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-24T06:04:13", "description": "## Summary\n\nApache Log4j is used by IBM Telco Network Cloud Manager - Performance for logging and is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-44832,CVE-2022-23302 and CVE-2022-23305). The fix includes Apache Log4j v2.17.1. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23305](<https://vulners.com/cve/CVE-2022-23305>) \n** DESCRIPTION: **Apache Log4j is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the JDBCAppender, which could allow the attacker to view, add, modify or delete information in the back-end database. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217461](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217461>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-23302](<https://vulners.com/cve/CVE-2022-23302>) \n** DESCRIPTION: **Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Telco Network Cloud Manager - Performance (TNCP)| TNC-P 1.4 \nIBM Telco Network Cloud Manager - Performance (TNCP)| TNC-P 1.4.1 \nIBM Telco Network Cloud Manager - Performance (TNCP)| TNC-P 1.3 \nIBM Telco Network Cloud Manager - Performance (TNCP)| TNC-P 1.2 \n \n\n\n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerability now. This Security Bulletin is applicable to all IBM Telco Network Cloud Manager - Performance released versions.**\n\nFor IBM Telco Network Cloud Manager - Performance 1.4.1:\n\nPlease download fix from [http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FIBM+Telco+Network+Cloud+Manager+-+Performance&amp;fixids=1.4.1.TIV-TNCP-IF002&amp;source=SAR](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FIBM+Telco+Network+Cloud+Manager+-+Performance&fixids=1.4.1.TIV-TNCP-IF002&source=SAR>)\n\nFor more information about applying the fix, go to IBM Documentation : <https://www.ibm.com/docs/en/tncm-p/1.4.1?topic=configuring-installing>\n\nFor IBM Telco Network Cloud Manager - Performance 1.4 , 1.3 and 1.2: \n\nIf you have one of the listed affected versions, it is strongly recommended that you apply the most recent security update to UI service:\n\nApply the following updated UI service image by navigating into tncp product namespace -&gt; statefulset -&gt; ui\n\n * **If the product is deployed on Openshift env then use following image =&gt; **cp.icr.io/cp/tncp/basecamp-ui:2.4.1.0-166-d77181da@sha256:910ecb867298b343184bcc129c847695c4db3e8196241d52af2ba6c034d012e0\n * **If the product is deployed on Kubernetes environment then use following image :** docker.io/persistentsystems/basecamp-ui:2.4.1.0-166-d77181da@sha256:910ecb867298b343184bcc129c847695c4db3e8196241d52af2ba6c034d012e0\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-06-02T03:33:47", "type": "ibm", "title": "Security Bulletin: IBM Telco Network Cloud Manager - Performance is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-44832,CVE-2022-23302 and CVE-2022-23305)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832", "CVE-2022-23302", "CVE-2022-23305"], "modified": "2022-06-02T03:33:47", "id": "5BB3B8EF53C6357C441C8592F64A284C30E9C1D6F5379087C40684A770A870AA", "href": "https://www.ibm.com/support/pages/node/6591351", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-24T05:53:59", "description": "## Summary\n\nIBM QRadar SIEM is affected by arbitrary code execution due to Apache Log4j CVE-2019-17571, CVE-2021-44832, CVE-2021-4104. Apache Log4j is used by IBM QRadar SIEM as part of its logging infrastructure. The fix includes Apache Log4j 2.17.2\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-17571](<https://vulners.com/cve/CVE-2019-17571>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-4104](<https://vulners.com/cve/CVE-2021-4104>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data when the attacker has write access to the Log4j configuration. If the deployed application is configured to use JMSAppender, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215048](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215048>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM QRadar SIEM| \n\n7.5.0 - 7.5.0 Update Package 3 \n \nIBM QRadar SIEM| \n\n7.4.0 - 7.4.3 Fix Pack 6 \n \nAffected Product(s)| Version(s) \n---|--- \nIBM QRadar SIEM| \n\nAll SNMP Protocol versions before 7.5.0-QRADAR-PROTOCOL-SNMP-7.5-20220928225435 \n \nIBM QRadar SIEM| \n\nAll SNMP Protocol versions before 7.4.0-QRADAR-PROTOCOL-SNMP-7.4-20220928225439 \n \n## Remediation/Fixes\n\nIBM encourages customers to update their systems promptly.\n\nVersion(s)| Fix \n---|--- \n7.5| \n\n[7.5.0 Update Package 3 Interim Fix 02](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=7.5.0&platform=Linux&function=fixId&fixids=7.5.0-QRADAR-QRSIEM-20220930210008INT&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"7.5.0 Update Package 3 Interim Fix 02\" ) \n \n7.4| \n\n[7.4.3 Fix Pack 7](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=7.4.0&platform=Linux&function=fixId&fixids=7.4.3-QRADAR-QRSIEM-20220927164102&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"7.4.3 Fix Pack 7\" ) \n \nNOTE: You must update to 7.5.0 Update Package 3 before updating to 7.5.0 Update Package 3 Interim Fix 02\n\nVersion(s)| Fix \n---|--- \n7.5| \n\n[7.5.0-QRADAR-PROTOCOL-SNMP-7.5-20220928225435](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=7.5.0&platform=Linux&function=fixId&fixids=7.5.0-QRADAR-PROTOCOL-SNMP-7.5-20220928225435.noarch.rpm&includeRequisites=1&includeSupersedes=0&downloadMethod=http&source=dbluesearch&mhsrc=ibmsearch_a&mhq=SNMP> \"7.5.0-QRADAR-PROTOCOL-SNMP-7.5-20220928225435\" ) \n \n7.4| \n\n[7.4.0-QRADAR-PROTOCOL-SNMP-7.4-20220928225439](<https://www.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=7.4.0-QRADAR-PROTOCOL-SNMP-7.4-20220928225439.noarch.rpm&continue=1&source=dbluesearch&mhsrc=ibmsearch_a&mhq=SNMP> \"7.4.0-QRADAR-PROTOCOL-SNMP-7.4-20220928225439\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-11-01T14:32:05", "type": "ibm", "title": "Security Bulletin: Due to use of Apache Log4j, IBM QRadar SIEM is affected by arbitrary code execution (CVE-2019-17571, CVE-2021-44832, CVE-2021-4104)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571", "CVE-2021-4104", "CVE-2021-44832"], "modified": "2022-11-01T14:32:05", "id": "F2C60EF9E96AA9B7F20810A32ABE6C58279506718A61C2BD9D6A6DF787CD9EA7", "href": "https://www.ibm.com/support/pages/node/6832160", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-24T06:13:21", "description": "## Summary\n\nIBM C\u00faram Social Program Management uses the Apache Log4j libraries, for which there is a publicly known vulnerability. For this vulnerability, Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-17571](<https://vulners.com/cve/CVE-2019-17571>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nCuram SPM| 8.0.0 \nCuram SPM| 7.0.11 \n \n\n\n## Remediation/Fixes\n\n_Product_| _VRMF_| _Remediation/First Fix_ \n---|---|--- \nC\u00faram SPM| \n\n8.0.1\n\n| Visit IBM Fix Central and upgrade to [8.0.1](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Smarter%20Cities&product=ibm/Other+software/Curam+Social+Program+Management&release=8.0.1.0&platform=All&function=all> \"8.0.1\" ) or a subsequent 8.0.1 release. \nC\u00faram SPM| \n\n7.0.11\n\n| Visit IBM Fix Central and upgrade to [7.0.11_iFix6](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Smarter%20Cities&product=ibm/Other+software/Curam+Social+Program+Management&release=7.0.11.0_RP&platform=All&function=all> \"7.0.11_iFix6\" ) or a subsequent 7.0.11 release. \n \n## Workarounds and Mitigations\n\nFor information about all other versions, contact IBM C\u00faram Social Program Management customer support.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-29T13:23:28", "type": "ibm", "title": "Security Bulletin: Vulnerability in Apache Log4j may affect C\u00faram Social Program Management (CVE-2019-17571)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571"], "modified": "2021-11-29T13:23:28", "id": "55B26E0461C3762CE34B9A024103EA4D7F7AB0CCFFF0990F7B7E24F913809384", "href": "https://www.ibm.com/support/pages/node/6519984", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-24T06:12:11", "description": "## Summary\n\nThere is a vulnerability in Apache-Log4j that impacts IBM Tivoli Application Dependency Discovery Manager (TADDM).\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2019-17571](<https://vulners.com/cve/CVE-2019-17571>) \n**DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nIBM Tivoli Application Dependency Discovery Manager | 7.3.0.0 - 7.3.0.7 \n \n## Remediation/Fixes\n\n## Remediation/Fixes\n\nFix | VRMF | APAR | How to acquire fix \n---|---|---|--- \nefix_CustomLog4j_FP7200218.zip | \n\n7.3.0.7 \n\n| None | \n\n[Download eFix](<https://www.secure.ecurep.ibm.com/download/?id=6JJhhwQQG9igM6zpDcxZbAWtx14IUxsATzfBRJavYdc> \"Download eFix\" ) \n \n**Note**: \n\n * The above eFix is created to be installed on the 7.3.0.7 FixPack only, without any previously applied eFixes.\n * In case there are existing fixes on 7.3.0.7 (ls -rlt etc/efix*) or if an eFix is required for any other TADDM version, please contact IBM Support and open a case for a custom version of this eFix - include the current eFix level (ls -rlt etc/efix*), TADDM version and a link to this bulletin.\n\n## Workarounds and Mitigations\n\nThe property \"**com.collation.performance.measure**\" can be configured as false or can be removed from the collation.properties file in order to avoid impact of this vulnerability.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-18T08:39:03", "type": "ibm", "title": "Security Bulletin: Apache-Log4j (Publicly disclosed vulnerability)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571"], "modified": "2021-12-18T08:39:03", "id": "D4552FDC70931CD8B4AD1900AAFD91F4395F28D6E61914A873226147AFDAF729", "href": "https://www.ibm.com/support/pages/node/6258207", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-24T06:08:45", "description": "## Summary\n\nApache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. This vulnerability affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center).\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-17571](<https://vulners.com/cve/CVE-2019-17571>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Spectrum Control (formerly Tivoli Storage Productivity Center)| 5.3.0 - 5.3.5 \n \n## Remediation/Fixes\n\nThe solution is to apply an appropriate IBM Spectrum Control fix. Click on the download link and follow the Installation Instructions. The solution should be implemented as soon as practicable.\n\nStarting with 5.2.8, Tivoli Storage Productivity Center has been renamed to IBM Spectrum Control.\n\n** Release**| **First Fixing** \n**VRM Level**| ** Link to Fix** \n---|---|--- \n5.3| 5.3.6| <http://www.ibm.com/support/docview.wss?uid=swg21320822#53_0> \n \n**Note:** It is always recommended to have a current backup before applying any update procedure.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-22T20:10:14", "type": "ibm", "title": "Security Bulletin: Apache Log4j vulnerability affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-17571)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571"], "modified": "2022-02-22T20:10:14", "id": "D677F4DB1390FE714B817B24CE7D654078B51BA146F6C4537E43D85D3A2B0CC2", "href": "https://www.ibm.com/support/pages/node/1488939", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-06T17:57:31", "description": "## Summary\n\nApache Log4j is vulnerable to a man-in-the-middle attack\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-9488](<https://vulners.com/cve/CVE-2020-9488>) \n** DESCRIPTION: **Apache Log4j is vulnerable to a man-in-the-middle attack, caused by improper certificate validation with host mismatch in the SMTP appender. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180824](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180824>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Control Center| 6.2.0.0 \n \n## Remediation/Fixes\n\n**Product**\n\n| \n\n**VRMF**\n\n| \n\n**iFix**\n\n| \n\n**Remediation** \n \n---|---|---|--- \n \nIBM Control Center\n\n| \n\n6.2.0.0\n\n| \n\niFix09\n\n| \n\n[Fix Central - 6.2.0.0](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software&product=ibm/Other+software/Sterling+Control+Center&release=6.2.0.0&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-07-30T05:03:13", "type": "ibm", "title": "Security Bulletin: Apache Log4j Vulnerability Affects IBM Control Center (CVE-2020-9488)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9488"], "modified": "2021-07-30T05:03:13", "id": "3FE63A3F5C5015BF12CBC5431C7DB0BF49847105404A82C433D9F62224F6903F", "href": "https://www.ibm.com/support/pages/node/6469893", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-24T06:09:34", "description": "## Summary\n\nThere is a vulnerability in the Apache Log4j open source library (CVE-2019-17571) used by IBM OpenPages with Watson. This affects the IBM OpenPages logging framework. The remediation fix includes Apache Log4j v2.17.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-17571](<https://vulners.com/cve/CVE-2019-17571>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nIBM OpenPages with Watson versions 8.1 through 8.2.0.3 \n\n \n\n\n## Remediation/Fixes\n\nDownload and install the fix as soon as possible. Fixes and installation instructions are provided at the URLs listed below: \n \n\n\n**Product**| **Remediation** \n---|--- \n \nFor IBM OpenPages with Watson **8.1 **or** 8.1.0.1 **\n\n\\- Upgrade to 8.1.0.2 Fix Pack\n\n\\- Apply 8.1.0.2 Interim Fix 2 (**8.1.0.2.2**) or later\n\n| \n\nIBM strongly recommends upgrading to IBM OpenPages with Watson** 8.2.0.4**\n\n**\\- Apply 8.2.0.4 Interim Fix 2 (8.2.0.4.2) or later** \n \nFor IBM OpenPages with Watson** 8.1.0.2 **\n\n\\- Apply 8.1.0.2 Interim Fix 2 (**8.1.0.2.2**) or later\n\n| \n\nIBM strongly recommends upgrading to IBM OpenPages with Watson** 8.2.0.4**\n\n**\\- Apply 8.2.0.4 Interim Fix 2 (8.2.0.4.2) or later** \n \nFor IBM OpenPages with Watson** 8.2**, **8.2.0.1, 8.2.0.2 **or** 8.2.0.3**\n\n\\- Upgrade to 8.2.0.4 Fix Pack\n\n\\- Apply 8.2.0.4 Interim Fix 2 (**8.2.0.4.2**) or later\n\n| \n\n<https://www.ibm.com/support/pages/openpages-watson-82-fix-pack-4>\n\n<https://www.ibm.com/support/pages/openpages-watson-8204-interim-fix-2> \n \n## Workarounds and Mitigations\n\nIf you are unable to upgrade to the latest version of IBM OpenPages for Watson, IBM recommends applying the below mitigation now. \n\n**Product**| **Mitigation** \n---|--- \n \nFor IBM OpenPages with Watson **8.1 **or** 8.1.0.1 **\n\n\\- Upgrade to 8.1.0.2 Fix Pack\n\n\\- Apply 8.1.0.2 Interim Fix 2 (**8.1.0.2.2**) or later\n\n| \n\n<https://www.ibm.com/support/pages/openpages-watson-81-fix-pack-2>\n\n<https://www.ibm.com/support/pages/openpages-watson-8102-interim-fix-2> \n \nFor IBM OpenPages with Watson** 8.1.0.2 **\n\n\\- Apply 8.1.0.2 Interim Fix 2 (**8.1.0.2.2**) or later\n\n| \n\n<https://www.ibm.com/support/pages/openpages-watson-8102-interim-fix-2> \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-08T22:56:04", "type": "ibm", "title": "Security Bulletin: IBM OpenPages with Watson is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2019-17571)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571"], "modified": "2022-02-08T22:56:04", "id": "0E8555641D8CDA8EC9035ED3EB5F648F408D4DF211176B6798C8D8C65318F3F5", "href": "https://www.ibm.com/support/pages/node/6554706", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:52:26", "description": "## Summary\n\nApache Log4j vulnerability found in Network Performance Insight (CVE-2019-17571). \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-17571](<https://vulners.com/cve/CVE-2019-17571>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Network Performance Insight| 1.3 \nIBM Network Performance Insight| 1.3.1 \n \n\n\n## Remediation/Fixes\n\nFix of this vulnerability can be found here. \n\n1) NPI 1.3.1 \nInterim Fix Name: 1.3.1.0-TIV-NPI-IF0003 \nDirect Interim Fix URL: [http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FNetwork+Performance+Insight&amp;fixids=1.3.1.0-TIV-NPI-IF0003](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FNetwork+Performance+Insight&fixids=1.3.1.0-TIV-NPI-IF0003>)\n\n2) NPI 1.3.0 \nInterim Fix Name: 1.3.0.0-TIV-NPI-IF0007 \nDirect Interim Fix URL: [http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FNetwork+Performance+Insight&amp;fixids=1.3.0.0-TIV-NPI-IF0007&amp;source=SAR](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FNetwork+Performance+Insight&fixids=1.3.0.0-TIV-NPI-IF0007&source=SAR>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-08-04T17:29:45", "type": "ibm", "title": "Security Bulletin: Apache Log4j valunarability found in Network Performance Insight (CVE-2019-17571)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571"], "modified": "2020-08-04T17:29:45", "id": "3155E4C578E235596C383461692E605196F27EF7EBE1510C68AECA994099E83C", "href": "https://www.ibm.com/support/pages/node/6256102", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-25T01:40:23", "description": "## Summary\n\nA socket server related vulnerability has been disclosed in Apache Log4j used by IBM LKS Administration and Reporting Tool (ART) and Agent. A remediation has been put in place. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-17571](<https://vulners.com/cve/CVE-2019-17571>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nART| 8.1.5.6 \nART| 8.1.5.1 \nART| 8.1.5.2 \nART| 8.1.5.3 \nART| 8.1.6 \nART| 8.1.5.4 \nART| 8.1.6.1 \nART| 8.1.5.5 \nART| 8.1.5 \n \n\n\n## Remediation/Fixes\n\nUpgrade to the version 8.1.6.2 for both IBM License Key Server Administration and Reporting Tool (ART) and Agent. Refer to the [Release Notes 8.1.6.3](<https://www.ibm.com/support/pages/node/1108011> \"Release Notes 8.1.6.3\" ) for download and upgrade instructions.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-03-17T16:05:53", "type": "ibm", "title": "Security Bulletin: A Vulnerability in Apache Log4j affects IBM LKS ART & Agent", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571"], "modified": "2020-03-17T16:05:53", "id": "210BE5BCF995033D93AD152A3413E946C87FA9E242CD051D6228488AC0FD790C", "href": "https://www.ibm.com/support/pages/node/6027784", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:44:52", "description": "## Summary\n\nApp Connect for Manufacturing 2.0 is affected by vulnerabilities of the log4j 1.2.17 - Log4j Deserialization Remote Code Execution. which were reported and have been addressed.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-17571](<https://vulners.com/cve/CVE-2019-17571>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nApp Connect for Manufacturing| 2.0.0.5 \n \n\n\n## Remediation/Fixes\n\nProduct| VRMF| Remediation/Fixes \n---|---|--- \nApp Connect for Manufacturing| 2.0.0.5| \n\n \n\n\n[Linux](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FWebSphere%2FIBM+App+Connect+for+Manufacturing&fixids=2.0.0-ACMFG-LINUXX64-FP0005&source=SAR&function=fixId&parent=ibm/WebSphere> \"Linux\" )\n\n \n\n\n[Windows](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FWebSphere%2FIBM+App+Connect+for+Manufacturing&fixids=2.0.0-ACMFG-WINX64-FP0005&source=SAR&function=fixId&parent=ibm/WebSphere> \"Windows\" )\n\n \n\n\n \n\n\n \n \n \n \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-03-24T10:01:58", "type": "ibm", "title": "Security Bulletin: App Connect for Manufacturing 2.0 is affected by vulnerabilities of log4j 1.2.17 - Log4j Deserialization Remote Code Execution (CVE-2019-17571)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571"], "modified": "2021-03-24T10:01:58", "id": "6633AEA14C5B5430B41209886E7739DD57F4002A86E88200DD915838C1355A84", "href": "https://www.ibm.com/support/pages/node/6435567", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T17:47:04", "description": "## Summary\n\nIBM Tivoli Netcool Impact has addressed the following Apache Log4j vulnerability.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-17571](<https://vulners.com/cve/CVE-2019-17571>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Tivoli Netcool Impact 7.1.0| 7.1.0.0~7.1.0.17 \n \n\n\n## Remediation/Fixes\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \nIBM Tivoli Netcool Impact 7.1.0| _7.1.0.18_| _IJ21951_| [IBM Tivoli Netcool Impact 7.1.0 FP18](<https://www.ibm.com/support/pages/node/1288570> \"IBM Tivoli Netcool Impact 7.1.0 FP18\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-03-24T14:22:39", "type": "ibm", "title": "Security Bulletin: IBM Tivoli Netcool Impact is affected by an Apache Log4j vulnerability (CVE-2019-17571)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571"], "modified": "2020-03-24T14:22:39", "id": "087CD3B8800A1EB017C933808D8D5E610496ED972CA8243894CB2435705F3CAF", "href": "https://www.ibm.com/support/pages/node/6116632", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-24T05:46:26", "description": "## Summary\n\nIBM Watson Discovery for IBM Cloud Pak for Data ships with versions of Apache Log4j vulnerable to serialization gadgets.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-17571](<https://vulners.com/cve/CVE-2019-17571>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nICP - Discovery| 2.0.0-2.1.0 \n \n\n\n## Remediation/Fixes\n\nUpgrade to IBM Watson Discovery 2.1.1 \n\n<https://www.ibm.com/support/knowledgecenter/SSQNUZ_2.5.0/cpd/svc/watson/discovery-install.html>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-31T19:51:00", "type": "ibm", "title": "Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache Log4j", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571"], "modified": "2020-01-31T19:51:00", "id": "CBDB352135F35E50D1EDF94C431A5A57B2DE17935CB3F0D6B7B9FF3C9FE7A3B7", "href": "https://www.ibm.com/support/pages/node/1288018", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-07T22:07:32", "description": "## Summary\n\nIBM Enterprise Records may be affected by vulnerability found in Apache Log4j V1.x \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-17571](<https://vulners.com/cve/CVE-2019-17571>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Enterprise Records| 5.2.1 \n \n \n\n\n## Remediation/Fixes\n\n**Product** | **VRM**| **Remediation** \n---|---|--- \nIBM Enterprise Records| 5.2.1| \n\nUse IBM Enterprise Records [5.2.1.6](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Enterprise%20Content%20Management&product=ibm/Information+Management/IBM+Enterprise+Records&release=5.2.1.6&platform=All&function=all> \"5.2.1.6\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-26T03:39:57", "type": "ibm", "title": "Security Bulletin: Vulnerability found in Apache Log4j V1.x may affect IBM Enterprise Records", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571"], "modified": "2021-06-26T03:39:57", "id": "E7FB5735ADA60C1184A568F1F506520CF55F0E3A61B381ABCF4FF3C5090C8998", "href": "https://www.ibm.com/support/pages/node/6466611", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-06T17:55:09", "description": "## Summary\n\nIBM C\u00faram Social Program Management uses the Apache Log4j libraries, for which there is a publicly known vulnerability. For this vulnerability, Apache Log4j is vulnerable to a man-in-the-middle attack, caused by improper certificate validation with host mismatch in the SMTP appender. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-9488](<https://vulners.com/cve/CVE-2020-9488>) \n** DESCRIPTION: **Apache Log4j is vulnerable to a man-in-the-middle attack, caused by improper certificate validation with host mismatch in the SMTP appender. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180824](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180824>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nCuram SPM| 8.0.0 \nCuram SPM| 7.0.11 \n \n\n\n## Remediation/Fixes\n\n_Product_| _VRMF_| _Remediation/First Fix_ \n---|---|--- \nC\u00faram SPM| \n\n8.0.1\n\n| Visit IBM Fix Central and upgrade to [8.0.1](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Smarter%20Cities&product=ibm/Other+software/Curam+Social+Program+Management&release=8.0.1.0&platform=All&function=all> \"8.0.1\" ) or a subsequent 8.0.1 release. \nC\u00faram SPM| \n\n7.0.11\n\n| Visit IBM Fix Central and upgrade to [7.0.11_iFix6](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Smarter%20Cities&product=ibm/Other+software/Curam+Social+Program+Management&release=7.0.11.0_RP&platform=All&function=all> \"7.0.11_iFix6\" ) or a subsequent 7.0.11 release. \n \n## Workarounds and Mitigations\n\nFor information about all other versions, contact IBM C\u00faram Social Program Management customer support.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-11-25T17:45:52", "type": "ibm", "title": "Security Bulletin: Vulnerability in Apache Log4j may affect C\u00faram Social Program Management (CVE-2020-9488)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9488"], "modified": "2021-11-25T17:45:52", "id": "28E0CB5C99EA2D9D29E76348BDEA32969117AF8D0FAE1B64E67CFEE258A643A3", "href": "https://www.ibm.com/support/pages/node/6519488", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-27T21:47:33", "description": "## Summary\n\nA vulnerability was identified and remediated in the IBM MaaS360 Cloud Extender.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-9488](<https://vulners.com/cve/CVE-2020-9488>) \n** DESCRIPTION: **Apache Log4j is vulnerable to a man-in-the-middle attack, caused by improper certificate validation with host mismatch in the SMTP appender. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180824](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180824>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM MaaS360 Cloud Extender| 2.101.x and prior \n \n\n\n## Remediation/Fixes\n\nUpdate the IBM MaaS360 Cloud Extender to version 2.102.000.060 or greater.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-01-13T14:58:39", "type": "ibm", "title": "Security Bulletin: A vulnerability was identified and remediated in the IBM MaaS360 Cloud Extender (CVE-2020-9488)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9488"], "modified": "2021-01-13T14:58:39", "id": "44AB81145F56D1DFCE25BD0377256BF4F249F090106634935902C6B2AB63091D", "href": "https://www.ibm.com/support/pages/node/6403812", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-27T21:48:29", "description": "## Summary\n\nIBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Apache Log4j.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-9488](<https://vulners.com/cve/CVE-2020-9488>) \n** DESCRIPTION: **Apache Log4j is vulnerable to a man-in-the-middle attack, caused by improper certificate validation with host mismatch in the SMTP appender. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180824](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180824>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nICP - Discovery| 2.0.0-2.1.4 \n \n\n\n## Remediation/Fixes\n\nUpgrade to IBM Watson Discovery 2.2.0 \n \n<https://cloud.ibm.com/docs/discovery-data?topic=discovery-data-install> \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-12-09T04:40:10", "type": "ibm", "title": "Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache Log4j", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9488"], "modified": "2020-12-09T04:40:10", "id": "F86E22B7D4364B00DDE20B4FC7BF8FBECA6DFB9BBB025F902E24119D4762DB2F", "href": "https://www.ibm.com/support/pages/node/6364963", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-24T06:07:47", "description": "## Summary\n\nApache Log4j is used by IBM WebSphere eXtreme Scale as part of remote logging functionality (CVE-2022-23307). The fix includes Apache Log4j v2.17.1.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-23307](<https://vulners.com/cve/CVE-2022-23307>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the in Apache Chainsaw component. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM WebSphere Extreme Scale| 8.6.1.0 - 8.6.1.5 \n \n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerability now.**\n\nProduct| Version(s)| \n\nAPAR\n\n| \n\nRemediation/First Fix \n \n---|---|---|--- \nIBM WebSphere eXtreme Scale| 8.6.1.0 - 8.6.1.5| PH44065| \n\nFor older versions, upgrade to latest fixpacks 8.6.1.4 or 8.6.1.5 and then apply the PH44065 iFix. If you are using 8.6.1.4 or 8.6.1.5 directly apply the PH44065 iFix.\n\n[Recommended Fixes page for WebSphere eXtreme Scale](<http://www.ibm.com/support/docview.wss?uid=swg27018991>) \n \n## Workarounds and Mitigations\n\n**IBM recommends addressing the vulnerability by executing the Remediation as detailed above.**\n\nIf executing the **Remediation** is not possible, please review this information and take action to implement the Workaround.\n\n * Remote logging is disabled by default.\n * If remote logging has been enabled, disable it by referring to these pages for [eXtremeScale](<https://www.ibm.com/docs/en/wxs/8.6.1?topic=logging-configuring-remote> \"eXtremeScale\" ) and [XSLD](<https://www.ibm.com/docs/en/wxs/8.6.1?topic=troubleshooting-enabling-remote-logging-in-xsld> \"XSLD\" )\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-22T10:34:13", "type": "ibm", "title": "Security Bulletin: IBM WebSphere eXtreme Scale is vulnerable to arbitrary code execution due to Apache Log4j v1.x (CVE-2022-23307)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23307"], "modified": "2022-03-22T10:34:13", "id": "6A69ACF0EE1811481AE8E3F5E1758736876A6CCE84E1581A12FFCCD1B7CD4F30", "href": "https://www.ibm.com/support/pages/node/6565333", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-24T06:01:59", "description": "## Summary\n\nApache Log4j is used by IBM Cloud Pak for Multicloud Management Monitoring as part of its logging infrastructure. Apache Log4j v1.2 has been removed and replaced by Log4j v2.17.1. Components that use Apache Log4j v1.2 are not exposed outside the cluster and are not configured to use the vulnerable Log4j v1 classes. Furthermore, it will take extraordinary measures by a malicious insider to attempt to reconfigure the components to be vulnerable. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-23302](<https://vulners.com/cve/CVE-2022-23302>) \n** DESCRIPTION: **Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Pak for Multicloud Management Monitoring| 2.0 - 2.3 Fix Pack 4 \n \n\n\n## Remediation/Fixes\n\nTo address the vulnerability, IBM strongly recommends you to upgrade IBM Cloud Pak for Multicloud Management to 2.3 Fix Pack 5. For upgrading instructions, see <https://www.ibm.com/docs/en/cloud-paks/cp-management/2.3.x?topic=installation-upgrade.>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-07-21T12:29:22", "type": "ibm", "title": "Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring is potentially vulnerable to execution of arbitrary code due to its use of Apache Log4j (CVE-2022-23302)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23302"], "modified": "2022-07-21T12:29:22", "id": "119CECCEFDE70646119DD7521398162DB4527F17D79DC46F5852AD60ADE965F6", "href": "https://www.ibm.com/support/pages/node/6606293", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-06-24T06:07:50", "description": "## Summary\n\nApache Log4j used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE (CVE-2022-23302)\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-23302](<https://vulners.com/cve/CVE-2022-23302>) \n** DESCRIPTION: **Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nCPDS| 1.0.0.0- 1.0.7.7 \n \n\n\n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerability now by applying below security patch.**\n\nProduct| VRMF| Remediation / First Fix \n---|---|--- \nIBM Cloud Pak for Data System 1.0| 7.9.22.02.SP10| [Link to fix central](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FIBM+Cloud+Private+for+Data+System&fixids=7.9.22.02.SP10-WS-ICPDS-fp152&source=SAR>) \n \nPlease follow the steps given in **[release notes](<https://www.ibm.com/docs/en/cloud-paks/cloudpak-data-system/1.0?topic=new-security-patch-release-notes> \"release notes\" )** to upgrade system with security patches \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-21T08:27:16", "type": "ibm", "title": "Security Bulletin: Vulnerability in Apache Log4j affects IBM Cloud Pak for Data System 1.0", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23302"], "modified": "2022-03-21T08:27:16", "id": "A74B006308C9A5B8978B427A12282CE7740E5A2E6AE2BE9AA3FC87E2CC5147EF", "href": "https://www.ibm.com/support/pages/node/6565009", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-06-24T06:09:22", "description": "## Summary\n\nA vulnerability in Apache Log4j (CVE-2022-23307) impacts the logging infrastructure in the ATNAAudit node and the XDSConsumer pattern in IBM App Connect for Healthcare. The fix includes Apache Log4j 2.17.1.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-23307](<https://vulners.com/cve/CVE-2022-23307>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the in Apache Chainsaw component. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nIBM App Connect for Healthcare 5.0.0.0 - 5.0.0.1 \nIBM App Connect for Healthcare 6.0.1.0\n\n \n\n\n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerability now by applying the patches listed in this table. **\n\nProduct| VRMF| APAR| Remediation/Fixes \n---|---|---|--- \nIBM App Connect for Healthcare| 5.0.0.0 -5.0.0.1| IT39653| \n\nInterim fix for APAR (IT39653 ) is available from\n\n[5.0.0.1 IBM Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+App+Connect+for+Healthcare&release=5.0.0.1&platform=All&function=aparId&apars=IT39653> \"5.0.0.1 IBM Fix Central\" ) \n \nIBM App Connect for Healthcare| 6.0.1.0| IT39653| \n\nInterim fix for APAR (IT39653 ) is available from\n\n[6.0.1.0 IBM Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+App+Connect+for+Healthcare&release=6.0.1.0&platform=All&function=aparId&apars=IT39653> \"\" ) \n \n## Workarounds and Mitigations\n\nAs detailed above in the **Remediation / Fixes Section.**\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-16T12:04:32", "type": "ibm", "title": "Security Bulletin: IBM App Connect for Healthcare is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2022-23307)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23307"], "modified": "2022-02-16T12:04:32", "id": "D908DDC72AA29C650430DBB0140A05335CA1A6D3BD0D4034C54B4E2D80DB9EB9", "href": "https://www.ibm.com/support/pages/node/6557000", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-24T06:07:13", "description": "## Summary\n\nApache Log4j vulnerability\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-23305](<https://vulners.com/cve/CVE-2022-23305>) \n** DESCRIPTION: **Apache Log4j is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the JDBCAppender, which could allow the attacker to view, add, modify or delete information in the back-end database. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217461](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217461>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Sterling Order Management| 10.0 \nIBM Sterling Order Management| 9.5.x \n \n\n\n## Remediation/Fixes\n\nOrder Management on premise release notes -[ https://www.ibm.com/docs/en/order-management-sw/10.0?topic=software-fixes-by-fix-pack-version](<https://www.ibm.com/docs/en/order-management-sw/10.0?topic=software-fixes-by-fix-pack-version#fp30>)\n\nFix Central Link (**FP details URL)**: \n[https://www.ibm.com/support/fixcentral/swg/selectFixes?fixids=10.0.0.0-Sterling-SSFF-All-fp30-Installer&amp;product=ibm%2FOther%20software%2FSterling%20Selling%20and%20Fulfillment%20Foundation&amp;source=dbluesearch&amp;mhsrc=ibmsearch_a&amp;mhq=10.0.0.0-Sterling-SSFF-All-fp30-Installer%20&amp;function=fixId&amp;parent=ibm/Other%20software](<https://www.ibm.com/support/fixcentral/swg/selectFixes?fixids=10.0.0.0-Sterling-SSFF-All-fp30-Installer&product=ibm%2FOther%20software%2FSterling%20Selling%20and%20Fulfillment%20Foundation&source=dbluesearch&mhsrc=ibmsearch_a&mhq=10.0.0.0-Sterling-SSFF-All-fp30-Installer%20&function=fixId&parent=ibm/Other%20software>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-04-06T19:27:19", "type": "ibm", "title": "Security Bulletin: Apache Log4j vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23305"], "modified": "2022-04-06T19:27:19", "id": "B2BF691AA266FF88FFAD2044089D57580EE40D4E84146B077C5D55063FF15586", "href": "https://www.ibm.com/support/pages/node/6569997", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-24T06:00:17", "description": "## Summary\n\nIBM Sterling Transformation Extender is impacted by Log4j2 security vulnerability, CVE-2021-44228, where an attacker can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44228](<https://vulners.com/cve/CVE-2021-44228>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the failure to protect against attacker controlled LDAP and other JNDI related endpoints by JNDI features. By sending a specially crafted code string, an attacker could exploit this vulnerability to load arbitrary Java code on the server and take complete control of the system. Note: The vulnerability is also called Log4Shell or LogJam. \nCVSS Base score: 10 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/214921](<https://exchange.xforce.ibmcloud.com/vulnerabilities/214921>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Sterling Transformation Extender | 10.0.3.0 \nIBM Sterling Transformation Extender| 10.1.0.0, 10.1.0.1 \nIBM Sterling Transformation Extender| 10.1.1.0 \n \n**NOT Applicable Releases:**\n\nThis security vulnerability is NOT applicable for the following releases of the product and all associated Industry and Enterprise Packs:\n\n * WebSphere Transformation Extender 8.4.1.x (where x = { 0 | 1 | 2 | 3 | 4 | 5 })\n * IBM Transformation Extender 9.0.0.x (where x = { 0 | 1 | 2 | 3 | 4 | 5 })\n * IBM Transformation Extender 10.0.0.0\n\nAlso, not applicable to the following certified container releases:\n\n * IBM Sterling Transformation Extender Certified Containers 10.0.0\n * IBM Sterling Transformation Extender Certified Containers 10.0.1.x (where x = { 0 | 1 | 2 })\n * IBM Sterling Transformation Extender Runtime Server 10.0.3\n\n**NOTE:** Applicable to environments where Design Server and Runtime REST API server are used to design and run maps and flows in the environment. All other design and runtime environments are not affected. In other words, Design Studio, Command Server, Launcher, RMI Server and API environments are not affected by this security vulnerability.\n\n## Remediation/Fixes\n\nAffected Product(s)| Version(s)| Link to Fix \n---|---|--- \nIBM Sterling Transformation Extender| 10.0.3.0| [Link](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FWebSphere%2FWebSphere+Transformation+Extender&fixids=10.0.3.0-ITX-log4j-ALL&source=SAR&function=fixId&parent=ibm/Other%20software> \"Link\" ) \nIBM Sterling Transformation Extender| 10.1.0.0, 10.1.0.1| [Link](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%20software&product=ibm/WebSphere/WebSphere+Transformation+Extender&release=10.1.0.1&platform=All&function=fixId&fixids=10.1.0.x-ITX-log4j-ALL&includeSupersedes=0&source=fc> \"Link\" ) \nIBM Sterling Transformation Extender| 10.1.1.0| [Link](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%20software&product=ibm/WebSphere/WebSphere+Transformation+Extender&release=All&platform=All&function=fixId&fixids=10.1.1.0-ITX-log4j-ALL&includeSupersedes=0&source=fc> \"Link\" ) \n \n**Applicable Platforms:**\n\n * Microsoft Windows\n * IBM AIX\n * Linux (Intel)\n * Linux on System z (zLinux) \n\n## Workarounds and Mitigations\n\nStrongly recommend IBM Transformation Extender administrators apply remediation. Procedure to remediate the vulnerability based on the platforms and applicable versions differ, follow the remediation process provided here as appropriate to your environment.\n\nIBM Sterling Transformation Extender is impacted by Log4j 2.x version security vulnerability, CVE-2021-44228. The other two security vulnerabilities, CVE-2021-45046 and CVE-2021-45105, are not applicable but as a measure of caution, upgraded Log4j to 2.17.0 version. \n\nFor detailed information on the security vulnerabilities, CVE-2021-44228, CVE-2021-45046 and CVE-2021-45105, refer the following links:\n\n<https://vulners.com/cve/CVE-2021-44228> \n<https://vulners.com/cve/CVE-2021-45046> \n<https://vulners.com/cve/CVE-2021-45105>\n\nIBM Sterling Transformation Extender is NOT impacted by Log4j 1.x version security vulnerabilities, CVE-2021-4104 and CVE-2019-17571. As a measure of caution, the vulnerable classes have been removed.\n\nFor detailed information on the security vulnerabilities, CVE-2021-4104 and CVE-2019-17571, refer the following links:\n\n<https://vulners.com/cve/CVE-2021-4104> \n<https://vulners.com/cve/CVE-2019-17571>\n\n**Remediation:** \n \nLog4j version has been upgraded to 2.17.0 for covering Log4j 2.x security vulnerabilities and vulnerable classes, JMSAppender and SocketServer, in the distributed Log4j 1.x version have been removed as a measure of caution for covering Log4j 1.x security vulnerabilities \nin the IBM Sterling Transformation Extender product.\n\nSteps to remediate the vulnerabilities: \n \n\n\n 1. Download the Interim Fix for the version(s) used in your environment from IBM Fix Central\n 2. Extract the Interim Fix zip file in your environment, which includes Readme.txt file with instructions to follow\n 3. Follow the instructions listed in the Readme.txt file \n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-08-25T20:51:42", "type": "ibm", "title": "Security Bulletin: Apache Log4j Vulnerability Affects IBM Sterling Transformation Extender (CVE-2021-44228)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571", "CVE-2021-4104", "CVE-2021-44228", "CVE-2021-45046", "CVE-2021-45105"], "modified": "2022-08-25T20:51:42", "id": "7A1D4AFC62D444E93951F6A46CA35876DD42680BFCB9DD562AE0F80A2C338D67", "href": "https://www.ibm.com/support/pages/node/6526646", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-24T05:54:35", "description": "## Summary\n\nIBM Operations Analytics Predictive Insights is affected by the Apache Log4j vulnerability in the JMSSink in all versions of Log4j 1. x allowing deserialization of untrusted data when the malicious attacker has write access to the Log4j configuration or if the configuration references an LDAP service. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-23302](<https://vulners.com/cve/CVE-2022-23302>) \n** DESCRIPTION: **Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Operations Analytics Predictive Insights| 1.3.3 \nIBM Operations Analytics Predictive Insights| 1.3.5 \nIBM Operations Analytics Predictive Insights| 1.3.6 \n \n\n\n## Remediation/Fixes\n\nApache Log4j 1.2 reached the end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. \n\nTo do that, please use the instructions and full details from the README that\u2019s in the IBM Operations Analytics Predictive Insights iFix6 tarball, and follow with the upgrade to IBM Operations Analytics Predictive Insights iFix6.\n\nIBM Operations Analytics Predictive Insights iFix6 tarball is available [here](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Operations%20Analytics&product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Predictive+Insights&release=All&platform=Linux+64-bit,x86_64&function=all> \"here\" ). \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-18T15:41:15", "type": "ibm", "title": "Security Bulletin: IBM Operations Analytics Predictive Insights impacted by Apache Log4j vulnerabilities (CVE-2022-23302)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23302"], "modified": "2022-10-18T15:41:15", "id": "738000B8445D724BA90A3721AA90AF1E32A31E66429EC83FA370C038A4CDE8ED", "href": "https://www.ibm.com/support/pages/node/6830271", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-06-24T06:09:16", "description": "## Summary\n\nThere is a vulnerability in the Apache Log4j open source library used by IBM Sterling Connect:Direct Web Services. This affects IBM Sterling Connect:Direct Web Services. This vulnerability has been addressed.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-23302](<https://vulners.com/cve/CVE-2022-23302>) \n** DESCRIPTION: **Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nSterling Connect Direct Web Services| 1.0 \nIBM Connect:Direct Web Services| 6.0 \n \n\n\n## Remediation/Fixes\n\n**Product(s)**| **Version(s)**| **Remediation \n** \n---|---|--- \nSterling Connect Direct Web Services| 1.0| Apply 6.0.0.6, available on [Fix Central](<https://www.ibm.com/support/fixcentral/options?selectionBean.selectedTab=find&selection=ibm%2fOther+software%3bibm%2fOther+software%2fIBM+Connect%3aDirect+Web+Services> \"\" ) \nIBM Connect:Direct Web Services| 6.0| Apply 6.0.0.6, available on [Fix Central](<https://www.ibm.com/support/fixcentral/options?selectionBean.selectedTab=find&selection=ibm%2fOther+software%3bibm%2fOther+software%2fIBM+Connect%3aDirect+Web+Services> \"\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-18T05:40:36", "type": "ibm", "title": "Security Bulletin: IBM Sterling Connect:Direct Web Services is vulnerable to remote code execution due to Apache Log4j (CVE-2022-23302)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23302"], "modified": "2022-02-18T05:40:36", "id": "693E0AD85F6E19F2CA7356E03CABE34515DA0B593F3C3F3144F6F403F3141066", "href": "https://www.ibm.com/support/pages/node/6557384", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-06-24T05:58:27", "description": "## Summary\n\nApache Log4j vulnerability\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-23302](<https://vulners.com/cve/CVE-2022-23302>) \n** DESCRIPTION: **Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Sterling Order Management| 10.0 \nIBM Sterling Order Management| 9.5.x \n \n## Remediation/Fixes\n\nOrder Management on premise release notes -[ https://www.ibm.com/docs/en/order-management-sw/10.0?topic=software-fixes-by-fix-pack-version](<https://www.ibm.com/docs/en/order-management-sw/10.0?topic=software-fixes-by-fix-pack-version#fp30>)\n\nFix Central Link (**FP details URL)**: \n[https://www.ibm.com/support/fixcentral/swg/selectFixes?fixids=10.0.0.0-Sterling-SSFF-All-fp30-Installer&amp;product=ibm%2FOther%20software%2FSterling%20Selling%20and%20Fulfillment%20Foundation&amp;source=dbluesearch&amp;mhsrc=ibmsearch_a&amp;mhq=10.0.0.0-Sterling-SSFF-All-fp30-Installer%20&amp;function=fixId&amp;parent=ibm/Other%20software](<https://www.ibm.com/support/fixcentral/swg/selectFixes?fixids=10.0.0.0-Sterling-SSFF-All-fp30-Installer&product=ibm%2FOther%20software%2FSterling%20Selling%20and%20Fulfillment%20Foundation&source=dbluesearch&mhsrc=ibmsearch_a&mhq=10.0.0.0-Sterling-SSFF-All-fp30-Installer%20&function=fixId&parent=ibm/Other%20software>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-14T15:54:39", "type": "ibm", "title": "Security Bulletin: Apache Log4j vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23302"], "modified": "2022-09-14T15:54:39", "id": "178747CFB8042E516CF1AB34F6D530ACE1CD919FFD0DA372792B07A5E23A36DD", "href": "https://www.ibm.com/support/pages/node/6570411", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-06-24T06:06:40", "description": "## Summary\n\nApache Log4j used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE(CVE-2022-23302).\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-23302](<https://vulners.com/cve/CVE-2022-23302>) \n** DESCRIPTION: **Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Integrated Analytics System| 1.0.0-1.0.27.0 \n \n\n\n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerability now by applying below security patch.**\n\nProduct| VRMF| Remediation / First Fix \n---|---|--- \nIBM Integrated Analytics System | 7.9.22.01.SP7| [Link to fix central](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FInformation+Management%2FIBM+Integrated+Analytics+System&fixids=7.9.22.01.SP7-IM-IIAS-fp163&source=SAR>) \n \nPlease follow the steps given in **[release notes](<https://www.ibm.com/docs/en/ias?topic=notes-security-patch-release> \"\" )** to upgrade system with security patches \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-04-21T09:59:10", "type": "ibm", "title": "Security Bulletin: Vulnerability in Apache Log4j affects IBM Integrated Analytics System.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23302"], "modified": "2022-04-21T09:59:10", "id": "4D7D6CE6B9BA698BFB9B758C15E38ED5972AE720478AC2AAD2A202C6748BA969", "href": "https://www.ibm.com/support/pages/node/6573955", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-06-14T17:43:21", "description": "## Summary\n\nApache Log4j is used by IBM Cloud Pak for Data System 1.0 in Logging. This bulletin provides a remediation for the Apache Log4j vulnerability [CVE-2022-23307] in Log4j version 1.2.17-18.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-23307](<https://vulners.com/cve/CVE-2022-23307>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the in Apache Chainsaw component. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nCPDS 1.0| 1.0.0.0- 1.0.7.7 \n \n\n\n## Remediation/Fixes\n\n**IBM has fixed the vulnerability in \"7.9.22.02.SP10\" security patch release. IBM strongly recommends addressing the vulnerability now by upgrading to \"7.9.22.02.SP10\" or the latest security patch provided below:** Product| VRMF| Remediation / Fix and Instructions \n---|---|--- \nIBM Cloud Pak for Data System 1.0| 7.9.23.02.SP20| [Link to fix central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?fixids=7.9.23.02.SP20-WS-ICPDS-fp224&product=ibm%2FWebSphere%2FIBM%20Cloud%20Private%20for%20Data%20System&source=dbluesearch&mhsrc=ibmsearch_a&mhq=SP20%20icpds&function=fixId&parent=ibm/WebSphere> \"Link to fix central\" ) \n \n * Please follow the steps given in [**release notes**](<https://www.ibm.com/docs/en/cloud-paks/cloudpak-data-system/1.0?topic=10x-security-patch-release-notes>) to upgrade the system with security patches\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-04-03T08:00:21", "type": "ibm", "title": "Security Bulletin: IBM Cloud Pak for Data System (CPDS) is vulnerable to arbitrary code execution due to Apache Log4j [CVE-2022-23307]", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23307"], "modified": "2023-04-03T08:00:21", "id": "AA4341CCBA4C26885B09D2F1E2A8320B8F40F9DD2D2B4201F7C7E24199579E80", "href": "https://www.ibm.com/support/pages/node/6970111", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-24T06:09:17", "description": "## Summary\n\nThere is a vulnerability in the Apache Log4j open source library used by IBM Sterling Connect:Direct Web Services. This affects IBM Sterling Connect:Direct Web Services. This vulnerability has been addressed.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-23307](<https://vulners.com/cve/CVE-2022-23307>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the in Apache Chainsaw component. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nSterling Connect Direct Web Services| 1.0 \nIBM Connect:Direct Web Services| 6.0 \n \n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerability now.**\n\n**Product(s)**| **Version(s)**| **Remediation \n** \n---|---|--- \nSterling Connect Direct Web Services| 1.0| Apply 6.0.0.6, available on [Fix Central](<https://www.ibm.com/support/fixcentral/options?selectionBean.selectedTab=find&selection=ibm%2fOther+software%3bibm%2fOther+software%2fIBM+Connect%3aDirect+Web+Services> \"\" ) \nIBM Connect:Direct Web Services| 6.0| Apply 6.0.0.6, available on [Fix Central](<https://www.ibm.com/support/fixcentral/options?selectionBean.selectedTab=find&selection=ibm%2fOther+software%3bibm%2fOther+software%2fIBM+Connect%3aDirect+Web+Services> \"\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-18T05:35:01", "type": "ibm", "title": "Security Bulletin: IBM Sterling Connect:Direct Web Services is vulnerable to remote code execution due to Apache Log4j (CVE-2022-23307)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23307"], "modified": "2022-02-18T05:35:01", "id": "8E830A705E9625551CC04A65CE871921C56AF78FC9C95A3F3F0004441F342FED", "href": "https://www.ibm.com/support/pages/node/6557194", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-24T06:09:17", "description": "## Summary\n\nApache Log4j is used by IBM Sterling Connect:Direct Web Services as part of its logging infrastructure. JDBCAppender in Apache Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The fix includes Apache Log4j 2.17.1.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-23305](<https://vulners.com/cve/CVE-2022-23305>) \n** DESCRIPTION: **Apache Log4j is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the JDBCAppender, which could allow the attacker to view, add, modify or delete information in the back-end database. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217461](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217461>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Sterling Connect:Direct Web Services| 1.0 \nIBM Sterling Connect:Direct Web Services| 6.0 \n \n## Remediation/Fixes\n\n**Product(s)**| **Version(s)**| **Remediation/Fix \n** \n---|---|--- \nIBM Sterling Connect:Direct Web Services| 1.0, 6.0| Apply 6.0.0.6, available on [Fix Central](<https://www.ibm.com/support/fixcentral/options?selectionBean.selectedTab=find&selection=ibm%2fOther+software%3bibm%2fOther+software%2fIBM+Connect%3aDirect+Web+Services> \"\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-18T05:30:10", "type": "ibm", "title": "Security Bulletin: IBM Sterling Connect:Direct Web Services is vulnerable to SQL injection due to Apache Log4j (CVE-2022-23305)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23305"], "modified": "2022-02-18T05:30:10", "id": "C69647146C8A4405C9EC9ED2FB39442FE3398CC6836DB5B0631585B94D9D4079", "href": "https://www.ibm.com/support/pages/node/6557200", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2023-08-16T15:27:36", "description": "Red Hat JBoss Data Virtualization is a lean data integration solution that provides easy, real-time, and unified data access across disparate sources to multiple applications and users. JBoss Data Virtualization makes data spread across physically distinct systems - such as multiple databases, XML files, and even Hadoop systems - appear as a set of tables in a local database.\n\nThis Service Pack release of Red Hat JBoss Data Virtualization 6.4.8.SP1 (Service Pack 1) serves as a replacement for Red Hat JBoss Data Virtualization 6.4.8, and mitigates the impact of the log4j CVE's referenced in this document by removing the affected classes from the patch.\n\nNote: customers should update their EAP 6.4 installation with the corresponding security fixes that have been released for that (see RHSA-2022:0437 and https://access.redhat.com/site/solutions/625683)\n\nSecurity Fix(es):\n\n* log4j: deserialization of untrusted data in SocketServer (CVE-2019-17571)\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n* log4j: improper validation of certificate with host mismatch in SMTP appender (CVE-2020-9488)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-09T13:03:14", "type": "redhat", "title": "(RHSA-2022:0497) Important: Red Hat JBoss Data Virtualization 6.4.8.SP1 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571", "CVE-2020-9488", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-02-09T13:03:27", "id": "RHSA-2022:0497", "href": "https://access.redhat.com/errata/RHSA-2022:0497", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "The ovirt-engine package provides the manager for virtualization environments.\nThis manager enables admins to define hosts and networks, as well as to add\nstorage, create VMs and manage user permissions.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\nBug Fix(es):\n\n* With this release, the ovirt-engine-extension-logger-log4j package has been removed. It is replaced by an internal ovirt-engine implementation. \n\nWhen upgrading from earlier Red Hat Virtualization versions to RHV 4.4.10, the ovirt-engine-extension-logger-log4j package is uninstalled if it is present. If you used the ovirt-engine-extension-logger-log4j in earlier Red Hat Virtualization versions, you must manually remove the ovirt-engine-extension-logger-log4j configuration files and configure the new feature for sending log records to a remote syslog service, as outlined in the Administration Guide.\n\nAfter a successful upgrade to RHV 4.4.10, you can uninstall log4j12 without breaking the Red Hat Virtualization setup by running the following command: `$ dnf remove log4j12`. (BZ#2044277)\n\n* Previously, when preparing a host with FIPS kernel parameters enabled, the boot UUID parameter was blank after reboot. In this release, the UUID is present in the kernel arguments. Enabling FIPS does not change the UUID after reboot. (BZ#2013430)\n\n* Because installing the self-hosted engine with Cockpit is deprecated, the 'Installing Red Hat Virtualization as a self-hosted engine using the Cockpit web interface' link\non the Red Hat Virtualization Administration Portal login page has been replaced with the \"Installing Red Hat Virtualization as a self-hosted engine using the command line\" link. (BZ#1992476)\n\n* In this release, Red Hat Virtualization 4.4.10 requires snmp4j version 3.6.4 or later, which no longer depends on the log4j library. (BZ#2044257)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-08T16:46:22", "type": "redhat", "title": "(RHSA-2022:0475) Low: RHV Manager (ovirt-engine) security update [ovirt-4.4.10-1]", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-02-08T16:47:51", "id": "RHSA-2022:0475", "href": "https://access.redhat.com/errata/RHSA-2022:0475", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.\n \nData Grid 7.3.9 replaces Data Grid 7.3.8 and includes bug fixes and enhancements. Find out more about Data Grid 7.3.8 in the Release Notes [3].\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-03T13:55:10", "type": "redhat", "title": "(RHSA-2022:0430) Important: Red Hat Data Grid 7.3.9 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-02-03T13:56:19", "id": "RHSA-2022:0430", "href": "https://access.redhat.com/errata/RHSA-2022:0430", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 3.1 Service Pack 14 serves as a replacement for Red Hat JBoss Web Server 3.1 Service Pack 13. This release includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* log4j-eap6: log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink [jws-3] (CVE-2022-23302)\n* log4j-eap6: log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender [jws-3] (CVE-2022-23305)\n* log4j-eap6: log4j: Unsafe deserialization flaw in Chainsaw log viewer [jws-3] (CVE-2022-23307)\n* log4j-eap6: log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender [jws-3.1] (CVE-2021-4104)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-14T16:57:56", "type": "redhat", "title": "(RHSA-2022:0524) Low: Red Hat JBoss Web Server 3.1 Service Pack 14 Security Update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-02-14T17:02:02", "id": "RHSA-2022:0524", "href": "https://access.redhat.com/errata/RHSA-2022:0524", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis asynchronous patch is an update for JBoss Enterprise Application Platform 6.4. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to this updated package.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-03T18:34:46", "type": "redhat", "title": "(RHSA-2022:0437) Important: Red Hat JBoss Enterprise Application Platform 6.4 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-02-03T18:35:46", "id": "RHSA-2022:0437", "href": "https://access.redhat.com/errata/RHSA-2022:0437", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "This release of Red Hat Fuse 7.10.1 serves as a replacement for Red Hat Fuse 7.10, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-23T14:02:20", "type": "redhat", "title": "(RHSA-2022:0661) Moderate: Red Hat Fuse 7.10.1 release and security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-02-23T14:03:26", "id": "RHSA-2022:0661", "href": "https://access.redhat.com/errata/RHSA-2022:0661", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-03T18:14:45", "type": "redhat", "title": "(RHSA-2022:0435) Important: Red Hat JBoss Enterprise Application Platform 7.4 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-02-03T18:16:14", "id": "RHSA-2022:0435", "href": "https://access.redhat.com/errata/RHSA-2022:0435", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Red Hat Fuse provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat A-MQ is a standards compliant messaging system that is tailored for use in mission critical applications.\n\nThis patch is an update to Red Hat Fuse 6.3 and Red Hat A-MQ 6.3. It includes bug fixes, which are documented in the patch notes accompanying the package on the download page. See the download link given in the references section below.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-15T18:50:03", "type": "redhat", "title": "(RHSA-2022:0553) Important: Red Hat JBoss Fuse/A-MQ 6.3 R20 security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-02-15T18:50:53", "id": "RHSA-2022:0553", "href": "https://access.redhat.com/errata/RHSA-2022:0553", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Parfait is a Java performance monitoring library that collects metrics and exposes them through a variety of outputs. It provides APIs for extracting performance metrics from the JVM and other sources. It interfaces to Performance Co-Pilot (PCP) using the Memory Mapped Value (MMV) machinery for extremely lightweight instrumentation.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-26T14:34:09", "type": "redhat", "title": "(RHSA-2022:0294) Important: parfait:0.5 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-01-26T14:36:10", "id": "RHSA-2022:0294", "href": "https://access.redhat.com/errata/RHSA-2022:0294", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Parfait is a Java performance monitoring library that collects metrics and exposes them through a variety of outputs. It provides APIs for extracting performance metrics from the JVM and other sources. It interfaces to Performance Co-Pilot (PCP) using the Memory Mapped Value (MMV) machinery for extremely lightweight instrumentation.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-26T14:29:29", "type": "redhat", "title": "(RHSA-2022:0291) Important: parfait:0.5 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-01-26T14:35:27", "id": "RHSA-2022:0291", "href": "https://access.redhat.com/errata/RHSA-2022:0291", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Parfait is a Java performance monitoring library that collects metrics and exposes them through a variety of outputs. It provides APIs for extracting performance metrics from the JVM and other sources. It interfaces to Performance Co-Pilot (PCP) using the Memory Mapped Value (MMV) machinery for extremely lightweight instrumentation.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-26T14:24:33", "type": "redhat", "title": "(RHSA-2022:0289) Important: parfait:0.5 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-01-26T14:32:40", "id": "RHSA-2022:0289", "href": "https://access.redhat.com/errata/RHSA-2022:0289", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat Single Sign-On for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage user accounts for web applications, mobile applications, and RESTful web services.\n\nThis erratum releases a new image for Red Hat Single Sign-On 7.5.1 for use within the OpenShift Container Platform 3.10, OpenShift Container Platform 3.11, and within the OpenShift Container Platform 4.9 cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments, aligning with the standalone product release.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-07T13:42:51", "type": "redhat", "title": "(RHSA-2022:0450) Moderate: Red Hat Single Sign-On 7.5.1 for OpenShift image security and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-02-07T13:43:05", "id": "RHSA-2022:0450", "href": "https://access.redhat.com/errata/RHSA-2022:0450", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis asynchronous patch is an update for JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5, 6, and 7. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to this updated package.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-03T18:34:47", "type": "redhat", "title": "(RHSA-2022:0438) Important: Red Hat JBoss Enterprise Application Platform 6.4 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-02-03T18:38:09", "id": "RHSA-2022:0438", "href": "https://access.redhat.com/errata/RHSA-2022:0438", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.4.10 serves as a replacement for Red Hat Single Sign-On 7.4.9, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-07T13:34:59", "type": "redhat", "title": "(RHSA-2022:0446) Moderate: Red Hat Single Sign-On 7.4.10 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-02-07T13:35:59", "id": "RHSA-2022:0446", "href": "https://access.redhat.com/errata/RHSA-2022:0446", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-03T18:14:46", "type": "redhat", "title": "(RHSA-2022:0436) Important: Red Hat JBoss Enterprise Application Platform 7.4 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-02-03T18:18:29", "id": "RHSA-2022:0436", "href": "https://access.redhat.com/errata/RHSA-2022:0436", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 3.1 Service Pack 14 serves as a replacement for Red Hat JBoss Web Server 3.1 Service Pack 12. This release includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* log4j-eap6: log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink [jws-3] (CVE-2022-23302)\n* log4j-eap6: log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender [jws-3] (CVE-2022-23305)\n* log4j-eap6: log4j: Unsafe deserialization flaw in Chainsaw log viewer [jws-3] (CVE-2022-23307)\n* log4j-eap6: log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender [jws-3.1] (CVE-2021-4104)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-14T17:25:44", "type": "redhat", "title": "(RHSA-2022:0527) Low: Red Hat JBoss Web Server 3.1 Service Pack 14 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-02-14T17:26:59", "id": "RHSA-2022:0527", "href": "https://access.redhat.com/errata/RHSA-2022:0527", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Parfait is a Java performance monitoring library that collects metrics and exposes them through a variety of outputs. It provides APIs for extracting performance metrics from the JVM and other sources. It interfaces to Performance Co-Pilot (PCP) using the Memory Mapped Value (MMV) machinery for extremely lightweight instrumentation.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-26T14:27:19", "type": "redhat", "title": "(RHSA-2022:0290) Important: parfait:0.5 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-01-26T14:32:06", "id": "RHSA-2022:0290", "href": "https://access.redhat.com/errata/RHSA-2022:0290", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Log4j is a tool to help the programmer output log statements to a variety of output targets.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-03T18:49:50", "type": "redhat", "title": "(RHSA-2022:0439) Important: rh-maven36-log4j12 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-02-03T18:54:28", "id": "RHSA-2022:0439", "href": "https://access.redhat.com/errata/RHSA-2022:0439", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Log4j is a tool to help the programmer output log statements to a variety of output targets.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-07T09:41:50", "type": "redhat", "title": "(RHSA-2022:0442) Important: log4j security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-02-07T09:51:49", "id": "RHSA-2022:0442", "href": "https://access.redhat.com/errata/RHSA-2022:0442", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.5.1 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.5.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* undertow: client side invocation timeout raised when calling over HTTP and\nHTTP2 (CVE-2021-3859)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to\nuse JMSSink (CVE-2022-23302)\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use\nJDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to\nuse JMSAppender (CVE-2021-4104)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-07T13:39:31", "type": "redhat", "title": "(RHSA-2022:0448) Important: Red Hat Single Sign-On 7.5.1 security update on RHEL 8", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3859", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-02-07T13:43:46", "id": "RHSA-2022:0448", "href": "https://access.redhat.com/errata/RHSA-2022:0448", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.5.1 serves as a replacement for Red Hat Single Sign-On 7.5.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-07T13:40:06", "type": "redhat", "title": "(RHSA-2022:0449) Moderate: Red Hat Single Sign-On 7.5.1 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2022-1466", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-04-26T17:26:13", "id": "RHSA-2022:0449", "href": "https://access.redhat.com/errata/RHSA-2022:0449", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.5.1 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.5.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* undertow: client side invocation timeout raised when calling over HTTP and HTTP2 (CVE-2021-3859)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to\nuse JMSSink (CVE-2022-23302)\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use\nJDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to\nuse JMSAppender (CVE-2021-4104)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-07T13:39:29", "type": "redhat", "title": "(RHSA-2022:0447) Important: Red Hat Single Sign-On 7.5.1 security update on RHEL 7", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3859", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-02-07T13:43:50", "id": "RHSA-2022:0447", "href": "https://access.redhat.com/errata/RHSA-2022:0447", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-30T12:45:50", "description": "Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.24 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.23 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 6.4.24 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS (CVE-2020-13935)\n\n* jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS (CVE-2020-14384)\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-06-30T17:55:51", "type": "redhat", "title": "(RHSA-2022:5459) Important: Red Hat JBoss Enterprise Application Platform 6.4.24 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13935", "CVE-2020-14384", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-06-30T18:32:11", "id": "RHSA-2022:5459", "href": "https://access.redhat.com/errata/RHSA-2022:5459", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-30T12:45:50", "description": "Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.24 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.23 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 6.4.24 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS (CVE-2020-13935)\n\n* jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS (CVE-2020-14384)\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-06-30T17:56:34", "type": "redhat", "title": "(RHSA-2022:5460) Important: Red Hat JBoss Enterprise Application Platform 6.4.24 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13935", "CVE-2020-14384", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-06-30T18:34:46", "id": "RHSA-2022:5460", "href": "https://access.redhat.com/errata/RHSA-2022:5460", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-30T12:45:50", "description": "Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.24 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.23 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 6.4.24 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS (CVE-2020-13935)\n\n* jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS (CVE-2020-14384)\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-06-30T17:55:13", "type": "redhat", "title": "(RHSA-2022:5458) Important: Red Hat JBoss Enterprise Application Platform 6.4.24 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13935", "CVE-2020-14384", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-06-30T18:11:06", "id": "RHSA-2022:5458", "href": "https://access.redhat.com/errata/RHSA-2022:5458", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-27T10:23:09", "description": "Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. \n\nThis release of Red Hat AMQ Streams 2.0.1 serves as a replacement for Red Hat AMQ Streams 2.0.0, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* kubernetes-client: Insecure deserialization in unmarshalYaml method (CVE-2021-4178)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-08T13:46:22", "type": "redhat", "title": "(RHSA-2022:0469) Important: Red Hat AMQ Streams 2.0.1 release and security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4178", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-02-08T13:47:22", "id": "RHSA-2022:0469", "href": "https://access.redhat.com/errata/RHSA-2022:0469", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-27T10:23:09", "description": "Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. \n\nThis release of Red Hat AMQ Streams 1.6.7 serves as a replacement for Red Hat AMQ Streams 1.6.6, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* kubernetes-client: Insecure deserialization in unmarshalYaml method (CVE-2021-4178)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-08T12:43:39", "type": "redhat", "title": "(RHSA-2022:0467) Important: Red Hat AMQ Streams 1.6.7 release and security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4178", "CVE-2021-44832", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-02-08T12:44:29", "id": "RHSA-2022:0467", "href": "https://access.redhat.com/errata/RHSA-2022:0467", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.3 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-04-11T12:43:56", "type": "redhat", "title": "(RHSA-2022:1296) Low: Red Hat JBoss Enterprise Application Platform 7.4.4 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2021-44228", "CVE-2021-44832", "CVE-2021-45046", "CVE-2021-45105", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-04-11T12:49:52", "id": "RHSA-2022:1296", "href": "https://access.redhat.com/errata/RHSA-2022:1296", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.3 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-04-11T12:57:11", "type": "redhat", "title": "(RHSA-2022:1299) Low: Red Hat JBoss Enterprise Application Platform 7.4.4 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2021-44228", "CVE-2021-44832", "CVE-2021-45046", "CVE-2021-45105", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-04-11T12:57:22", "id": "RHSA-2022:1299", "href": "https://access.redhat.com/errata/RHSA-2022:1299", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.3 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-04-11T12:43:59", "type": "redhat", "title": "(RHSA-2022:1297) Low: Red Hat JBoss Enterprise Application Platform 7.4.4 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4104", "CVE-2021-44228", "CVE-2021-44832", "CVE-2021-45046", "CVE-2021-45105", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-04-11T12:49:51", "id": "RHSA-2022:1297", "href": "https://access.redhat.com/errata/RHSA-2022:1297", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-04T12:27:59", "description": "This release of Red Hat build of Eclipse Vert.x 3.9.1 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section.\n\nSecurity Fix(es):\n\n* log4j: improper validation of certificate with host mismatch in SMTP appender (CVE-2020-9488)\n\nFor more details about the security issues and their impact, the CVSS score, acknowledgements, and other related information, see the CVE pages listed in the References section.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-06-17T12:44:30", "type": "redhat", "title": "(RHSA-2020:2391) Low: Red Hat build of Eclipse Vert.x 3.9.1 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9488"], "modified": "2020-06-17T13:41:03", "id": "RHSA-2020:2391", "href": "https://access.redhat.com/errata/RHSA-2020:2391", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-08-16T15:27:35", "description": "Log4j is a tool to help the programmer output log statements to a variety of output targets.\n\nSecurity Fix(es):\n\n* log4j: deserialization of untrusted data in SocketServer (CVE-2019-17571)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-06-15T10:01:13", "type": "redhat", "title": "(RHSA-2022:5053) Important: log4j security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571"], "modified": "2022-06-15T10:13:18", "id": "RHSA-2022:5053", "href": "https://access.redhat.com/errata/RHSA-2022:5053", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2023-06-14T15:07:10", "description": "## Releases\n\n * Ubuntu 20.04 LTS\n * Ubuntu 18.04 ESM\n * Ubuntu 16.04 ESM\n\n## Packages\n\n * apache-log4j1.2 \\- Java-based open-source logging tool\n\nIt was discovered that the SocketServer component of Apache Log4j 1.2 \nincorrectly handled deserialization. An attacker could possibly use this issue \nto execute arbitrary code. This issue only affected Ubuntu 16.04 ESM. \n(CVE-2019-17571)\n\nIt was discovered that the JMSSink component of Apache Log4j 1.2 incorrectly \nhandled deserialization. An attacker could possibly use this issue to execute \narbitrary code. (CVE-2022-23302)\n\nIt was discovered that Apache Log4j 1.2 incorrectly handled certain SQL \nstatements. A remote attacker could possibly use this issue to perform an SQL \ninjection attack and alter the database. This issue was only fixed in Ubuntu \n18.04 LTS and Ubuntu 20.04 LTS. (CVE-2022-23305)\n\nIt was discovered that the Chainsaw component of Apache Log4j 1.2 incorrectly \nhandled deserialization. An attacker could possibly use this issue to execute \narbitrary code. This issue was only fixed in Ubuntu 18.04 LTS and Ubuntu 20.04 \nLTS. (CVE-2022-23307)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-04-05T00:00:00", "type": "ubuntu", "title": "Apache Log4j vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2023-04-05T00:00:00", "id": "USN-5998-1", "href": "https://ubuntu.com/security/notices/USN-5998-1", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-07-24T23:51:00", "description": "## Releases\n\n * Ubuntu 18.04 ESM\n\n## Packages\n\n * apache-log4j1.2 \\- Java-based open-source logging tool\n\nIt was discovered that Apache Log4j does not properly deserialize \nuntrusted data. An attacker could possibly use this issue to remotely \nexecute arbitrary code. (CVE-2019-17571)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-09-15T00:00:00", "type": "ubuntu", "title": "Apache Log4j vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17571"], "modified": "2020-09-15T00:00:00", "id": "USN-4495-1", "href": "https://ubuntu.com/security/notices/USN-4495-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-05-18T14:39:40", "description": "According to its self-reported version number, the installation of Apache Log4j on the remote host is 1.x and is no longer supported. Log4j reached its end of life prior to 2016. Additionally, Log4j 1.x is affected by multiple vulnerabilities, including :\n\n - Log4j includes a SocketServer that accepts serialized log events and deserializes them without verifying whether the objects are allowed or not. This can provide an attack vector that can be exploited. (CVE-2019-17571)\n\n - Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. (CVE-2020-9488)\n\n - JMSSink uses JNDI in an unprotected manner allowing any application using the JMSSink to be vulnerable if it is configured to reference an untrusted site or if the site referenced can be accesseed by the attacker.\n (CVE-2022-23302)\n\nLack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities.", "cvss3": {}, "published": "2022-01-19T00:00:00", "type": "nessus", "title": "Apache Log4j 1.x Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-17571", "CVE-2020-9488", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307", "CVE-2023-26464"], "modified": "2023-03-13T00:00:00", "cpe": ["cpe:/a:apache:log4j"], "id": "APACHE_LOG4J_1_X_MULTIPLE_VULNERABILITIES.NASL", "href": "https://www.tenable.com/plugins/nessus/156860", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156860);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/13\");\n\n script_cve_id(\n \"CVE-2019-17571\",\n \"CVE-2020-9488\",\n \"CVE-2022-23302\",\n \"CVE-2022-23305\",\n \"CVE-2022-23307\",\n \"CVE-2023-26464\"\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Apache Log4j 1.x Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A logging library running on the remote host has multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the installation of Apache Log4j on the remote host is 1.x and is no\nlonger supported. Log4j reached its end of life prior to 2016. Additionally, Log4j 1.x is affected by multiple\nvulnerabilities, including :\n\n - Log4j includes a SocketServer that accepts serialized log events and deserializes them without verifying whether\n the objects are allowed or not. This can provide an attack vector that can be exploited. (CVE-2019-17571)\n\n - Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS\n connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that\n appender. (CVE-2020-9488)\n\n - JMSSink uses JNDI in an unprotected manner allowing any application using the JMSSink to be vulnerable if it is\n configured to reference an untrusted site or if the site referenced can be accesseed by the attacker.\n (CVE-2022-23302)\n\nLack of support implies that no new security patches for the product will be released by the vendor. As a result, it is\nlikely to contain security vulnerabilities.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://logging.apache.org/log4j/1.2/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to a version of Apache Log4j that is currently supported.\n\nUpgrading to the latest versions for Apache Log4j is highly recommended as intermediate \nversions / patches have known high severity vulnerabilities and the vendor is updating \ntheir advisories often as new research and knowledge about the impact of Log4j is \ndiscovered. Refer to https://logging.apache.org/log4j/2.x/security.html for the latest \nversions.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23307\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-23305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:log4j\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"apache_log4j_win_installed.nbin\", \"apache_log4j_nix_installed.nbin\");\n script_require_keys(\"installed_sw/Apache Log4j\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nvar app = 'Apache Log4j';\nvar win_local = FALSE;\n\nif (get_kb_item('SMB/Registry/Enumerated'))\n win_local = TRUE;\n\nvar app_info = vcf::get_app_info(app:app, win_local:win_local);\n\nvar ver = app_info['version'];\nvar path = app_info['path'];\nvar port = app_info['port'];\n\nif (!port)\n port = 0;\n\n# audit if version >= 2\nif (ver_compare(ver:ver, fix:'2.0', strict:FALSE) >= 0)\n vcf::audit(app_info);\n\nvar report = strcat(\n '\\n Path : ', path,\n '\\n Installed version : ', ver,\n '\\n');\n\nsecurity_report_v4(severity:SECURITY_HOLE, port:port, extra:report);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T18:32:55", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0294 advisory.\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-09-08T00:00:00", "type": "nessus", "title": "RHEL 8 : parfait:0.5 (RHSA-2022:0294)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_e4s:8.1", "p-cpe:/a:redhat:enterprise_linux:parfait", "p-cpe:/a:redhat:enterprise_linux:parfait-examples", "p-cpe:/a:redhat:enterprise_linux:parfait-javadoc", "p-cpe:/a:redhat:enterprise_linux:pcp-parfait-agent", "p-cpe:/a:redhat:enterprise_linux:si-units", "p-cpe:/a:redhat:enterprise_linux:si-units-javadoc", "p-cpe:/a:redhat:enterprise_linux:unit-api", "p-cpe:/a:redhat:enterprise_linux:unit-api-javadoc", "p-cpe:/a:redhat:enterprise_linux:uom-lib", "p-cpe:/a:redhat:enterprise_linux:uom-lib-javadoc", "p-cpe:/a:redhat:enterprise_linux:uom-parent", "p-cpe:/a:redhat:enterprise_linux:uom-se", "p-cpe:/a:redhat:enterprise_linux:uom-se-javadoc", "p-cpe:/a:redhat:enterprise_linux:uom-systems", "p-cpe:/a:redhat:enterprise_linux:uom-systems-javadoc"], "id": "REDHAT-RHSA-2022-0294.NASL", "href": "https://www.tenable.com/plugins/nessus/164861", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0294. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164861);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2021-4104\",\n \"CVE-2022-23302\",\n \"CVE-2022-23305\",\n \"CVE-2022-23307\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0294\");\n\n script_name(english:\"RHEL 8 : parfait:0.5 (RHSA-2022:0294)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0294 advisory.\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender\n (CVE-2021-4104)\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4104\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23302\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23307\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0294\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2031667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041949\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041967\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23307\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-23305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 89, 502);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:parfait\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:parfait-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:parfait-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pcp-parfait-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:si-units\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:si-units-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:unit-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:unit-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-lib-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-parent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-se-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-systems\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-systems-javadoc\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.1')) audit(AUDIT_OS_NOT, 'Red Hat 8.1', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar appstreams = {\n 'parfait:0.5': [\n {\n 'repo_relative_urls': [\n 'content/e4s/rhel8/8.1/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.1/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.1/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.1/ppc64le/sap/os',\n 'content/e4s/rhel8/8.1/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.1/x86_64/appstream/os',\n 'content/e4s/rhel8/8.1/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.1/x86_64/baseos/os',\n 'content/e4s/rhel8/8.1/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap/os',\n 'content/e4s/rhel8/8.1/x86_64/sap/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'parfait-0.5.4-4.module+el8.1.0+14000+df5fdac7', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'parfait-examples-0.5.4-4.module+el8.1.0+14000+df5fdac7', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'parfait-javadoc-0.5.4-4.module+el8.1.0+14000+df5fdac7', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pcp-parfait-agent-0.5.4-4.module+el8.1.0+14000+df5fdac7', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'si-units-0.6.5-2.module+el8+2463+615f6896', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'si-units-javadoc-0.6.5-2.module+el8+2463+615f6896', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'unit-api-1.0-5.module+el8+2463+615f6896', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'unit-api-javadoc-1.0-5.module+el8+2463+615f6896', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-lib-1.0.1-6.module+el8+2463+615f6896', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-lib-javadoc-1.0.1-6.module+el8+2463+615f6896', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-parent-1.0.3-3.module+el8+2463+615f6896', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-se-1.0.4-3.module+el8+2463+615f6896', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-se-javadoc-1.0.4-3.module+el8+2463+615f6896', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-systems-0.7-1.module+el8+2463+615f6896', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-systems-javadoc-0.7-1.module+el8+2463+615f6896', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n ]\n};\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/parfait');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module parfait:0.5');\nif ('0.5' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module parfait:' + module_ver);\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var module_array ( appstreams[module] ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];\n foreach var package_array ( module_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module parfait:0.5');\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Update Services for SAP Solutions repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'parfait / parfait-examples / parfait-javadoc / pcp-parfait-agent / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:41:01", "description": "The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0436 advisory.\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-04T00:00:00", "type": "nessus", "title": "RHEL 7 / 8 : Red Hat JBoss Enterprise Application Platform 7.4 (RHSA-2022:0436)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:8"], "id": "REDHAT-RHSA-2022-0436.NASL", "href": "https://www.tenable.com/plugins/nessus/157376", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0436. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157376);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2021-4104\",\n \"CVE-2022-23302\",\n \"CVE-2022-23305\",\n \"CVE-2022-23307\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0436\");\n script_xref(name:\"IAVA\", value:\"2021-A-0573\");\n\n script_name(english:\"RHEL 7 / 8 : Red Hat JBoss Enterprise Application Platform 7.4 (RHSA-2022:0436)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0436 advisory.\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender\n (CVE-2021-4104)\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4104\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23302\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23307\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0436\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2031667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041949\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041967\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected eap7-log4j-jboss-logmanager package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23307\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-23305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 89, 502);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release_list(operator: 'ge', os_version: os_ver, rhel_versions: ['7','8'])) audit(AUDIT_OS_NOT, 'Red Hat 7.x / 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/x86_64/jbeap/7.4/debug',\n 'content/dist/layered/rhel8/x86_64/jbeap/7.4/os',\n 'content/dist/layered/rhel8/x86_64/jbeap/7.4/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'eap7-log4j-jboss-logmanager-1.2.2-1.Final_redhat_00002.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel/server/7/7Server/x86_64/jbeap/7.4/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/jbeap/7.4/os',\n 'content/dist/rhel/server/7/7Server/x86_64/jbeap/7.4/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'eap7-log4j-jboss-logmanager-1.2.2-1.Final_redhat_00002.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'eap7-log4j-jboss-logmanager');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T18:31:54", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0291 advisory.\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-09-08T00:00:00", "type": "nessus", "title": "RHEL 8 : parfait:0.5 (RHSA-2022:0291)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.2", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/o:redhat:rhel_tus:8.2", "p-cpe:/a:redhat:enterprise_linux:parfait", "p-cpe:/a:redhat:enterprise_linux:parfait-examples", "p-cpe:/a:redhat:enterprise_linux:parfait-javadoc", "p-cpe:/a:redhat:enterprise_linux:pcp-parfait-agent", "p-cpe:/a:redhat:enterprise_linux:si-units", "p-cpe:/a:redhat:enterprise_linux:si-units-javadoc", "p-cpe:/a:redhat:enterprise_linux:unit-api", "p-cpe:/a:redhat:enterprise_linux:unit-api-javadoc", "p-cpe:/a:redhat:enterprise_linux:uom-lib", "p-cpe:/a:redhat:enterprise_linux:uom-lib-javadoc", "p-cpe:/a:redhat:enterprise_linux:uom-parent", "p-cpe:/a:redhat:enterprise_linux:uom-se", "p-cpe:/a:redhat:enterprise_linux:uom-se-javadoc", "p-cpe:/a:redhat:enterprise_linux:uom-systems", "p-cpe:/a:redhat:enterprise_linux:uom-systems-javadoc"], "id": "REDHAT-RHSA-2022-0291.NASL", "href": "https://www.tenable.com/plugins/nessus/164870", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0291. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164870);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2021-4104\",\n \"CVE-2022-23302\",\n \"CVE-2022-23305\",\n \"CVE-2022-23307\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0291\");\n\n script_name(english:\"RHEL 8 : parfait:0.5 (RHSA-2022:0291)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0291 advisory.\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender\n (CVE-2021-4104)\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4104\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23302\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23307\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0291\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2031667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041949\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041967\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23307\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-23305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 89, 502);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:parfait\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:parfait-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:parfait-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pcp-parfait-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:si-units\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:si-units-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:unit-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:unit-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-lib-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-parent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-se-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-systems\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-systems-javadoc\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.2')) audit(AUDIT_OS_NOT, 'Red Hat 8.2', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar appstreams = {\n 'parfait:0.5': [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.2/x86_64/appstream/debug',\n 'content/aus/rhel8/8.2/x86_64/appstream/os',\n 'content/aus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.2/x86_64/baseos/debug',\n 'content/aus/rhel8/8.2/x86_64/baseos/os',\n 'content/aus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.2/x86_64/appstream/os',\n 'content/e4s/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.2/x86_64/baseos/os',\n 'content/e4s/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap/os',\n 'content/e4s/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/appstream/debug',\n 'content/eus/rhel8/8.2/aarch64/appstream/os',\n 'content/eus/rhel8/8.2/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/baseos/debug',\n 'content/eus/rhel8/8.2/aarch64/baseos/os',\n 'content/eus/rhel8/8.2/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.2/aarch64/highavailability/os',\n 'content/eus/rhel8/8.2/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.2/aarch64/supplementary/os',\n 'content/eus/rhel8/8.2/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.2/ppc64le/appstream/os',\n 'content/eus/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.2/ppc64le/baseos/os',\n 'content/eus/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap/os',\n 'content/eus/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/appstream/debug',\n 'content/eus/rhel8/8.2/s390x/appstream/os',\n 'content/eus/rhel8/8.2/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/baseos/debug',\n 'content/eus/rhel8/8.2/s390x/baseos/os',\n 'content/eus/rhel8/8.2/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/highavailability/debug',\n 'content/eus/rhel8/8.2/s390x/highavailability/os',\n 'content/eus/rhel8/8.2/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/sap/debug',\n 'content/eus/rhel8/8.2/s390x/sap/os',\n 'content/eus/rhel8/8.2/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/supplementary/debug',\n 'content/eus/rhel8/8.2/s390x/supplementary/os',\n 'content/eus/rhel8/8.2/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/appstream/debug',\n 'content/eus/rhel8/8.2/x86_64/appstream/os',\n 'content/eus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/baseos/debug',\n 'content/eus/rhel8/8.2/x86_64/baseos/os',\n 'content/eus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.2/x86_64/highavailability/os',\n 'content/eus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap/debug',\n 'content/eus/rhel8/8.2/x86_64/sap/os',\n 'content/eus/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.2/x86_64/supplementary/os',\n 'content/eus/rhel8/8.2/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/appstream/debug',\n 'content/tus/rhel8/8.2/x86_64/appstream/os',\n 'content/tus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/baseos/debug',\n 'content/tus/rhel8/8.2/x86_64/baseos/os',\n 'content/tus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.2/x86_64/highavailability/os',\n 'content/tus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/nfv/debug',\n 'content/tus/rhel8/8.2/x86_64/nfv/os',\n 'content/tus/rhel8/8.2/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/rt/debug',\n 'content/tus/rhel8/8.2/x86_64/rt/os',\n 'content/tus/rhel8/8.2/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'parfait-0.5.4-4.module+el8.2.0+13999+fa2fb353', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'parfait-examples-0.5.4-4.module+el8.2.0+13999+fa2fb353', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'parfait-javadoc-0.5.4-4.module+el8.2.0+13999+fa2fb353', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pcp-parfait-agent-0.5.4-4.module+el8.2.0+13999+fa2fb353', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'si-units-0.6.5-2.module+el8+2463+615f6896', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'si-units-javadoc-0.6.5-2.module+el8+2463+615f6896', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'unit-api-1.0-5.module+el8+2463+615f6896', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'unit-api-javadoc-1.0-5.module+el8+2463+615f6896', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-lib-1.0.1-6.module+el8+2463+615f6896', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-lib-javadoc-1.0.1-6.module+el8+2463+615f6896', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-parent-1.0.3-3.module+el8+2463+615f6896', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-se-1.0.4-3.module+el8+2463+615f6896', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-se-javadoc-1.0.4-3.module+el8+2463+615f6896', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-systems-0.7-1.module+el8+2463+615f6896', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-systems-javadoc-0.7-1.module+el8+2463+615f6896', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n ]\n};\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/parfait');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module parfait:0.5');\nif ('0.5' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module parfait:' + module_ver);\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var module_array ( appstreams[module] ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];\n foreach var package_array ( module_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module parfait:0.5');\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'parfait / parfait-examples / parfait-javadoc / pcp-parfait-agent / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:35:24", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0290 advisory.\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-11T00:00:00", "type": "nessus", "title": "RHEL 8 : parfait:0.5 (RHSA-2022:0290)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:parfait", "p-cpe:/a:redhat:enterprise_linux:parfait-examples", "p-cpe:/a:redhat:enterprise_linux:parfait-javadoc", "p-cpe:/a:redhat:enterprise_linux:pcp-parfait-agent", "p-cpe:/a:redhat:enterprise_linux:si-units", "p-cpe:/a:redhat:enterprise_linux:si-units-javadoc", "p-cpe:/a:redhat:enterprise_linux:unit-api", "p-cpe:/a:redhat:enterprise_linux:unit-api-javadoc", "p-cpe:/a:redhat:enterprise_linux:uom-lib", "p-cpe:/a:redhat:enterprise_linux:uom-lib-javadoc", "p-cpe:/a:redhat:enterprise_linux:uom-parent", "p-cpe:/a:redhat:enterprise_linux:uom-se", "p-cpe:/a:redhat:enterprise_linux:uom-se-javadoc", "p-cpe:/a:redhat:enterprise_linux:uom-systems", "p-cpe:/a:redhat:enterprise_linux:uom-systems-javadoc"], "id": "REDHAT-RHSA-2022-0290.NASL", "href": "https://www.tenable.com/plugins/nessus/157904", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0290. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157904);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2021-4104\",\n \"CVE-2022-23302\",\n \"CVE-2022-23305\",\n \"CVE-2022-23307\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0573\");\n script_xref(name:\"RHSA\", value:\"2022:0290\");\n\n script_name(english:\"RHEL 8 : parfait:0.5 (RHSA-2022:0290)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0290 advisory.\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender\n (CVE-2021-4104)\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4104\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23302\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23307\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0290\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2031667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041949\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041967\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23307\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-23305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 89, 502);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:parfait\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:parfait-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:parfait-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pcp-parfait-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:si-units\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:si-units-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:unit-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:unit-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-lib-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-parent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-se-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-systems\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-systems-javadoc\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar appstreams = {\n 'parfait:0.5': [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'parfait-0.5.4-4.module+el8.5.0+13988+de2b8c0b', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'parfait-examples-0.5.4-4.module+el8.5.0+13988+de2b8c0b', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'parfait-javadoc-0.5.4-4.module+el8.5.0+13988+de2b8c0b', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pcp-parfait-agent-0.5.4-4.module+el8.5.0+13988+de2b8c0b', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'si-units-0.6.5-2.module+el8+2463+615f6896', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'si-units-javadoc-0.6.5-2.module+el8+2463+615f6896', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'unit-api-1.0-5.module+el8+2463+615f6896', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'unit-api-javadoc-1.0-5.module+el8+2463+615f6896', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-lib-1.0.1-6.module+el8+2463+615f6896', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-lib-javadoc-1.0.1-6.module+el8+2463+615f6896', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-parent-1.0.3-3.module+el8+2463+615f6896', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-se-1.0.4-3.module+el8+2463+615f6896', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-se-javadoc-1.0.4-3.module+el8+2463+615f6896', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-systems-0.7-1.module+el8+2463+615f6896', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-systems-javadoc-0.7-1.module+el8+2463+615f6896', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'parfait-0.5.4-4.module+el8.5.0+13988+de2b8c0b', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'parfait-examples-0.5.4-4.module+el8.5.0+13988+de2b8c0b', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'parfait-javadoc-0.5.4-4.module+el8.5.0+13988+de2b8c0b', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pcp-parfait-agent-0.5.4-4.module+el8.5.0+13988+de2b8c0b', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'si-units-0.6.5-2.module+el8+2463+615f6896', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'si-units-javadoc-0.6.5-2.module+el8+2463+615f6896', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'unit-api-1.0-5.module+el8+2463+615f6896', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'unit-api-javadoc-1.0-5.module+el8+2463+615f6896', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-lib-1.0.1-6.module+el8+2463+615f6896', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-lib-javadoc-1.0.1-6.module+el8+2463+615f6896', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-parent-1.0.3-3.module+el8+2463+615f6896', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-se-1.0.4-3.module+el8+2463+615f6896', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-se-javadoc-1.0.4-3.module+el8+2463+615f6896', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-systems-0.7-1.module+el8+2463+615f6896', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-systems-javadoc-0.7-1.module+el8+2463+615f6896', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n ]\n};\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/parfait');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module parfait:0.5');\nif ('0.5' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module parfait:' + module_ver);\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var module_array ( appstreams[module] ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var package_array ( module_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp']) && !enterprise_linux_flag) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module parfait:0.5');\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'parfait / parfait-examples / parfait-javadoc / pcp-parfait-agent / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-21T14:15:32", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0475 advisory.\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-09T00:00:00", "type": "nessus", "title": "RHEL 8 : RHV Manager (ovirt-engine) security update [ovirt-4.4.10-1] (Low) (RHSA-2022:0475)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2023-02-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-backend", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dbscripts", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-health-check-bundler", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-restapi", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-base", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-cinderlib", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-imageio", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine-common", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-vmconsole-proxy-helper", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-websocket-proxy", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools-backup", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-vmconsole-proxy-helper", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-webadmin-portal", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-websocket-proxy", "p-cpe:/a:redhat:enterprise_linux:python3-ovirt-engine-lib", "p-cpe:/a:redhat:enterprise_linux:rhvm", "p-cpe:/a:redhat:enterprise_linux:snmp4j", "p-cpe:/a:redhat:enterprise_linux:snmp4j-javadoc"], "id": "REDHAT-RHSA-2022-0475.NASL", "href": "https://www.tenable.com/plugins/nessus/157854", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0475. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157854);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/02\");\n\n script_cve_id(\n \"CVE-2021-4104\",\n \"CVE-2022-23302\",\n \"CVE-2022-23305\",\n \"CVE-2022-23307\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0475\");\n script_xref(name:\"IAVA\", value:\"2021-A-0573\");\n\n script_name(english:\"RHEL 8 : RHV Manager (ovirt-engine) security update [ovirt-4.4.10-1] (Low) (RHSA-2022:0475)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0475 advisory.\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender\n (CVE-2021-4104)\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4104\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23302\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23307\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0475\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2031667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041949\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041967\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23307\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-23305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 89, 502);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-backend\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dbscripts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-health-check-bundler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-restapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-cinderlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-imageio\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-vmconsole-proxy-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-websocket-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools-backup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-vmconsole-proxy-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-webadmin-portal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-websocket-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-ovirt-engine-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:snmp4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:snmp4j-javadoc\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/x86_64/rhv-manager/4.4/debug',\n 'content/dist/layered/rhel8/x86_64/rhv-manager/4.4/os',\n 'content/dist/layered/rhel8/x86_64/rhv-manager/4.4/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'ovirt-engine-4.4.10.6-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-backend-4.4.10.6-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-dbscripts-4.4.10.6-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-health-check-bundler-4.4.10.6-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-restapi-4.4.10.6-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-4.4.10.6-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-base-4.4.10.6-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-cinderlib-4.4.10.6-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-imageio-4.4.10.6-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-ovirt-engine-4.4.10.6-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-ovirt-engine-common-4.4.10.6-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-vmconsole-proxy-helper-4.4.10.6-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-websocket-proxy-4.4.10.6-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-tools-4.4.10.6-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-tools-backup-4.4.10.6-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-vmconsole-proxy-helper-4.4.10.6-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-webadmin-portal-4.4.10.6-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-websocket-proxy-4.4.10.6-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'python3-ovirt-engine-lib-4.4.10.6-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'rhvm-4.4.10.6-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'snmp4j-3.6.4-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'snmp4j-javadoc-3.6.4-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ovirt-engine / ovirt-engine-backend / ovirt-engine-dbscripts / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:41:43", "description": "The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0438 advisory.\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-04T00:00:00", "type": "nessus", "title": "RHEL 6 / 7 : Red Hat JBoss Enterprise Application Platform 6.4 (RHSA-2022:0438)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:log4j-eap6"], "id": "REDHAT-RHSA-2022-0438.NASL", "href": "https://www.tenable.com/plugins/nessus/157374", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0438. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157374);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2021-4104\",\n \"CVE-2022-23302\",\n \"CVE-2022-23305\",\n \"CVE-2022-23307\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0438\");\n script_xref(name:\"IAVA\", value:\"2021-A-0573\");\n\n script_name(english:\"RHEL 6 / 7 : Red Hat JBoss Enterprise Application Platform 6.4 (RHSA-2022:0438)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0438 advisory.\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender\n (CVE-2021-4104)\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4104\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23302\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23307\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0438\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2031667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041949\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041967\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected log4j-eap6 and / or log4j-jboss-logmanager packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23307\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-23305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 89, 502);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:log4j-eap6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release_list(operator: 'ge', os_version: os_ver, rhel_versions: ['6','7'])) audit(AUDIT_OS_NOT, 'Red Hat 6.x / 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel/power/6/6Server/ppc64/jbeap/6.3/debug',\n 'content/dist/rhel/power/6/6Server/ppc64/jbeap/6.3/os',\n 'content/dist/rhel/power/6/6Server/ppc64/jbeap/6.3/source/SRPMS',\n 'content/dist/rhel/power/6/6Server/ppc64/jbeap/6.4/debug',\n 'content/dist/rhel/power/6/6Server/ppc64/jbeap/6.4/os',\n 'content/dist/rhel/power/6/6Server/ppc64/jbeap/6.4/source/SRPMS',\n 'content/dist/rhel/power/6/6Server/ppc64/jbeap/6/debug',\n 'content/dist/rhel/power/6/6Server/ppc64/jbeap/6/os',\n 'content/dist/rhel/power/6/6Server/ppc64/jbeap/6/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/jbeap/6.3/debug',\n 'content/dist/rhel/server/6/6Server/i386/jbeap/6.3/os',\n 'content/dist/rhel/server/6/6Server/i386/jbeap/6.3/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/jbeap/6.4/debug',\n 'content/dist/rhel/server/6/6Server/i386/jbeap/6.4/os',\n 'content/dist/rhel/server/6/6Server/i386/jbeap/6.4/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/jbeap/6/debug',\n 'content/dist/rhel/server/6/6Server/i386/jbeap/6/os',\n 'content/dist/rhel/server/6/6Server/i386/jbeap/6/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/jbeap/6.3/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/jbeap/6.3/os',\n 'content/dist/rhel/server/6/6Server/x86_64/jbeap/6.3/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/jbeap/6.4/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/jbeap/6.4/os',\n 'content/dist/rhel/server/6/6Server/x86_64/jbeap/6.4/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/jbeap/6/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/jbeap/6/os',\n 'content/dist/rhel/server/6/6Server/x86_64/jbeap/6/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'log4j-eap6-1.2.17-3.redhat_00008.1.ep6.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap6-jboss'},\n {'reference':'log4j-jboss-logmanager-1.1.4-3.Final_redhat_00002.1.ep6.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap6-jboss'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel/power/7/7Server/ppc64/jbeap/6.3/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/jbeap/6.3/os',\n 'content/dist/rhel/power/7/7Server/ppc64/jbeap/6.3/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/jbeap/6.4/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/jbeap/6.4/os',\n 'content/dist/rhel/power/7/7Server/ppc64/jbeap/6.4/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/jbeap/6/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/jbeap/6/os',\n 'content/dist/rhel/power/7/7Server/ppc64/jbeap/6/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/jbeap/6.3/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/jbeap/6.3/os',\n 'content/dist/rhel/server/7/7Server/x86_64/jbeap/6.3/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/jbeap/6.4/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/jbeap/6.4/os',\n 'content/dist/rhel/server/7/7Server/x86_64/jbeap/6.4/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/jbeap/6/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/jbeap/6/os',\n 'content/dist/rhel/server/7/7Server/x86_64/jbeap/6/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'log4j-eap6-1.2.17-3.redhat_00008.1.ep6.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap6-jboss'},\n {'reference':'log4j-jboss-logmanager-1.1.4-3.Final_redhat_00002.1.ep6.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap6-jboss'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'log4j-eap6 / log4j-jboss-logmanager');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T18:32:42", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0289 advisory.\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-09-08T00:00:00", "type": "nessus", "title": "RHEL 8 : parfait:0.5 (RHSA-2022:0289)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_tus:8.4", "p-cpe:/a:redhat:enterprise_linux:parfait", "p-cpe:/a:redhat:enterprise_linux:parfait-examples", "p-cpe:/a:redhat:enterprise_linux:parfait-javadoc", "p-cpe:/a:redhat:enterprise_linux:pcp-parfait-agent", "p-cpe:/a:redhat:enterprise_linux:si-units", "p-cpe:/a:redhat:enterprise_linux:si-units-javadoc", "p-cpe:/a:redhat:enterprise_linux:unit-api", "p-cpe:/a:redhat:enterprise_linux:unit-api-javadoc", "p-cpe:/a:redhat:enterprise_linux:uom-lib", "p-cpe:/a:redhat:enterprise_linux:uom-lib-javadoc", "p-cpe:/a:redhat:enterprise_linux:uom-parent", "p-cpe:/a:redhat:enterprise_linux:uom-se", "p-cpe:/a:redhat:enterprise_linux:uom-se-javadoc", "p-cpe:/a:redhat:enterprise_linux:uom-systems", "p-cpe:/a:redhat:enterprise_linux:uom-systems-javadoc"], "id": "REDHAT-RHSA-2022-0289.NASL", "href": "https://www.tenable.com/plugins/nessus/164872", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0289. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164872);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2021-4104\",\n \"CVE-2022-23302\",\n \"CVE-2022-23305\",\n \"CVE-2022-23307\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0289\");\n\n script_name(english:\"RHEL 8 : parfait:0.5 (RHSA-2022:0289)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0289 advisory.\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender\n (CVE-2021-4104)\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4104\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23302\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23307\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0289\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2031667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041949\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041967\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23307\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-23305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 89, 502);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:parfait\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:parfait-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:parfait-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pcp-parfait-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:si-units\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:si-units-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:unit-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:unit-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-lib-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-parent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-se-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-systems\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:uom-systems-javadoc\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.4')) audit(AUDIT_OS_NOT, 'Red Hat 8.4', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar appstreams = {\n 'parfait:0.5': [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/appstream/debug',\n 'content/e4s/rhel8/8.4/aarch64/appstream/os',\n 'content/e4s/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/baseos/debug',\n 'content/e4s/rhel8/8.4/aarch64/baseos/os',\n 'content/e4s/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/appstream/debug',\n 'content/e4s/rhel8/8.4/s390x/appstream/os',\n 'content/e4s/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/baseos/debug',\n 'content/e4s/rhel8/8.4/s390x/baseos/os',\n 'content/e4s/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/nfv/debug',\n 'content/e4s/rhel8/8.4/x86_64/nfv/os',\n 'content/e4s/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/appstream/debug',\n 'content/eus/rhel8/8.4/aarch64/appstream/os',\n 'content/eus/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/baseos/debug',\n 'content/eus/rhel8/8.4/aarch64/baseos/os',\n 'content/eus/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.4/aarch64/highavailability/os',\n 'content/eus/rhel8/8.4/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.4/aarch64/supplementary/os',\n 'content/eus/rhel8/8.4/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.4/ppc64le/appstream/os',\n 'content/eus/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.4/ppc64le/baseos/os',\n 'content/eus/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap/os',\n 'content/eus/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/appstream/debug',\n 'content/eus/rhel8/8.4/s390x/appstream/os',\n 'content/eus/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/baseos/debug',\n 'content/eus/rhel8/8.4/s390x/baseos/os',\n 'content/eus/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/highavailability/debug',\n 'content/eus/rhel8/8.4/s390x/highavailability/os',\n 'content/eus/rhel8/8.4/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/sap/debug',\n 'content/eus/rhel8/8.4/s390x/sap/os',\n 'content/eus/rhel8/8.4/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/supplementary/debug',\n 'content/eus/rhel8/8.4/s390x/supplementary/os',\n 'content/eus/rhel8/8.4/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'parfait-0.5.4-4.module+el8.4.0+13998+1b70e2b7', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'parfait-examples-0.5.4-4.module+el8.4.0+13998+1b70e2b7', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'parfait-javadoc-0.5.4-4.module+el8.4.0+13998+1b70e2b7', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pcp-parfait-agent-0.5.4-4.module+el8.4.0+13998+1b70e2b7', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'si-units-0.6.5-2.module+el8+2463+615f6896', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'si-units-javadoc-0.6.5-2.module+el8+2463+615f6896', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'unit-api-1.0-5.module+el8+2463+615f6896', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'unit-api-javadoc-1.0-5.module+el8+2463+615f6896', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-lib-1.0.1-6.module+el8+2463+615f6896', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-lib-javadoc-1.0.1-6.module+el8+2463+615f6896', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-parent-1.0.3-3.module+el8+2463+615f6896', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-se-1.0.4-3.module+el8+2463+615f6896', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-se-javadoc-1.0.4-3.module+el8+2463+615f6896', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-systems-0.7-1.module+el8+2463+615f6896', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'uom-systems-javadoc-0.7-1.module+el8+2463+615f6896', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n ]\n};\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/parfait');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module parfait:0.5');\nif ('0.5' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module parfait:' + module_ver);\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var module_array ( appstreams[module] ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];\n foreach var package_array ( module_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module parfait:0.5');\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'parfait / parfait-examples / parfait-javadoc / pcp-parfait-agent / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:46:29", "description": "The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5998-1 advisory.\n\n - JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. (CVE-2022-23302)\n\n - By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. (CVE-2022-23305)\n\n - CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists. (CVE-2022-23307)\n\n - Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.\n (CVE-2019-17571)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-04-06T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : Apache Log4j vulnerabilities (USN-5998-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-17571", "CVE-2020-9493", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2023-04-19T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04:-:esm", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:liblog4j1.2-java"], "id": "UBUNTU_USN-5998-1.NASL", "href": "https://www.tenable.com/plugins/nessus/173949", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5998-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(173949);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/19\");\n\n script_cve_id(\n \"CVE-2019-17571\",\n \"CVE-2022-23302\",\n \"CVE-2022-23305\",\n \"CVE-2022-23307\"\n );\n script_xref(name:\"USN\", value:\"5998-1\");\n\n script_name(english:\"Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : Apache Log4j vulnerabilities (USN-5998-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple\nvulnerabilities as referenced in the USN-5998-1 advisory.\n\n - JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker\n has write access to the Log4j configuration or if the configuration references an LDAP service the\n attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing\n JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to\n CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which\n is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2\n as it addresses numerous other issues from the previous versions. (CVE-2022-23302)\n\n - By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the\n values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be\n included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or\n headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue\n only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized\n SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of\n life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the\n previous versions. (CVE-2022-23305)\n\n - CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw\n V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists. (CVE-2022-23307)\n\n - Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data\n which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when\n listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.\n (CVE-2019-17571)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5998-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected liblog4j1.2-java package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23307\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-23305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/04/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:esm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liblog4j1.2-java\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|20\\.04)$\", string:os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04 / 18.04 / 20.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '16.04', 'pkgname': 'liblog4j1.2-java', 'pkgver': '1.2.17-7ubuntu1+esm1'},\n {'osver': '18.04', 'pkgname': 'liblog4j1.2-java', 'pkgver': '1.2.17-8+deb10u1ubuntu0.2'},\n {'osver': '20.04', 'pkgname': 'liblog4j1.2-java', 'pkgver': '1.2.17-9ubuntu0.2'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'liblog4j1.2-java');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:14:56", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0524 advisory.\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-14T00:00:00", "type": "nessus", "title": "RHEL 7 : Red Hat JBoss Web Server 3.1 Service Pack 14 Security Update (Low) (RHSA-2022:0524)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:log4j-eap6", "p-cpe:/a:redhat:enterprise_linux:tomcat-native", "p-cpe:/a:redhat:enterprise_linux:tomcat7", "p-cpe:/a:redhat:enterprise_linux:tomcat7-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat7-docs-webapp", "p-cpe:/a:redhat:enterprise_linux:tomcat7-el-2.2-api", "p-cpe:/a:redhat:enterprise_linux:tomcat7-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat7-jsp-2.2-api", "p-cpe:/a:redhat:enterprise_linux:tomcat7-jsvc", "p-cpe:/a:redhat:enterprise_linux:tomcat7-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat7-log4j", "p-cpe:/a:redhat:enterprise_linux:tomcat7-selinux", "p-cpe:/a:redhat:enterprise_linux:tomcat7-servlet-3.0-api", "p-cpe:/a:redhat:enterprise_linux:tomcat7-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat8", "p-cpe:/a:redhat:enterprise_linux:tomcat8-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat8-docs-webapp", "p-cpe:/a:redhat:enterprise_linux:tomcat8-el-2.2-api", "p-cpe:/a:redhat:enterprise_linux:tomcat8-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat8-jsp-2.3-api", "p-cpe:/a:redhat:enterprise_linux:tomcat8-jsvc", "p-cpe:/a:redhat:enterprise_linux:tomcat8-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat8-log4j", "p-cpe:/a:redhat:enterprise_linux:tomcat8-selinux", "p-cpe:/a:redhat:enterprise_linux:tomcat8-servlet-3.1-api", "p-cpe:/a:redhat:enterprise_linux:tomcat8-webapps"], "id": "REDHAT-RHSA-2022-0524.NASL", "href": "https://www.tenable.com/plugins/nessus/158057", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0524. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158057);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2021-4104\",\n \"CVE-2022-23302\",\n \"CVE-2022-23305\",\n \"CVE-2022-23307\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0524\");\n script_xref(name:\"IAVA\", value:\"2021-A-0573\");\n\n script_name(english:\"RHEL 7 : Red Hat JBoss Web Server 3.1 Service Pack 14 Security Update (Low) (RHSA-2022:0524)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0524 advisory.\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender\n (CVE-2021-4104)\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4104\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23302\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23307\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0524\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2031667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041949\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041967\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23307\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-23305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 89, 502);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:log4j-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-el-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-jsp-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-jsvc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-servlet-3.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat8-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat8-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat8-el-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat8-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat8-jsp-2.3-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat8-jsvc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat8-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat8-log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat8-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat8-servlet-3.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat8-webapps\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel/server/7/7Server/x86_64/jws/3/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/jws/3/os',\n 'content/dist/rhel/server/7/7Server/x86_64/jws/3/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'log4j-eap6-1.2.17-3.redhat_00008.1.ep6.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat-native-1.2.23-26.redhat_26.ep7.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat7-7.0.70-46.ep7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat7-admin-webapps-7.0.70-46.ep7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat7-docs-webapp-7.0.70-46.ep7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat7-el-2.2-api-7.0.70-46.ep7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat7-javadoc-7.0.70-46.ep7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat7-jsp-2.2-api-7.0.70-46.ep7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat7-jsvc-7.0.70-46.ep7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat7-lib-7.0.70-46.ep7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat7-log4j-7.0.70-46.ep7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat7-selinux-7.0.70-46.ep7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat7-servlet-3.0-api-7.0.70-46.ep7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat7-webapps-7.0.70-46.ep7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat8-8.0.36-49.ep7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat8-admin-webapps-8.0.36-49.ep7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat8-docs-webapp-8.0.36-49.ep7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat8-el-2.2-api-8.0.36-49.ep7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat8-javadoc-8.0.36-49.ep7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat8-jsp-2.3-api-8.0.36-49.ep7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat8-jsvc-8.0.36-49.ep7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat8-lib-8.0.36-49.ep7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat8-log4j-8.0.36-49.ep7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat8-selinux-8.0.36-49.ep7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat8-servlet-3.1-api-8.0.36-49.ep7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'},\n {'reference':'tomcat8-webapps-8.0.36-49.ep7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'jws-3'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'log4j-eap6 / tomcat-native / tomcat7 / tomcat7-admin-webapps / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:41:16", "description": "The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0442 advisory.\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-08T00:00:00", "type": "nessus", "title": "RHEL 6 / 7 : log4j (RHSA-2022:0442)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:rhel_aus:7.3", "cpe:/o:redhat:rhel_aus:7.4", "cpe:/o:redhat:rhel_aus:7.6", "cpe:/o:redhat:rhel_aus:7.7", "cpe:/o:redhat:rhel_e4s:7.6", "cpe:/o:redhat:rhel_e4s:7.7", "cpe:/o:redhat:rhel_els:6", "cpe:/o:redhat:rhel_tus:7.6", "cpe:/o:redhat:rhel_tus:7.7", "p-cpe:/a:redhat:enterprise_linux:log4j", "p-cpe:/a:redhat:enterprise_linux:log4j-javadoc", "p-cpe:/a:redhat:enterprise_linux:log4j-manual"], "id": "REDHAT-RHSA-2022-0442.NASL", "href": "https://www.tenable.com/plugins/nessus/157417", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0442. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157417);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2022-23302\", \"CVE-2022-23305\", \"CVE-2022-23307\");\n script_xref(name:\"RHSA\", value:\"2022:0442\");\n\n script_name(english:\"RHEL 6 / 7 : log4j (RHSA-2022:0442)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0442 advisory.\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23302\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23307\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0442\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041949\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041967\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected log4j, log4j-javadoc and / or log4j-manual packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23307\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-23305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 89, 502);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_els:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:7.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:log4j-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:log4j-manual\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release_list(operator: 'ge', os_version: os_ver, rhel_versions: ['6','7'])) audit(AUDIT_OS_NOT, 'Red Hat 6.x / 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.3/x86_64/debug',\n 'content/aus/rhel/server/7/7.3/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.3/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.3/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.3/x86_64/os',\n 'content/aus/rhel/server/7/7.3/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'log4j-1.2.17-17.el7_3', 'sp':'3', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-javadoc-1.2.17-17.el7_3', 'sp':'3', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-manual-1.2.17-17.el7_3', 'sp':'3', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.4/x86_64/debug',\n 'content/aus/rhel/server/7/7.4/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.4/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.4/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.4/x86_64/os',\n 'content/aus/rhel/server/7/7.4/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'log4j-1.2.17-18.el7_4', 'sp':'4', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-javadoc-1.2.17-18.el7_4', 'sp':'4', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-manual-1.2.17-18.el7_4', 'sp':'4', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.6/x86_64/debug',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.6/x86_64/os',\n 'content/aus/rhel/server/7/7.6/x86_64/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/os',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/os',\n 'content/tus/rhel/server/7/7.6/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'log4j-1.2.17-18.el7_4', 'sp':'6', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-javadoc-1.2.17-18.el7_4', 'sp':'6', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-manual-1.2.17-18.el7_4', 'sp':'6', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.7/x86_64/debug',\n 'content/aus/rhel/server/7/7.7/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.7/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.7/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.7/x86_64/os',\n 'content/aus/rhel/server/7/7.7/x86_64/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/highavailability/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/highavailability/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/optional/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/optional/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/optional/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap-hana/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap-hana/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap-hana/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/source/SRPMS',\n 'content/tus/rhel/server/7/7.7/x86_64/debug',\n 'content/tus/rhel/server/7/7.7/x86_64/highavailability/debug',\n 'content/tus/rhel/server/7/7.7/x86_64/highavailability/os',\n 'content/tus/rhel/server/7/7.7/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel/server/7/7.7/x86_64/optional/debug',\n 'content/tus/rhel/server/7/7.7/x86_64/optional/os',\n 'content/tus/rhel/server/7/7.7/x86_64/optional/source/SRPMS',\n 'content/tus/rhel/server/7/7.7/x86_64/os',\n 'content/tus/rhel/server/7/7.7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'log4j-1.2.17-18.el7_4', 'sp':'7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-javadoc-1.2.17-18.el7_4', 'sp':'7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-manual-1.2.17-18.el7_4', 'sp':'7', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/os',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/7/7Client/x86_64/os',\n 'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/os',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/os',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/7/7Server/x86_64/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/os',\n 'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/os',\n 'content/fastrack/rhel/client/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/os',\n 'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/optional/debug',\n 'content/fastrack/rhel/server/7/x86_64/optional/os',\n 'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/os',\n 'content/fastrack/rhel/system-z/7/s390x/optional/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/os',\n 'content/fastrack/rhel/system-z/7/s390x/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/os',\n 'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'log4j-1.2.17-18.el7_4', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-javadoc-1.2.17-18.el7_4', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-manual-1.2.17-18.el7_4', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel/client/6/6Client/i386/debug',\n 'content/dist/rhel/client/6/6Client/i386/optional/debug',\n 'content/dist/rhel/client/6/6Client/i386/optional/os',\n 'content/dist/rhel/client/6/6Client/i386/optional/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/i386/oracle-java-rm/os',\n 'content/dist/rhel/client/6/6Client/i386/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/i386/os',\n 'content/dist/rhel/client/6/6Client/i386/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/i386/supplementary/debug',\n 'content/dist/rhel/client/6/6Client/i386/supplementary/os',\n 'content/dist/rhel/client/6/6Client/i386/supplementary/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/x86_64/debug',\n 'content/dist/rhel/client/6/6Client/x86_64/optional/debug',\n 'content/dist/rhel/client/6/6Client/x86_64/optional/os',\n 'content/dist/rhel/client/6/6Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/6/6Client/x86_64/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/x86_64/os',\n 'content/dist/rhel/client/6/6Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/6/6Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/6/6Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/hpn/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/hpn/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/hpn/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/scalablefilesystem/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/scalablefilesystem/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/scalablefilesystem/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/debug',\n 'content/dist/rhel/server/6/6Server/i386/highavailability/debug',\n 'content/dist/rhel/server/6/6Server/i386/highavailability/os',\n 'content/dist/rhel/server/6/6Server/i386/highavailability/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/loadbalancer/debug',\n 'content/dist/rhel/server/6/6Server/i386/loadbalancer/os',\n 'content/dist/rhel/server/6/6Server/i386/loadbalancer/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/optional/debug',\n 'content/dist/rhel/server/6/6Server/i386/optional/os',\n 'content/dist/rhel/server/6/6Server/i386/optional/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/oracle-java-rm/os',\n 'content/dist/rhel/server/6/6Server/i386/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/os',\n 'content/dist/rhel/server/6/6Server/i386/resilientstorage/debug',\n 'content/dist/rhel/server/6/6Server/i386/resilientstorage/os',\n 'content/dist/rhel/server/6/6Server/i386/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/supplementary/debug',\n 'content/dist/rhel/server/6/6Server/i386/supplementary/os',\n 'content/dist/rhel/server/6/6Server/i386/supplementary/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/6/6Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/hpn/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/hpn/os',\n 'content/dist/rhel/server/6/6Server/x86_64/hpn/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/loadbalancer/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/loadbalancer/os',\n 'content/dist/rhel/server/6/6Server/x86_64/loadbalancer/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/optional/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/optional/os',\n 'content/dist/rhel/server/6/6Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/6/6Server/x86_64/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/os',\n 'content/dist/rhel/server/6/6Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/6/6Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/6/6Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/sap/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/sap/os',\n 'content/dist/rhel/server/6/6Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/scalablefilesystem/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/scalablefilesystem/os',\n 'content/dist/rhel/server/6/6Server/x86_64/scalablefilesystem/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/6/6Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/system-z/6/6Server/s390x/debug',\n 'content/dist/rhel/system-z/6/6Server/s390x/optional/debug',\n 'content/dist/rhel/system-z/6/6Server/s390x/optional/os',\n 'content/dist/rhel/system-z/6/6Server/s390x/optional/source/SRPMS',\n 'content/dist/rhel/system-z/6/6Server/s390x/os',\n 'content/dist/rhel/system-z/6/6Server/s390x/sap/debug',\n 'content/dist/rhel/system-z/6/6Server/s390x/sap/os',\n 'content/dist/rhel/system-z/6/6Server/s390x/sap/source/SRPMS',\n 'content/dist/rhel/system-z/6/6Server/s390x/source/SRPMS',\n 'content/dist/rhel/system-z/6/6Server/s390x/supplementary/debug',\n 'content/dist/rhel/system-z/6/6Server/s390x/supplementary/os',\n 'content/dist/rhel/system-z/6/6Server/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/i386/debug',\n 'content/dist/rhel/workstation/6/6Workstation/i386/optional/debug',\n 'content/dist/rhel/workstation/6/6Workstation/i386/optional/os',\n 'content/dist/rhel/workstation/6/6Workstation/i386/optional/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/i386/oracle-java-rm/os',\n 'content/dist/rhel/workstation/6/6Workstation/i386/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/i386/os',\n 'content/dist/rhel/workstation/6/6Workstation/i386/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/i386/supplementary/debug',\n 'content/dist/rhel/workstation/6/6Workstation/i386/supplementary/os',\n 'content/dist/rhel/workstation/6/6Workstation/i386/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/scalablefilesystem/debug',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/scalablefilesystem/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/scalablefilesystem/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/supplementary/source/SRPMS',\n 'content/els/rhel/server/6/6Server/i386/debug',\n 'content/els/rhel/server/6/6Server/i386/optional/debug',\n 'content/els/rhel/server/6/6Server/i386/optional/os',\n 'content/els/rhel/server/6/6Server/i386/optional/source/SRPMS',\n 'content/els/rhel/server/6/6Server/i386/os',\n 'content/els/rhel/server/6/6Server/i386/source/SRPMS',\n 'content/els/rhel/server/6/6Server/x86_64/debug',\n 'content/els/rhel/server/6/6Server/x86_64/optional/debug',\n 'content/els/rhel/server/6/6Server/x86_64/optional/os',\n 'content/els/rhel/server/6/6Server/x86_64/optional/source/SRPMS',\n 'content/els/rhel/server/6/6Server/x86_64/os',\n 'content/els/rhel/server/6/6Server/x86_64/sap-hana/debug',\n 'content/els/rhel/server/6/6Server/x86_64/sap-hana/os',\n 'content/els/rhel/server/6/6Server/x86_64/sap-hana/source/SRPMS',\n 'content/els/rhel/server/6/6Server/x86_64/sap/debug',\n 'content/els/rhel/server/6/6Server/x86_64/sap/os',\n 'content/els/rhel/server/6/6Server/x86_64/sap/source/SRPMS',\n 'content/els/rhel/server/6/6Server/x86_64/source/SRPMS',\n 'content/els/rhel/system-z/6/6Server/s390x/debug',\n 'content/els/rhel/system-z/6/6Server/s390x/optional/debug',\n 'content/els/rhel/system-z/6/6Server/s390x/optional/os',\n 'content/els/rhel/system-z/6/6Server/s390x/optional/source/SRPMS',\n 'content/els/rhel/system-z/6/6Server/s390x/os',\n 'content/els/rhel/system-z/6/6Server/s390x/sap/debug',\n 'content/els/rhel/system-z/6/6Server/s390x/sap/os',\n 'content/els/rhel/system-z/6/6Server/s390x/sap/source/SRPMS',\n 'content/els/rhel/system-z/6/6Server/s390x/source/SRPMS',\n 'content/fastrack/rhel/client/6/i386/debug',\n 'content/fastrack/rhel/client/6/i386/optional/debug',\n 'content/fastrack/rhel/client/6/i386/optional/os',\n 'content/fastrack/rhel/client/6/i386/optional/source/SRPMS',\n 'content/fastrack/rhel/client/6/i386/os',\n 'content/fastrack/rhel/client/6/i386/source/SRPMS',\n 'content/fastrack/rhel/client/6/x86_64/debug',\n 'content/fastrack/rhel/client/6/x86_64/optional/debug',\n 'content/fastrack/rhel/client/6/x86_64/optional/os',\n 'content/fastrack/rhel/client/6/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/6/x86_64/os',\n 'content/fastrack/rhel/client/6/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/6/x86_64/debug',\n 'content/fastrack/rhel/computenode/6/x86_64/hpn/debug',\n 'content/fastrack/rhel/computenode/6/x86_64/hpn/os',\n 'content/fastrack/rhel/computenode/6/x86_64/hpn/source/SRPMS',\n 'content/fastrack/rhel/computenode/6/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/6/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/6/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/6/x86_64/os',\n 'content/fastrack/rhel/computenode/6/x86_64/scalablefilesystem/debug',\n 'content/fastrack/rhel/computenode/6/x86_64/scalablefilesystem/os',\n 'content/fastrack/rhel/computenode/6/x86_64/scalablefilesystem/source/SRPMS',\n 'content/fastrack/rhel/computenode/6/x86_64/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/debug',\n 'content/fastrack/rhel/server/6/i386/highavailability/debug',\n 'content/fastrack/rhel/server/6/i386/highavailability/os',\n 'content/fastrack/rhel/server/6/i386/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/loadbalancer/debug',\n 'content/fastrack/rhel/server/6/i386/loadbalancer/os',\n 'content/fastrack/rhel/server/6/i386/loadbalancer/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/optional/debug',\n 'content/fastrack/rhel/server/6/i386/optional/os',\n 'content/fastrack/rhel/server/6/i386/optional/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/os',\n 'content/fastrack/rhel/server/6/i386/resilientstorage/debug',\n 'content/fastrack/rhel/server/6/i386/resilientstorage/os',\n 'content/fastrack/rhel/server/6/i386/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/debug',\n 'content/fastrack/rhel/server/6/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/6/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/6/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/hpn/debug',\n 'content/fastrack/rhel/server/6/x86_64/hpn/os',\n 'content/fastrack/rhel/server/6/x86_64/hpn/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/loadbalancer/debug',\n 'content/fastrack/rhel/server/6/x86_64/loadbalancer/os',\n 'content/fastrack/rhel/server/6/x86_64/loadbalancer/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/optional/debug',\n 'content/fastrack/rhel/server/6/x86_64/optional/os',\n 'content/fastrack/rhel/server/6/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/os',\n 'content/fastrack/rhel/server/6/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/6/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/6/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/scalablefilesystem/debug',\n 'content/fastrack/rhel/server/6/x86_64/scalablefilesystem/os',\n 'content/fastrack/rhel/server/6/x86_64/scalablefilesystem/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/source/SRPMS',\n 'content/fastrack/rhel/system-z/6/s390x/debug',\n 'content/fastrack/rhel/system-z/6/s390x/optional/debug',\n 'content/fastrack/rhel/system-z/6/s390x/optional/os',\n 'content/fastrack/rhel/system-z/6/s390x/optional/source/SRPMS',\n 'content/fastrack/rhel/system-z/6/s390x/os',\n 'content/fastrack/rhel/system-z/6/s390x/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/i386/debug',\n 'content/fastrack/rhel/workstation/6/i386/optional/debug',\n 'content/fastrack/rhel/workstation/6/i386/optional/os',\n 'content/fastrack/rhel/workstation/6/i386/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/i386/os',\n 'content/fastrack/rhel/workstation/6/i386/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/x86_64/debug',\n 'content/fastrack/rhel/workstation/6/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/6/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/6/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/x86_64/os',\n 'content/fastrack/rhel/workstation/6/x86_64/scalablefilesystem/debug',\n 'content/fastrack/rhel/workstation/6/x86_64/scalablefilesystem/os',\n 'content/fastrack/rhel/workstation/6/x86_64/scalablefilesystem/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'log4j-1.2.14-6.6.el6_10', 'cpu':'i686', 'release':'6', 'el_string':'el6_10', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-1.2.14-6.6.el6_10', 'cpu':'s390x', 'release':'6', 'el_string':'el6_10', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-1.2.14-6.6.el6_10', 'cpu':'x86_64', 'release':'6', 'el_string':'el6_10', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-javadoc-1.2.14-6.6.el6_10', 'cpu':'i686', 'release':'6', 'el_string':'el6_10', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-javadoc-1.2.14-6.6.el6_10', 'cpu':'s390x', 'release':'6', 'el_string':'el6_10', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-javadoc-1.2.14-6.6.el6_10', 'cpu':'x86_64', 'release':'6', 'el_string':'el6_10', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-manual-1.2.14-6.6.el6_10', 'cpu':'i686', 'release':'6', 'el_string':'el6_10', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-manual-1.2.14-6.6.el6_10', 'cpu':'s390x', 'release':'6', 'el_string':'el6_10', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-manual-1.2.14-6.6.el6_10', 'cpu':'x86_64', 'release':'6', 'el_string':'el6_10', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'log4j / log4j-javadoc / log4j-manual');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:36:20", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0439 advisory.\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-04T00:00:00", "type": "nessus", "title": "RHEL 7 : rh-maven36-log4j12 (RHSA-2022:0439)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:rh-maven36-log4j12", "p-cpe:/a:redhat:enterprise_linux:rh-maven36-log4j12-javadoc"], "id": "REDHAT-RHSA-2022-0439.NASL", "href": "https://www.tenable.com/plugins/nessus/157375", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0439. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157375);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2022-23302\", \"CVE-2022-23305\", \"CVE-2022-23307\");\n script_xref(name:\"RHSA\", value:\"2022:0439\");\n\n script_name(english:\"RHEL 7 : rh-maven36-log4j12 (RHSA-2022:0439)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0439 advisory.\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23302\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23307\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0439\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041949\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041967\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected rh-maven36-log4j12 and / or rh-maven36-log4j12-javadoc packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23307\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-23305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(89, 502);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-maven36-log4j12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-maven36-log4j12-javadoc\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/rhscl/1/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/os',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'rh-maven36-log4j12-1.2.17-23.4.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-maven36-log4j12-javadoc-1.2.17-23.4.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'rh-maven36-log4j12 / rh-maven36-log4j12-javadoc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:48:56", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0448 advisory.\n\n - undertow: client side invocation timeout raised when calling over HTTP2 (CVE-2021-3859)\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-08T00:00:00", "type": "nessus", "title": "RHEL 8 : Red Hat Single Sign-On 7.5.1 security update on RHEL 8 (Important) (RHSA-2022:0448)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3859", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2023-02-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak", "p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak-server"], "id": "REDHAT-RHSA-2022-0448.NASL", "href": "https://www.tenable.com/plugins/nessus/157455", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0448. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157455);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/02\");\n\n script_cve_id(\n \"CVE-2021-3859\",\n \"CVE-2021-4104\",\n \"CVE-2022-23302\",\n \"CVE-2022-23305\",\n \"CVE-2022-23307\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0448\");\n script_xref(name:\"IAVA\", value:\"2021-A-0573\");\n\n script_name(english:\"RHEL 8 : Red Hat Single Sign-On 7.5.1 security update on RHEL 8 (Important) (RHSA-2022:0448)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0448 advisory.\n\n - undertow: client side invocation timeout raised when calling over HTTP2 (CVE-2021-3859)\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender\n (CVE-2021-4104)\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3859\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4104\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23302\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23307\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0448\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2010378\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2031667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041949\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041967\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected rh-sso7-keycloak and / or rh-sso7-keycloak-server packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23307\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-23305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 89, 214, 502);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak-server\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/x86_64/rh-sso/7.3/debug',\n 'content/dist/layered/rhel8/x86_64/rh-sso/7.3/os',\n 'content/dist/layered/rhel8/x86_64/rh-sso/7.3/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/rh-sso/7.4/debug',\n 'content/dist/layered/rhel8/x86_64/rh-sso/7.4/os',\n 'content/dist/layered/rhel8/x86_64/rh-sso/7.4/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/rh-sso/7.5/debug',\n 'content/dist/layered/rhel8/x86_64/rh-sso/7.5/os',\n 'content/dist/layered/rhel8/x86_64/rh-sso/7.5/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/rh-sso/7.6/debug',\n 'content/dist/layered/rhel8/x86_64/rh-sso/7.6/os',\n 'content/dist/layered/rhel8/x86_64/rh-sso/7.6/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'rh-sso7-keycloak-15.0.4-1.redhat_00003.1.el8sso', 'release':'8', 'el_string':'el8sso', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-sso'},\n {'reference':'rh-sso7-keycloak-server-15.0.4-1.redhat_00003.1.el8sso', 'release':'8', 'el_string':'el8sso', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-sso'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'rh-sso7-keycloak / rh-sso7-keycloak-server');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T14:47:49", "description": "The remote SUSE Linux SLED15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0226-1 advisory.\n\n - JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. (CVE-2022-23302)\n\n - By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. (CVE-2022-23305)\n\n - CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists. (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-29T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : log4j12 (SUSE-SU-2022:0226-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-9493", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:log4j12", "p-cpe:/a:novell:suse_linux:log4j12-javadoc", "p-cpe:/a:novell:suse_linux:log4j12-manual", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-0226-1.NASL", "href": "https://www.tenable.com/plugins/nessus/157233", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0226-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157233);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\"CVE-2022-23302\", \"CVE-2022-23305\", \"CVE-2022-23307\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0226-1\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : log4j12 (SUSE-SU-2022:0226-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the SUSE-SU-2022:0226-1 advisory.\n\n - JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker\n has write access to the Log4j configuration or if the configuration references an LDAP service the\n attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing\n JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to\n CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which\n is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2\n as it addresses numerous other issues from the previous versions. (CVE-2022-23302)\n\n - By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the\n values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be\n included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or\n headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue\n only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized\n SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of\n life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the\n previous versions. (CVE-2022-23305)\n\n - CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw\n V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists. (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193184\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194842\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194843\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-23302\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-23305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-23307\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-January/010135.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?81f99df9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected log4j12, log4j12-javadoc and / or log4j12-manual packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23307\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-23305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:log4j12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:log4j12-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:log4j12-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED15 SP3/4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2|3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP2/3/4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(2)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP2\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'log4j12-1.2.17-4.9.1', 'sp':'2', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'log4j12-javadoc-1.2.17-4.9.1', 'sp':'2', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'log4j12-manual-1.2.17-4.9.1', 'sp':'2', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'log4j12-1.2.17-4.9.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'SLE_RT-release-15.2', 'sles-release-15.2']},\n {'reference':'log4j12-javadoc-1.2.17-4.9.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'SLE_RT-release-15.2', 'sles-release-15.2']},\n {'reference':'log4j12-manual-1.2.17-4.9.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'SLE_RT-release-15.2', 'sles-release-15.2']},\n {'reference':'log4j12-1.2.17-4.9.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2', 'sles-ltss-release-15.2']},\n {'reference':'log4j12-javadoc-1.2.17-4.9.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2', 'sles-ltss-release-15.2']},\n {'reference':'log4j12-manual-1.2.17-4.9.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2', 'sles-ltss-release-15.2']},\n {'reference':'log4j12-1.2.17-4.9.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'log4j12-1.2.17-4.9.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'log4j12-1.2.17-4.9.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.4']},\n {'reference':'log4j12-1.2.17-4.9.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.4']},\n {'reference':'log4j12-javadoc-1.2.17-4.9.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-development-tools-release-15.3']},\n {'reference':'log4j12-javadoc-1.2.17-4.9.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-development-tools-release-15.3']},\n {'reference':'log4j12-manual-1.2.17-4.9.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-development-tools-release-15.3']},\n {'reference':'log4j12-manual-1.2.17-4.9.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-development-tools-release-15.3']},\n {'reference':'log4j12-javadoc-1.2.17-4.9.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-development-tools-release-15.4']},\n {'reference':'log4j12-javadoc-1.2.17-4.9.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-development-tools-release-15.4']},\n {'reference':'log4j12-manual-1.2.17-4.9.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-development-tools-release-15.4']},\n {'reference':'log4j12-manual-1.2.17-4.9.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-development-tools-release-15.4']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'log4j12 / log4j12-javadoc / log4j12-manual');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-08T16:41:11", "description": "The version of Atlassian Jira installed on the remote host is prior to 8.13.x < 8.13.21 / 8.20.x < 8.20.9 / 8.22.x < 8.22.3 / 9.0.0. It is, therefore, affected by a vulnerability as referenced in the JRASERVER-73885 advisory.\n\n - The version of {{log4j}} used by Jira has been updated from version *1.2.7-atlassian-3* to\n *1.2.7-atlassian-16* to address the following vulnerabilities:\n [CVE-2021-4104|https://vulners.com/cve/CVE-2021-4104] JMSAppender is vulnerable to a deserialization flaw. A local attacker with privileges to update the Jira configuration can exploit this to execute arbitrary code. Jira is not configured to use JMSAppender, nor does Atlassian provide any documentation on using JMSAppender with Jira. Atlassian has [remediated this vulnerability by preventing external JNDI lookups|https://bitbucket.org/atlassian/log4j1/pull-requests/9] in the Atlassian version of {{{}log4j{}}}. [CVE-2020-9493|https://vulners.com/cve/CVE-2020-9493] and [CVE-2022-23307|https://vulners.com/cve/CVE-2022-23307] Apache Chainsaw is bundled with {{log4j}} 1.2.x, and is vulnerable to a deserialization flaw. A remote, unauthenticated attacker could exploit this to execute arbitrary code. Please note that Chainsaw is a log viewer that is designed to be executed manually. It is not required by Jira, nor is it executed by default, nor does Atlassian provide any documentation on using Chainsaw with Jira. Atlassian has [remediated this vulnerability by removing Chainsaw|https://bitbucket.org/atlassian/log4j1/commits/3a06f7e94efa98331a875532212a3005fd9766d0] from the Atlassian version of {{{}log4j{}}}. [CVE-2022-23302|https://vulners.com/cve/CVE-2022-23302] JMSSink is vulnerable to a deserialization flaw. A local attacker with privileges to update the Jira configuration can exploit this to execute arbitrary code. Jira is not configured to use JMSSink by default, nor does Atlassian provide any documentation on using JMSSink with Jira. Atlassian has [remediated this vulnerability by removing JMSSink|https://bitbucket.org/atlassian/log4j1/commits/48b34334e5278dfd52b361b1ec6943ca4c3b997e] from the Atlassian version of {{{}log4j{}}}. [CVE-2022-23305|https://vulners.com/cve/CVE-2022-23305] JDBCAppender is vulnerable to a SQL injection flaw when configured to use the message converter ({{{}%m{}}}). A remote, unauthenticated attacker can exploit this to execute arbitrary SQL queries. Jira is not configured to use JDBCAppender by default, nor does Atlassian provide any documentation on using JDBCAppender with Jira. Atlassian has [remediated this vulnerability by removing JDBCAppender|https://bitbucket.org/atlassian/log4j1/commits/b933fe460d64ccfc027b4efee74a5ce1875fe3be] from the Atlassian version of {{{}log4j{}}}. Affected versions of Jira: * Versions < 8.13.21 * All versions 8.14.x through 8.19.x * Versions 8.21.x * Versions 8.22.x < 8.22.3 Fixed versions of Jira: * Versions 8.13.x >= 8.13.21 * Versions 8.20.x >= 8.20.9 * Versions 8.22.x >= 8.22.3 * Versions >= 9.0.0 (atlassian- JRASERVER-73885)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-06-18T00:00:00", "type": "nessus", "title": "Atlassian Jira 8.13.x < 8.13.21 / 8.20.x < 8.20.9 / 8.22.x < 8.22.3 / 9.0.0 SQLI (JRASERVER-73885)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-9493", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-06-19T00:00:00", "cpe": ["cpe:/a:atlassian:jira"], "id": "JIRA_9_0_0_JRASERVER-73885.NASL", "href": "https://www.tenable.com/plugins/nessus/162398", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162398);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/19\");\n\n script_cve_id(\"CVE-2020-9493\");\n\n script_name(english:\"Atlassian Jira 8.13.x < 8.13.21 / 8.20.x < 8.20.9 / 8.22.x < 8.22.3 / 9.0.0 SQLI (JRASERVER-73885)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Atlassian Jira host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Atlassian Jira installed on the remote host is prior to 8.13.x < 8.13.21 / 8.20.x < 8.20.9 / 8.22.x <\n8.22.3 / 9.0.0. It is, therefore, affected by a vulnerability as referenced in the JRASERVER-73885 advisory.\n\n - The version of {{log4j}} used by Jira has been updated from version *1.2.7-atlassian-3* to\n *1.2.7-atlassian-16* to address the following vulnerabilities:\n [CVE-2021-4104|https://www.cve.org/CVERecord?id=CVE-2021-4104] JMSAppender is vulnerable to a\n deserialization flaw. A local attacker with privileges to update the Jira configuration can exploit this\n to execute arbitrary code. Jira is not configured to use JMSAppender, nor does Atlassian provide any\n documentation on using JMSAppender with Jira. Atlassian has [remediated this vulnerability by preventing\n external JNDI lookups|https://bitbucket.org/atlassian/log4j1/pull-requests/9] in the Atlassian version of\n {{{}log4j{}}}. [CVE-2020-9493|https://www.cve.org/CVERecord?id=CVE-2020-9493] and\n [CVE-2022-23307|https://www.cve.org/CVERecord?id=CVE-2022-23307] Apache Chainsaw is bundled with {{log4j}}\n 1.2.x, and is vulnerable to a deserialization flaw. A remote, unauthenticated attacker could exploit this\n to execute arbitrary code. Please note that Chainsaw is a log viewer that is designed to be executed\n manually. It is not required by Jira, nor is it executed by default, nor does Atlassian provide any\n documentation on using Chainsaw with Jira. Atlassian has [remediated this vulnerability by removing\n Chainsaw|https://bitbucket.org/atlassian/log4j1/commits/3a06f7e94efa98331a875532212a3005fd9766d0] from the\n Atlassian version of {{{}log4j{}}}. [CVE-2022-23302|https://www.cve.org/CVERecord?id=CVE-2022-23302]\n JMSSink is vulnerable to a deserialization flaw. A local attacker with privileges to update the Jira\n configuration can exploit this to execute arbitrary code. Jira is not configured to use JMSSink by\n default, nor does Atlassian provide any documentation on using JMSSink with Jira. Atlassian has\n [remediated this vulnerability by removing\n JMSSink|https://bitbucket.org/atlassian/log4j1/commits/48b34334e5278dfd52b361b1ec6943ca4c3b997e] from the\n Atlassian version of {{{}log4j{}}}. [CVE-2022-23305|https://www.cve.org/CVERecord?id=CVE-2022-23305]\n JDBCAppender is vulnerable to a SQL injection flaw when configured to use the message converter\n ({{{}%m{}}}). A remote, unauthenticated attacker can exploit this to execute arbitrary SQL queries. Jira\n is not configured to use JDBCAppender by default, nor does Atlassian provide any documentation on using\n JDBCAppender with Jira. Atlassian has [remediated this vulnerability by removing\n JDBCAppender|https://bitbucket.org/atlassian/log4j1/commits/b933fe460d64ccfc027b4efee74a5ce1875fe3be] from\n the Atlassian version of {{{}log4j{}}}. Affected versions of Jira: * Versions < 8.13.21 * All versions\n 8.14.x through 8.19.x * Versions 8.21.x * Versions 8.22.x < 8.22.3 Fixed versions of Jira: * Versions\n 8.13.x >= 8.13.21 * Versions 8.20.x >= 8.20.9 * Versions 8.22.x >= 8.22.3 * Versions >= 9.0.0 (atlassian-\n JRASERVER-73885)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://jira.atlassian.com/browse/JRASERVER-73885\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Atlassian Jira version 8.13.21, 8.20.9, 8.22.3, 9.0.0 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-9493\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:atlassian:jira\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"jira_detect.nasl\", \"atlassian_jira_win_installed.nbin\", \"atlassian_jira_nix_installed.nbin\");\n script_require_keys(\"installed_sw/Atlassian JIRA\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nvar app_info = vcf::combined_get_app_info(app:'Atlassian JIRA');\n\nvar constraints = [\n { 'min_version' : '8.13.20', 'fixed_version' : '8.13.21' },\n { 'min_version' : '8.20.8', 'fixed_version' : '8.20.9' },\n { 'min_version' : '8.22.2', 'fixed_version' : '8.22.3', 'fixed_display' : '8.22.3 / 9.0.0' }\n];\n\nvcf::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_WARNING,\n flags:{'sqli':TRUE}\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T14:46:23", "description": "The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:14881-1 advisory.\n\n - JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. (CVE-2022-23302)\n\n - By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. (CVE-2022-23305)\n\n - CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists. (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-27T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : log4j (SUSE-SU-2022:14881-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-9493", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:log4j", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2022-14881-1.NASL", "href": "https://www.tenable.com/plugins/nessus/157154", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:14881-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157154);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\"CVE-2022-23302\", \"CVE-2022-23305\", \"CVE-2022-23307\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:14881-1\");\n\n script_name(english:\"SUSE SLES11 Security Update : log4j (SUSE-SU-2022:14881-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:14881-1 advisory.\n\n - JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker\n has write access to the Log4j configuration or if the configuration references an LDAP service the\n attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing\n JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to\n CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which\n is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2\n as it addresses numerous other issues from the previous versions. (CVE-2022-23302)\n\n - By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the\n values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be\n included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or\n headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue\n only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized\n SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of\n life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the\n previous versions. (CVE-2022-23305)\n\n - CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw\n V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists. (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194842\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194843\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-23302\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-23305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-23307\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-January/010085.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1b1b24b5\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected log4j package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23307\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-23305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES11', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'log4j-1.2.15-26.32.20.1', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'log4j');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:42:01", "description": "The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:0442 advisory.\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-08T00:00:00", "type": "nessus", "title": "CentOS 7 : log4j (CESA-2022:0442)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-05-06T00:00:00", "cpe": ["p-cpe:/a:centos:centos:log4j", "p-cpe:/a:centos:centos:log4j-javadoc", "p-cpe:/a:centos:centos:log4j-manual", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2022-0442.NASL", "href": "https://www.tenable.com/plugins/nessus/157452", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0442 and\n# CentOS Errata and Security Advisory 2022:0442 respectively.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157452);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/06\");\n\n script_cve_id(\"CVE-2022-23302\", \"CVE-2022-23305\", \"CVE-2022-23307\");\n script_xref(name:\"RHSA\", value:\"2022:0442\");\n\n script_name(english:\"CentOS 7 : log4j (CESA-2022:0442)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2022:0442 advisory.\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://lists.centos.org/pipermail/centos-announce/2022-February/073555.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e8778fed\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/502.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected log4j, log4j-javadoc and / or log4j-manual packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23307\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-23305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 502);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:log4j-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:log4j-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'CentOS 7.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar pkgs = [\n {'reference':'log4j-1.2.17-18.el7_4', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-javadoc-1.2.17-18.el7_4', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-manual-1.2.17-18.el7_4', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'log4j / log4j-javadoc / log4j-manual');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T14:46:17", "description": "The remote SUSE Linux SLED12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0212-1 advisory.\n\n - JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. (CVE-2022-23302)\n\n - By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. (CVE-2022-23305)\n\n - CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists. (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-28T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : log4j (SUSE-SU-2022:0212-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-9493", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:log4j", "p-cpe:/a:novell:suse_linux:log4j-manual", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2022-0212-1.NASL", "href": "https://www.tenable.com/plugins/nessus/157221", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0212-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157221);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\"CVE-2022-23302\", \"CVE-2022-23305\", \"CVE-2022-23307\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0212-1\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : log4j (SUSE-SU-2022:0212-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the SUSE-SU-2022:0212-1 advisory.\n\n - JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker\n has write access to the Log4j configuration or if the configuration references an LDAP service the\n attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing\n JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to\n CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which\n is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2\n as it addresses numerous other issues from the previous versions. (CVE-2022-23302)\n\n - By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the\n values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be\n included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or\n headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue\n only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized\n SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of\n life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the\n previous versions. (CVE-2022-23305)\n\n - CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw\n V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists. (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194842\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194843\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-23302\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-23305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-23307\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-January/010124.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8d19f84f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected log4j and / or log4j-manual packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23307\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-23305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:log4j-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12|SLES_SAP12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED12 / SLES12 / SLES_SAP12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED12 SP5\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3|4|5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3/4/5\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP12\" && (! preg(pattern:\"^(3|4|5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP12 SP3/4/5\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'log4j-1.2.15-126.9.1', 'sp':'3', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},\n {'reference':'log4j-1.2.15-126.9.1', 'sp':'4', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'log4j-1.2.15-126.9.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'log4j-1.2.15-126.9.1', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5']},\n {'reference':'log4j-1.2.15-126.9.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5', 'sles-release-12.5']},\n {'reference':'log4j-manual-1.2.15-126.9.1', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5']},\n {'reference':'log4j-manual-1.2.15-126.9.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5']},\n {'reference':'log4j-1.2.15-126.9.1', 'sp':'2', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'log4j-1.2.15-126.9.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'log4j-1.2.15-126.9.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'log4j-1.2.15-126.9.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'log4j / log4j-manual');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:42:02", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0447 advisory.\n\n - undertow: client side invocation timeout raised when calling over HTTP2 (CVE-2021-3859)\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-08T00:00:00", "type": "nessus", "title": "RHEL 7 : Red Hat Single Sign-On 7.5.1 security update on RHEL 7 (Important) (RHSA-2022:0447)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3859", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak", "p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak-server"], "id": "REDHAT-RHSA-2022-0447.NASL", "href": "https://www.tenable.com/plugins/nessus/157418", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0447. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157418);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2021-3859\",\n \"CVE-2021-4104\",\n \"CVE-2022-23302\",\n \"CVE-2022-23305\",\n \"CVE-2022-23307\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0447\");\n script_xref(name:\"IAVA\", value:\"2021-A-0573\");\n\n script_name(english:\"RHEL 7 : Red Hat Single Sign-On 7.5.1 security update on RHEL 7 (Important) (RHSA-2022:0447)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0447 advisory.\n\n - undertow: client side invocation timeout raised when calling over HTTP2 (CVE-2021-3859)\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender\n (CVE-2021-4104)\n\n - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\n - log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n - log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3859\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4104\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23302\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-23307\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0447\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2010378\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2031667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041949\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2041967\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected rh-sso7-keycloak and / or rh-sso7-keycloak-server packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23307\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-23305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 89, 214, 502);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak-server\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel/server/7/7Server/x86_64/rh-sso/7.1/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rh-sso/7.1/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rh-sso/7.1/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rh-sso/7.2/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rh-sso/7.2/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rh-sso/7.2/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rh-sso/7.3/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rh-sso/7.3/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rh-sso/7.3/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rh-sso/7.4/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rh-sso/7.4/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rh-sso/7.4/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rh-sso/7.5/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rh-sso/7.5/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rh-sso/7.5/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rh-sso/7.6/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rh-sso/7.6/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rh-sso/7.6/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'rh-sso7-keycloak-15.0.4-1.redhat_00003.1.el7sso', 'release':'7', 'el_string':'el7sso', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-sso'},\n {'reference':'rh-sso7-keycloak-server-15.0.4-1.redhat_00003.1.el7sso', 'release':'7', 'el_string':'el7sso', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-sso'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'rh-sso7-keycloak / rh-sso7-keycloak-server');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:41:36", "description": "The version of log4j installed on the remote host is prior to 1.2.17-18. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1750 advisory.\n\n - JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. (CVE-2022-23302)\n\n - By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. (CVE-2022-23305)\n\n - CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists. (CVE-2022-23307)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-21T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : log4j (ALAS-2022-1750)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-9493", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-05-06T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:log4j", "p-cpe:/a:amazon:linux:log4j-javadoc", "p-cpe:/a:amazon:linux:log4j-manual", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2022-1750.NASL", "href": "https://www.tenable.com/plugins/nessus/158210", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2022-1750.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158210);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/06\");\n\n script_cve_id(\"CVE-2022-23302\", \"CVE-2022-23305\", \"CVE-2022-23307\");\n script_xref(name:\"ALAS\", value:\"2022-1750\");\n\n script_name(english:\"Amazon Linux 2 : log4j (ALAS-2022-1750)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of log4j installed on the remote host is prior to 1.2.17-18. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2-2022-1750 advisory.\n\n - JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker\n has write access to the Log4j configuration or if the configuration references an LDAP service the\n attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing\n JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to\n CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which\n is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2\n as it addresses numerous other issues from the previous versions. (CVE-2022-23302)\n\n - By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the\n values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be\n included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or\n headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue\n only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized\n SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of\n life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the\n previous versions. (CVE-2022-23305)\n\n - CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw\n V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists. (CVE-2022-23307)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2022-1750.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-23302.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-23305.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-23307.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update log4j' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23307\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-23305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:log4j-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:log4j-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nvar os_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'log4j-1.2.17-18.amzn2', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-javadoc-1.2.17-18.amzn2', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-manual-1.2.17-18.amzn2', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"log4j / log4j-javadoc / log4j-manual\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:43:25", "description": "According to the versions of the log4j package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. (CVE-2022-23302)\n\n - By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. (CVE-2022-23305)\n\n - CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists. (CVE-2022-23307)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-03-21T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : log4j (EulerOS-SA-2022-1330)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-9493", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-05-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:log4j", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1330.NASL", "href": "https://www.tenable.com/plugins/nessus/159087", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159087);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/06\");\n\n script_cve_id(\"CVE-2022-23302\", \"CVE-2022-23305\", \"CVE-2022-23307\");\n\n script_name(english:\"EulerOS 2.0 SP5 : log4j (EulerOS-SA-2022-1330)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the log4j package installed, the EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker\n has write access to the Log4j configuration or if the configuration references an LDAP service the\n attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing\n JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to\n CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which\n is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2\n as it addresses numerous other issues from the previous versions. (CVE-2022-23302)\n\n - By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the\n values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be\n included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or\n headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue\n only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized\n SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of\n life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the\n previous versions. (CVE-2022-23305)\n\n - CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw\n V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists. (CVE-2022-23307)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1330\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a89eb7e0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected log4j packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23307\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-23305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"log4j-1.2.17-16.h4.eulerosv2r7\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"log4j\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T14:46:40", "description": "The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0214-1 advisory.\n\n - JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. (CVE-2022-23302)\n\n - By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. (CVE-2022-23305)\n\n - CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists. (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-28T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : log4j (SUSE-SU-2022:0214-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-9493", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:log4j", "p-cpe:/a:novell:suse_linux:log4j-manual", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-0214-1.NASL", "href": "https://www.tenable.com/plugins/nessus/157214", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0214-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157214);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\"CVE-2022-23302\", \"CVE-2022-23305\", \"CVE-2022-23307\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0214-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : log4j (SUSE-SU-2022:0214-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2022:0214-1 advisory.\n\n - JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker\n has write access to the Log4j configuration or if the configuration references an LDAP service the\n attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing\n JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to\n CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which\n is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2\n as it addresses numerous other issues from the previous versions. (CVE-2022-23302)\n\n - By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the\n values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be\n included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or\n headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue\n only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized\n SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of\n life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the\n previous versions. (CVE-2022-23305)\n\n - CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw\n V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists. (CVE-2022-23307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194842\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194843\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-23302\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-23305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-23307\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-January/010127.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fdac1f29\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected log4j and / or log4j-manual packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23307\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-23305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:log4j-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(0|1)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP0/1\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'log4j-1.2.17-5.9.1', 'sp':'0', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'log4j-manual-1.2.17-5.9.1', 'sp':'0', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'log4j-1.2.17-5.9.1', 'sp':'1', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'log4j-manual-1.2.17-5.9.1', 'sp':'1', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'log4j-1.2.17-5.9.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'log4j-manual-1.2.17-5.9.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'log4j-1.2.17-5.9.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'log4j-1.2.17-5.9.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15', 'sles-ltss-release-15']},\n {'reference':'log4j-manual-1.2.17-5.9.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'log4j-manual-1.2.17-5.9.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15', 'sles-ltss-release-15']},\n {'reference':'log4j-1.2.17-5.9.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1', 'sles-ltss-release-15.1']},\n {'reference':'log4j-manual-1.2.17-5.9.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1', 'sles-ltss-release-15.1']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'log4j / log4j-manual');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:41:34", "description": "The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-0442 advisory.\n\n - JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. (CVE-2022-23302)\n\n - By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. (CVE-2022-23305)\n\n - CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists. (CVE-2022-23307)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-16T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : log4j (ELSA-2022-0442)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-9493", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-05-06T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:log4j", "p-cpe:/a:oracle:linux:log4j-javadoc", "p-cpe:/a:oracle:linux:log4j-manual"], "id": "ORACLELINUX_ELSA-2022-0442.NASL", "href": "https://www.tenable.com/plugins/nessus/158101", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-0442.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158101);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/06\");\n\n script_cve_id(\"CVE-2022-23302\", \"CVE-2022-23305\", \"CVE-2022-23307\");\n\n script_name(english:\"Oracle Linux 7 : log4j (ELSA-2022-0442)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2022-0442 advisory.\n\n - JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker\n has write access to the Log4j configuration or if the configuration references an LDAP service the\n attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing\n JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to\n CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which\n is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2\n as it addresses numerous other issues from the previous versions. (CVE-2022-23302)\n\n - By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the\n values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be\n included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or\n headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue\n only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized\n SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of\n life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the\n previous versions. (CVE-2022-23305)\n\n - CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw\n V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists. (CVE-2022-23307)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-0442.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected log4j, log4j-javadoc and / or log4j-manual packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23307\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-23305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:log4j-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:log4j-manual\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar pkgs = [\n {'reference':'log4j-1.2.17-18.el7_4', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-javadoc-1.2.17-18.el7_4', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-manual-1.2.17-18.el7_4', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'log4j / log4j-javadoc / log4j-manual');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:40:07", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0226-1 advisory.\n\n - JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. (CVE-2022-23302)\n\n - By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. (CVE-2022-23305)\n\n - CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists. (CVE-2022-23307)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-29T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : log4j12 (openSUSE-SU-2022:0226-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-9493", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-05-06T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:log4j12", "p-cpe:/a:novell:opensuse:log4j12-javadoc", "p-cpe:/a:novell:opensuse:log4j12-manual", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2022-0226-1.NASL", "href": "https://www.tenable.com/plugins/nessus/157232", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2022:0226-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157232);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/06\");\n\n script_cve_id(\"CVE-2022-23302\", \"CVE-2022-23305\", \"CVE-2022-23307\");\n\n script_name(english:\"openSUSE 15 Security Update : log4j12 (openSUSE-SU-2022:0226-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2022:0226-1 advisory.\n\n - JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker\n has write access to the Log4j configuration or if the configuration references an LDAP service the\n attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing\n JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to\n CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which\n is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2\n as it addresses numerous other issues from the previous versions. (CVE-2022-23302)\n\n - By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the\n values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be\n included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or\n headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue\n only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized\n SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of\n life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the\n previous versions. (CVE-2022-23305)\n\n - CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw\n V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists. (CVE-2022-23307)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193184\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194842\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194843\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194844\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/543MEJC5CUZO2UZUL4R43HGV5KUNNJ4U/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?12b25839\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-23302\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-23305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-23307\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected log4j12, log4j12-javadoc and / or log4j12-manual packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23307\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-23305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:log4j12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:log4j12-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:log4j12-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'log4j12-1.2.17-4.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j12-javadoc-1.2.17-4.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j12-manual-1.2.17-4.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'log4j12 / log4j12-javadoc / log4j12-manual');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:39:47", "description": "The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0214-1 advisory.\n\n - JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. (CVE-2022-23302)\n\n - By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allow