CB-K21/1264 Update 28
Risikostufe 5
Titel:Apache log4j: Schwachstelle ermöglicht CodeausführungDatum:30.03.2022Software:Apache log4j < 2.16.0, Amazon Linux 2, Apache Kafka, Apache Solr, Apache Struts, Atlassian Bamboo, Atlassian Confluence, Atlassian Crucible, Atlassian Fisheye, Atlassian Jira Software, Cisco Identity Services Engine (ISE), Cisco Integrated Management Controller, Cisco Nexus Dashboard, Cisco SD-WAN vManage, Cisco Unified Communications Manager (CUCM) Cloud, Cisco Unified Computing System (UCS) Director, Cisco Unified Contact Center Enterprise, Cisco Unified Intelligent Contact Manager (ICM), Cisco WebEx Cloud-Connected UC, Cisco WebEx Meetings Server, Debian Linux, F-Secure Policy Manager, IBM WebSphere Application Server, Open Source Elasticsearch, Open Source LogStash, Red Hat JBoss A-MQ, Red Hat JBoss Enterprise Application Platform, Red Hat OpenShift, Red Hat OpenStack, Red Hat Process Automation Manager, RSA SecurID Authentication Manager, SOS GmbH JobScheduler, Splunk Splunk Enterprise, Symantec Endpoint Protection Manager, VMware Carbon Black Cloud Workload, VMware Horizon, VMware Identity Manager, VMware NSX Data Center for vSphere, VMware vCenter Server, VMware vRealize Log Insight, VMware vRealize Operations, VMware vRealize Suite Lifecycle Manager, VMware Workspace One Access, VMware Workspace One Access Connector, VMware Tanzu Spring Boot, Cisco Emergency Responder (ER), Cisco Finesse, Cisco Firepower Dashboard, Cisco Unity Connection, Cisco Video Surveillance Operations Manager, Juniper Junos Space, Red Hat Enterprise Linux, Siemens SIMATIC WinCC < V7.4 SP1, Unify OpenScape UC Application < V10.3.10, IBM MQ 9.1, IBM MQ 9.2, IBM SPSS, QNAP NAS, Ubuntu Linux, Wibu-Systems CodeMeter, IBM DB2, IBM Security Guardium, IBM Spectrum Protect, SAP Software, SUSE Linux, Atlassian Bitbucket, Avaya Analytics, Avaya Aura Application Enablement Services, Avaya Aura Device Services, Avaya Aura Media Server, Avaya Aura Session Manager, Avaya Aura System Manager, Avaya Aura Web Gateway, Avaya Breeze Platform, Avaya Oceana, Avaya Session Border Controller, Cisco Network Services Orchestrator, Cisco Nexus Insights, Cisco Unified Computing System (UCS) Central Software, Cisco Unified Contact Center Express (UCCX), Cisco Unified Intelligence Center, Hitachi Storage, IBM InfoSphere Information Server, PaloAlto Networks PAN-OS, Siemens SPPA-T3000, TIBCO Managed File Transfer Server, TIBCO Spotfire, TIBCO Spotfire Statistics Services, Unify OpenScape Contact Center, Unify OpenScape Mediaserver, Unify OpenScape Voice, Citrix Systems Virtual Apps and Desktops, HCL Commerce, IBM Business Automation Workflow, IBM Spectrum Scale, IBM Tivoli Monitoring, Cisco Application Policy Infrastructure Controller, Cisco Unified Communications Manager (CUCM) Session Management Edition, NetApp ActiveIQ Unified Manager, NetApp Data ONTAP Tools for VMware vSphere, VMware Cloud Director Object Storage Extension, VMware Cloud Foundation, VMware SD-WAN by VeloCloud, VMware vRealize Operations Cloud Proxy, HCL Domino, IBM Informix, IBM Tivoli Netcool/OMNIbus, Dell Data Protection Advisor, EMC Avamar, EMC Data Domain, EMC Data Domain OS, IBM Operational Decision Manager, SmartBear SoapUI, IBM Rational Software Architect, Unify OpenScape 4000, Unify OpenScape Deployment Service (DLS), Unify OpenScape Xpert, ASC NEO, IBM Informix Dynamic ServerPlattform:Applicance, CISCO Appliance, Hardware Appliance, Juniper Appliance, Linux, Native Hypervisor, NetApp Appliance, Sonstiges, UNIX, WindowsAuswirkung:Ausführen beliebigen ProgrammcodesRemoteangriff:JaRisiko:sehr hochCVE Liste:CVE-2021-44228Bezug:
Beschreibung
Apache log4j ist ein Framework zum Loggen von Anwendungsmeldungen in Java.
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Apache log4j ausnutzen, um beliebigen Programmcode auszuführen.
Quellen:
- Red Hat Bugzilla - Bug 2030932 vom 2021-12-09
- GitHub Security Advisory GHSA-jfh8-c2jp-5v3q vom 2021-12-09
- GitHub: CVE-2021-44228 Remote Code Injection In Log4j vom 2021-12-10
- Apache log4j Security Advisory vom 2021-12-10
- Tweet von Deutsche Telekom CERT vom 2021-12-10
- CERT-EU Security Advisory 2021-067 vom 2021-12-10
- Elastic Security Announcement ESA-2021-31 vom 2021-12-13
- ExtremeNetworks Vulnerability Notice VN-2020-465 vom 2021-12-12
- VMware Security Advisory VMSA-2021-0028 vom 2021-12-11
- FortiGuard Labs PSIRT Advisory FG-IR-21-245 vom 2021-12-12
- Amazon Linux Security Advisory ALAS-2021-003 vom 2021-12-11
- IBM Security Bulletin 6525706 vom 2021-12-13
- Debian Security Advisory DLA-2842 vom 2021-12-12
- Cisco Security Advisory CISCO-SA-APACHE-LOG4J-QRUKNEBD vom 2021-12-10
- HCL Article KB0095493 vom 2021-12-13
- Symantec Security Advisory SYMSA19793 vom 2021-12-13
- Debian Security Advisory DSA-5020 vom 2021-12-12
- F-Secure Policy Manager Update vom 2021-12-12
- RSA SecurID Authentication Manager Update vom 2021-12-12
- Splunk Security Advisory vom 2021-12-12
- Red Hat Security Bulletin RHSB-2021-009 vom 2021-12-13
- Apache Kafka Mailing List vom 2021-12-12
- Apache Struts Security Advice vom 2021-12-12
- Oracle Security Alert
- Spring.io Blog
- SOS Job Scheduler Vulnerability Release
- SOS Job Scheduler Vulnerability Release
- SAS Statement Regarding Remote Code Execution Vulnerability (CVE-2021-44228)
- Sammlung betroffener Produkte auf GitHub (NLD Nationaal Cyber Security Centrum)
- Talos Intelligence Blog
- Github User "CronUp"
- Atlassian FAQ for CVE-2021-44228 vom 2021-12-12
- Siemens Security Advisory SSA-661247 vom 2021-12-13
- Unify Security Advisory Report OBSO-2112-01 vom 2021-12-13
- Juniper Security Advisory JSA11259 vom 2021-12-13
- Red Hat Security Advisory RHSA-2021:5094 vom 2021-12-14
- Ubuntu Security Notice USN-5192-1 vom 2021-12-14
- Red Hat Security Advisory RHSA-2021:5140 vom 2021-12-15
- IBM Security Bulletin 6526174 vom 2021-12-15
- Red Hat Security Advisory RHSA-2021:5137 vom 2021-12-15
- Red Hat Security Advisory RHSA-2021:5138 vom 2021-12-15
- WIBU Security Advisory WIBU-211213-01 vom 2021-12-15
- IBM Security Bulletin 6526274 vom 2021-12-15
- IBM Security Bulletin 6526174 vom 2021-12-14
- IBM Security Bulletin 6526182 vom 2021-12-14
- Red Hat Security Advisory RHSA-2021:5093 vom 2021-12-14
- Red Hat Security Advisory RHSA-2021:5108 vom 2021-12-14
- Red Hat Security Advisory RHSA-2021:5126 vom 2021-12-14
- Red Hat Security Advisory RHSA-2021:5129 vom 2021-12-14
- Red Hat Security Advisory RHSA-2021:5132 vom 2021-12-15
- Red Hat Security Advisory RHSA-2021:5127 vom 2021-12-14
- QNAP Security Advisory QSA-21-58 vom 2021-12-14
- Red Hat Security Advisory RHSA-2021:5128 vom 2021-12-14
- Red Hat Security Advisory RHSA-2021:5130 vom 2021-12-14
- Red Hat Security Advisory RHSA-2021:5133 vom 2021-12-15
- IBM Security Bulletin 6526184 vom 2021-12-14
- Red Hat Security Advisory RHSA-2021:5134 vom 2021-12-15
- Apache log4j Security Advisory vom 2021-12-14
- IBM Security Bulletin 6527090 vom 2021-12-16
- IBM Security Bulletin 6527084 vom 2021-12-16
- IBM Security Bulletin 6527088 vom 2021-12-16
- IBM Security Bulletin 6526640 vom 2021-12-15
- Red Hat Security Advisory RHSA-2021:5148 vom 2021-12-16
- HCL Article KB0095516 vom 2021-12-16
- IBM Security Bulletin 6526490 vom 2021-12-16
- Ubuntu Security Notice USN-5197-1 vom 2021-12-15
- SUSE Security Update SUSE-SU-2021:4097-1 vom 2021-12-15
- Red Hat Security Advisory RHSA-2021:5106 vom 2021-12-16
- IBM Security Bulletin 6526462 vom 2021-12-16
- SUSE Security Update SUSE-SU-2021:4096-1 vom 2021-12-15
- SAP Support Center
- IBM Security Bulletin 6527080 vom 2021-12-16
- Amazon Linux Security Advisory ALAS-2021-1730 vom 2021-12-16
- IBM Security Bulletin 6527082 vom 2021-12-16
- Debian Security Advisory DSA-5022 vom 2021-12-16
- Red Hat Security Advisory RHSA-2021:5107 vom 2021-12-16
- Red Hat Security Advisory RHSA-2021:5141 vom 2021-12-16
- Red Hat Security Advisory RHSA-2021:5186 vom 2021-12-17
- Red Hat Security Advisory RHSA-2021:5183 vom 2021-12-17
- Red Hat Security Advisory RHSA-2021:5184 vom 2021-12-17
- Siemens Security Advisory SSA-714170 vom 2021-12-16
- IBM Security Bulletin 6527372 vom 2021-12-17
- Atlassian Security Advisory - Log4j
- IBM Security Bulletin 6527226 vom 2021-12-17
- IBM Security Bulletin 6527322 vom 2021-12-17
- IBM Security Bulletin 6527096 vom 2021-12-17
- Hitachi Vulnerability Information HITACHI-SEC-2021-147 vom 2021-12-17
- Palo Alto Networks Security Advisory PAN-184592 vom 2021-12-17
- Log4j Vulnerabilities Impact On Oracle E-Business Suite Analysis
- Tibco Apache Log4J Vulnerability Daily Update
- Avaya Product Security Apache Log4J Vulnerability vom 2021-12-17
- IBM Security Bulletin 6527260 vom 2021-12-20
- Amazon Linux Security Advisory ALAS-2021-1731 vom 2021-12-18
- Amazon Linux Security Advisory ALAS-2021-1553 vom 2021-12-18
- Amazon Linux Security Advisory ALASCORRETTO8-2021-001 vom 2021-12-20
- Amazon Linux Security Advisory ALASJAVA-OPENJDK11-2021-001 vom 2021-12-20
- Citrix Security Advisory CTX335705 vom 2021-12-20
- IBM Security Bulletin 6527724 vom 2021-12-18
- IBM Security Bulletin 6527824 vom 2021-12-17
- IBM Security Bulletin 6527824 vom 2021-12-18
- IBM Security Bulletin 6527824 vom 2021-12-19
- IBM Security Bulletin 6527894 vom 2021-12-18
- IBM Security Bulletin 6527874 vom 2021-12-18
- IBM Security Bulletin 6527828 vom 2021-12-17
- IBM Security Bulletin 6527894 vom 2021-12-19
- IBM Security Bulletin 6527836 vom 2021-12-18
- IBM Security Bulletin 6527836 vom 2021-12-19
- IBM Security Bulletin 6527962 vom 2021-12-18
- IBM Security Bulletin 6528108 vom 2021-12-18
- IBM Security Bulletin 6527762 vom 2021-12-18
- Amazon Linux Security Advisory ALAS-2021-004 vom 2021-12-18
- HCL Article KB0095587 vom 2021-12-17
- Ubuntu Security Notice USN-5192-2 vom 2021-12-17
- IBM Security Bulletin 6527768 vom 2021-12-18
- IBM Security Bulletin 6527924 vom 2021-12-17
- NetApp Security Advisory NTAP-20211215-0001 vom 2021-12-20
- IBM Security Bulletin 6528432 vom 2021-12-21
- NetApp Security Advisory NTAP-20211210-0007 vom 2021-12-20
- IBM Security Bulletin 6526420 vom 2021-12-22
- IBM Security Bulletin 6527764 vom 2021-12-22
- IBM Security Bulletin 6528846 vom 2021-12-22
- IBM Security Bulletin 6528678 vom 2021-12-22
- Incident Report for F-Secure services
- Apache Log4j 2 Release Notes
- Apache Log4j2 Advisory
- IBM Security Bulletin 6536868 vom 2021-12-23
- HCL Article KB0095728 vom 2021-12-22
- IBM Security Bulletin 6536712 vom 2021-12-23
- IBM Security Bulletin 6527948 vom 2021-12-23
- Amazon Linux Security Advisory ALAS-2021-1732 vom 2021-12-24
- Amazon Linux Security Advisory ALAS-2021-1554 vom 2021-12-24
- Hitachi Vulnerability Information HITACHI-SEC-2021-315 vom 2021-12-28
- EMC Security Advisory DSA-2021-274 vom 2022-01-09
- EMC Security Advisory DSA-2021-309 vom 2022-01-09
- EMC Security Advisory DSA-2021-277 vom 2022-01-09
- HPE Security Bulletin HPESBGN04215 rev.10 vom 2022-01-08
- IBM Security Bulletin 6539444 vom 2022-01-11
- SAP Security Note 3130521 vom 2022-01-11
- Red Hat Security Advisory RHSA-2022:0082 vom 2022-01-11
- JobScheduler Vulnerability Release 2.2.1 vom 2022-01-11
- Juniper Security Bulletin JSA11287 vom 2022-01-12
- SoapUI Release 5.6.1
- IBM Security Bulletin 6541008 vom 2022-01-15
- IBM Security Bulletin 6541258 vom 2022-01-18
- Unify Security Advisory Report OBSO-2201-01 vom 2022-01-18
- Red Hat Security Advisory RHSA-2022:0203 vom 2022-01-20
- Red Hat Security Advisory RHSA-2022:0216 vom 2022-01-20
- Red Hat Security Advisory RHSA-2022:0222 vom 2022-01-21
- Red Hat Security Advisory RHSA-2022:0205 vom 2022-01-20
- Red Hat Security Advisory RHSA-2022:0223 vom 2022-01-21
- LibreOffice Security Advisory
- Red Hat Security Advisory RHSA-2022:0296 vom 2022-01-26
- ASC NEO Release Announcement 6.7 vom 2022-01-24
- IBM Security Bulletin 6553622 vom 2022-02-04
- IBM Security Bulletin 6553626 vom 2022-02-04
- HCL Article KB0097299 vom 2022-03-23
- HCL Article KB0097470 vom 2022-03-25
- HCL Article KB0096807 vom 2022-03-29