PT-2017-4052 · Apache+2 · Apache Log4J+2

Publicado

2017-04-17

Atualizado

2022-06-15

CVE-2017-5645

CVSS v2.0

Crítica

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Apache Log4j versions prior to 2.8.2

Description The issue is related to the deserialization of log events in Apache Log4j. When using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code. This allows a remote attacker to execute arbitrary code.

Recommendations For versions prior to 2.8.2, update to version 2.8.2 or later to resolve the issue. As a temporary workaround, consider disabling the TCP socket server and UDP socket server until a patch is available. Restrict access to the log event reception functionality to minimize the risk of exploitation.

Exploit

Correção

Deserialization of Untrusted Data

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-502

Identificadores relacionados

BDU:2021-01051

CESA-2017_2423

CVE-2017-5645

ELSA-2017-2423

ELSA-2022-9419

GHSA-FXPH-Q3J8-MV87

OPENSUSE-SU-2024:11026-1

RHSA-2017:1417

RHSA-2017:1801

RHSA-2017:2423

RHSA-2017:2635

RHSA-2017:2636

RHSA-2017:2637

RHSA-2017:2638

RHSA-2017:2808

RHSA-2017:2809

RHSA-2017:2811

RHSA-2017:3399

RHSA-2017_2423

RHSA-2022_5053

Produtos afetados

Apache Log4J

Centos

Red Hat

PT-2017-4052 · Apache+2 · Apache Log4J+2

CVE-2017-5645

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 141