CVE-2024-12801

CVSS v4.0

2.4

Low

Vector

AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:N/VA:L/SC:H/SI:H/SA:H/V:D/U:Clear

Name of the Vulnerable Software and Affected Versions logback versions 0.1 through 1.3.14 logback versions 1.4.0 through 1.5.12

Description The issue allows an attacker to forge requests by compromising logback configuration files in XML. This is achieved by modifying the DOCTYPE declaration in XML configuration files, enabling Server-Side Request Forgery (SSRF) attacks.

Recommendations For logback versions 0.1 through 1.3.14, update to a version outside of this range to mitigate the risk. For logback versions 1.4.0 through 1.5.12, update to a version outside of this range to mitigate the risk. As a temporary workaround, consider restricting modifications to logback configuration files to prevent exploitation.

Fix

SSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-918

Related Identifiers

CLEANSTART-2026-CI66802

CLEANSTART-2026-DD05788

CLEANSTART-2026-GH89210

CLEANSTART-2026-KM27583

CLEANSTART-2026-SP91806

CLEANSTART-2026-VH41554

CVE-2024-12801

GHSA-6V67-2WR5-GVF4

OESA-2025-1082

OPENSUSE-SU-2025:14627-1

OPENSUSE-SU-2025_0072-1

SUSE-SU-2025:0072-1

Affected Products

Debian

Suse

Logback

CVE-2024-12801

Weakness Enumeration

Related Identifiers

Affected Products

References · 297