Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0, 2.12.3, and 2.3.1.
References
Advertisement
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
Configuration 9 (hide)
| AND |
|
Configuration 10 (hide)
|
Information
Published : 2021-12-18 04:15
Updated : 2022-10-06 10:31
NVD link : CVE-2021-45105
Mitre link : CVE-2021-45105
JSON object : View
Advertisement
Products Affected
oracle
- webcenter_sites
- communications_cloud_native_core_security_edge_protection_proxy
- communications_network_charging_and_control
- communications_session_report_manager
- payment_interface
- retail_back_office
- banking_deposits_and_lines_of_credit_servicing
- retail_returns_management
- retail_central_office
- communications_cloud_native_core_network_repository_function
- weblogic_server
- mysql_enterprise_monitor
- communications_cloud_native_core_network_function_cloud_native_environment
- retail_invoice_matching
- communications_element_manager
- enterprise_manager_base_platform
- communications_cloud_native_core_unified_data_repository
- insurance_insbridge_rating_and_underwriting
- retail_service_backbone
- taleo_platform
- retail_merchandising_system
- banking_payments
- retail_customer_insights
- communications_service_broker
- webcenter_portal
- banking_enterprise_default_management
- instantis_enterprisetrack
- flexcube_universal_banking
- hyperion_tax_provision
- hyperion_infrastructure_technology
- managed_file_transfer
- primavera_unifier
- retail_financial_integration
- communications_evolved_communications_application_server
- agile_plm_mcad_connector
- hyperion_bi\+
- enterprise_manager_ops_center
- management_cloud_engine
- communications_diameter_signaling_router
- communications_unified_inventory_management
- retail_predictive_application_server
- communications_convergent_charging_controller
- communications_cloud_native_core_console
- hospitality_suite8
- communications_eagle_element_management_system
- hospitality_token_proxy_service
- banking_treasury_management
- communications_interactive_session_recorder
- retail_point-of-service
- healthcare_master_person_index
- retail_order_management_system
- e-business_suite
- health_sciences_inform
- data_integrator
- communications_network_integrity
- business_intelligence
- autovue_for_agile_product_lifecycle_management
- communications_cloud_native_core_policy
- communications_session_route_manager
- primavera_p6_enterprise_project_portfolio_management
- retail_eftlink
- retail_order_broker
- healthcare_foundation
- health_sciences_information_manager
- retail_price_management
- banking_trade_finance
- health_sciences_empirica_signal
- communications_ip_service_activator
- financial_services_model_management_and_governance
- insurance_data_gateway
- communications_messaging_server
- banking_loans_servicing
- banking_platform
- communications_webrtc_session_controller
- identity_management_suite
- sql_developer
- banking_party_management
- retail_data_extractor_for_merchandising
- hyperion_planning
- hyperion_profitability_and_cost_management
- communications_pricing_design_center
- siebel_ui_framework
- retail_store_inventory_management
- retail_integration_bus
- peoplesoft_enterprise_peopletools
- communications_cloud_native_core_service_communication_proxy
- communications_asap
- financial_services_analytical_applications_infrastructure
- healthcare_data_repository
- hyperion_data_relationship_management
- communications_performance_intelligence_center
- agile_engineering_data_management
- communications_convergence
- jdeveloper
- communications_user_data_repository
- enterprise_manager_for_peoplesoft
- communications_cloud_native_core_network_slice_selection_function
- utilities_framework
- agile_plm
- identity_manager_connector
- communications_services_gatekeeper
- primavera_gateway
- communications_billing_and_revenue_management
- communications_eagle_ftp_table_base_retrieval
- healthcare_translational_research
debian
- debian_linux
sonicwall
- 6bk1602-0aa42-0tp0_firmware
- 6bk1602-0aa42-0tp0
- 6bk1602-0aa12-0tp0
- 6bk1602-0aa32-0tp0_firmware
- 6bk1602-0aa22-0tp0
- 6bk1602-0aa32-0tp0
- email_security
- network_security_manager
- 6bk1602-0aa22-0tp0_firmware
- web_application_firewall
- 6bk1602-0aa52-0tp0
- 6bk1602-0aa12-0tp0_firmware
- 6bk1602-0aa52-0tp0_firmware
netapp
- cloud_manager
apache
- log4j