CVE-2020-9488

Published on: 04/27/2020 12:00:00 AM UTC

Last Modified on: 05/12/2022 03:00:00 PM UTC

CVE-2020-9488

Source: Mitre Source: NIST CVE.ORG Print: PDF PDF
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Certain versions of Log4j from Apache contain the following vulnerability:

Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1

  • CVE-2020-9488 has been assigned by URL Logo secu[email protected] to track the vulnerability - currently rated as LOW severity.
  • Affected Vendor/Software: URL Logo Apache - Apache Log4j version < 2.12.3
  • Affected Vendor/Software: URL Logo Apache - Apache Log4j version = 2.13.0

CVSS3 Score: 3.7 - LOW

Attack
Vector 		Attack
Complexity		 Privileges
Required		 User
Interaction
NETWORK HIGH NONE NONE
Scope Confidentiality
Impact		 Integrity
Impact		 Availability
Impact
UNCHANGED LOW NONE NONE

CVSS2 Score: 4.3 - MEDIUM

Access
Vector		 Access
Complexity		 Authentication
NETWORK MEDIUM NONE
Confidentiality
Impact		 Integrity
Impact		 Availability
Impact
PARTIAL NONE NONE

CVE References

Description Tags Link
[SECURITY] [DLA 2852-1] apache-log4j2 security update lists.debian.org
text/html
 URL Logo MLIST [debian-lts-announce] 20211226 [SECURITY] [DLA 2852-1] apache-log4j2 security update
Pony Mail! lists.apache.org
text/html
 URL Logo MLIST [kafka-users] 20210617 vulnerabilities
Debian -- Security Information -- DSA-5020-1 apache-log4j2 www.debian.org
Depreciated Link
text/html
 URL Logo DEBIAN DSA-5020
Pony Mail! Mailing List
Patch
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [zookeeper-commits] 20200504 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-3817: suppress log4j SmtpAppender related CVE-2020-9488
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [hive-issues] 20210216 [jira] [Assigned] (HIVE-24787) Hive - upgrade log4j 2.12.1 to 2.13.2+ due to CVE-2020-9488
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [hive-dev] 20201207 [jira] [Created] (HIVE-24500) Hive - upgrade log4j 2.12.1 to 2.13.2+ due to CVE-2020-9488
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [hive-issues] 20201207 [jira] [Work started] (HIVE-24500) Hive - upgrade log4j 2.12.1 to 2.13.2+ due to CVE-2020-9488
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [zookeeper-issues] 20200504 [jira] [Assigned] (ZOOKEEPER-3817) owasp failing due to CVE-2020-9488
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [hive-issues] 20210216 [jira] [Resolved] (HIVE-24787) Hive - upgrade log4j 2.12.1 to 2.13.2+ due to CVE-2020-9488
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [hive-issues] 20201208 [jira] [Work logged] (HIVE-24500) Hive - upgrade log4j 2.12.1 to 2.13.2+ due to CVE-2020-9488
Oracle Critical Patch Update Advisory - July 2020 Third Party Advisory
www.oracle.com
text/html
 URL Logo MISC www.oracle.com/security-alerts/cpujul2020.html
Oracle Critical Patch Update Advisory - April 2022 www.oracle.com
text/html
 URL Logo MISC www.oracle.com/security-alerts/cpuapr2022.html
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [pulsar-commits] 20201215 [GitHub] [pulsar] yanshuchong opened a new issue #8967: CVSS issue list
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [zookeeper-issues] 20200504 [jira] [Commented] (ZOOKEEPER-3817) owasp failing due to CVE-2020-9488
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MISC lists.apache.org/thread.html/re024d86dffa72ad800f2848d0c77ed93f0b78ee808350b477a6ed987@%3Cgitbox.hive.apache.org%3E
Oracle Critical Patch Update Advisory - October 2020 Third Party Advisory
www.oracle.com
text/html
 URL Logo MISC www.oracle.com/security-alerts/cpuoct2020.html
Pony Mail! Issue Tracking
Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [hive-issues] 20210125 [jira] [Work logged] (HIVE-24500) Hive - upgrade log4j 2.12.1 to 2.13.2+ due to CVE-2020-9488
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [hive-issues] 20210218 [jira] [Updated] (HIVE-24787) Hive - upgrade log4j 2.12.1 to 2.13.2+ due to CVE-2020-9488
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [kafka-dev] 20200514 [jira] [Created] (KAFKA-9997) upgrade log4j lib to address CVE-2020-9488
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [kafka-jira] 20200514 [jira] [Created] (KAFKA-9997) upgrade log4j lib to address CVE-2020-9488
Oracle Critical Patch Update Advisory - October 2021 www.oracle.com
text/html
 URL Logo MISC www.oracle.com/security-alerts/cpuoct2021.html
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [kafka-jira] 20200514 [jira] [Created] (KAFKA-9996) upgrade zookeeper to 3.5.8 to address security vulnerabilities
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [hive-issues] 20201208 [jira] [Updated] (HIVE-24500) Hive - upgrade log4j 2.12.1 to 2.13.2+ due to CVE-2020-9488
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [zookeeper-notifications] 20200504 [GitHub] [zookeeper] symat commented on pull request #1346: ZOOKEEPER-3817: suppress log4j SmtpAppender related CVE-2020-9488
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [db-torque-dev] 20210127 Re: Items for our (delayed) quarterly report to the board?
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [zookeeper-issues] 20200504 [jira] [Resolved] (ZOOKEEPER-3817) owasp failing due to CVE-2020-9488
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [zookeeper-dev] 20200504 log4j SmtpAppender related CVE
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [db-torque-dev] 20200715 Build failed in Jenkins: Torque4-trunk #685
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [kafka-jira] 20200515 [jira] [Commented] (KAFKA-9997) upgrade log4j lib to address CVE-2020-9488
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [zookeeper-notifications] 20200504 Build failed in Jenkins: zookeeper-master-maven-owasp #489
Pony Mail! lists.apache.org
text/html
 URL Logo MLIST [flink-issues] 20210510 [GitHub] [flink] zentol opened a new pull request #15879: [FLINK-22407][build] Bump log4j to 2.24.1
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [hive-issues] 20201207 [jira] [Updated] (HIVE-24500) Hive - upgrade log4j 2.12.1 to 2.13.2+ due to CVE-2020-9488
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [kafka-dev] 20200514 [jira] [Created] (KAFKA-9996) upgrade zookeeper to 3.5.8 to address security vulnerabilities
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [zookeeper-issues] 20200504 [jira] [Updated] (ZOOKEEPER-3817) owasp failing due to CVE-2020-9488
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [hive-issues] 20201207 [jira] [Assigned] (HIVE-24500) Hive - upgrade log4j 2.12.1 to 2.13.2+ due to CVE-2020-9488
Pony Mail! Mailing List
Patch
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [zookeeper-commits] 20200504 [zookeeper] branch master updated: ZOOKEEPER-3817: suppress log4j SmtpAppender related CVE-2020-9488
Pony Mail! Mailing List
Patch
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [zookeeper-commits] 20200504 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-3817: suppress log4j SmtpAppender related CVE-2020-9488
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [hive-dev] 20210216 [jira] [Created] (HIVE-24787) Hive - upgrade log4j 2.12.1 to 2.13.2+ due to CVE-2020-9488
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [hive-issues] 20210209 [jira] [Resolved] (HIVE-24500) Hive - upgrade log4j 2.12.1 to 2.13.2+ due to CVE-2020-9488
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [zookeeper-issues] 20200504 [jira] [Created] (ZOOKEEPER-3817) owasp failing due to CVE-2020-9488
[LOG4J2-2819] Add support for specifying an SSL configuration for SmtpAppender - ASF JIRA Issue Tracking
Mitigation
Patch
Vendor Advisory
issues.apache.org
text/html
 URL Logo CONFIRM issues.apache.org/jira/browse/LOG4J2-2819
CVE-2020-9488 Apache Log4j Vulnerability in NetApp Products | NetApp Product Security Third Party Advisory
security.netapp.com
text/html
 URL Logo CONFIRM security.netapp.com/advisory/ntap-20200504-0003/
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MISC lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3@%3Ctorque-dev.db.apache.org%3E
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [zookeeper-notifications] 20200504 [GitHub] [zookeeper] symat opened a new pull request #1346: ZOOKEEPER-3817: suppress log4j SmtpAppender related CVE-2020-9488
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [zookeeper-dev] 20200504 [jira] [Created] (ZOOKEEPER-3817) owasp failing due to CVE-2020-9488
Oracle Critical Patch Update Advisory - April 2021 www.oracle.com
text/html
 URL Logo MISC www.oracle.com/security-alerts/cpuApr2021.html
Oracle Critical Patch Update Advisory - January 2021 Third Party Advisory
www.oracle.com
text/html
 URL Logo MISC www.oracle.com/security-alerts/cpujan2021.html
Pony Mail! Mailing List
Vendor Advisory
lists.apache.org
text/html
 URL Logo MLIST [db-torque-dev] 20210128 Antwort: Re: Items for our (delayed) quarterly report to the board?
By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].

Related QID Numbers

  • 178934 Debian Security Update for apache-log4j2 (DSA 5020-1)
  • 178956 Debian Security Update for apache-log4j2 (DLA 2852-1)
  • 20269 IBM DB2 Multiple Vulnerabilities (6466365)
  • 20288 Oracle Database 19c Critical OJVM Patch Update - October 2020
  • 20297 Oracle Database 18c Critical OJVM Patch Update - October 2020
  • 20313 Oracle Database 12.2.0.1 Critical OJVM Patch Update - October 2020
  • 982986 Java (maven) Security Update for org.apache.logging.log4j:log4j-core (GHSA-vwqq-5vrc-xw9h)

Exploit/POC from Github

Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-20…

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationApacheLog4jAllAllAllAll
ApplicationApacheLog4jAllAllAllAll
Operating
System		DebianDebian Linux10.0AllAllAll
Operating
System		DebianDebian Linux11.0AllAllAll
Operating
System		DebianDebian Linux9.0AllAllAll
ApplicationOracleCommunications Application Session Controller3.9m0p1AllAllAll
ApplicationOracleCommunications Application Session Controller3.9m0p1AllAllAll
ApplicationOracleCommunications Billing And Revenue Management12.0.0.3.0AllAllAll
ApplicationOracleCommunications Billing And Revenue Management7.5.0.23.0AllAllAll
ApplicationOracleCommunications Billing And Revenue Management12.0.0.3.0AllAllAll
ApplicationOracleCommunications Billing And Revenue Management7.5.0.23.0AllAllAll
ApplicationOracleCommunications Eagle Ftp Table Base Retrieval4.5AllAllAll
ApplicationOracleCommunications Offline Mediation Controller12.0.0.3.0AllAllAll
ApplicationOracleCommunications Offline Mediation Controller12.0.0.3.0AllAllAll
ApplicationOracleCommunications Services Gatekeeper7.0AllAllAll
ApplicationOracleCommunications Services Gatekeeper7.0AllAllAll
ApplicationOracleCommunications Unified Inventory Management7.3.0AllAllAll
ApplicationOracleCommunications Unified Inventory Management7.4.0AllAllAll
ApplicationOracleCommunications Unified Inventory Management7.3.0AllAllAll
ApplicationOracleCommunications Unified Inventory Management7.4.0AllAllAll
ApplicationOracleData Integrator12.2.1.3.0AllAllAll
ApplicationOracleData Integrator12.2.1.4.0AllAllAll
ApplicationOracleData Integrator12.2.1.3.0AllAllAll
ApplicationOracleData Integrator12.2.1.4.0AllAllAll
ApplicationOracleEnterprise Manager For Peoplesoft13.4.1.1AllAllAll
ApplicationOracleEnterprise Manager For Peoplesoft13.4.1.1AllAllAll
ApplicationOracleFinancial Services Analytical Applications InfrastructureAllAllAllAll
ApplicationOracleFinancial Services Institutional Performance Analytics8.0.6AllAllAll
ApplicationOracleFinancial Services Institutional Performance Analytics8.1.0AllAllAll
ApplicationOracleFinancial Services Institutional Performance Analytics8.7.0AllAllAll
ApplicationOracleFinancial Services Institutional Performance Analytics8.0.6AllAllAll
ApplicationOracleFinancial Services Institutional Performance Analytics8.1.0AllAllAll
ApplicationOracleFinancial Services Institutional Performance Analytics8.7.0AllAllAll
ApplicationOracleFinancial Services Market Risk Measurement And Management8.0.6AllAllAll
ApplicationOracleFinancial Services Market Risk Measurement And Management8.0.8AllAllAll
ApplicationOracleFinancial Services Market Risk Measurement And Management8.1.0AllAllAll
ApplicationOracleFinancial Services Market Risk Measurement And Management8.0.6AllAllAll
ApplicationOracleFinancial Services Market Risk Measurement And Management8.0.8AllAllAll
ApplicationOracleFinancial Services Market Risk Measurement And Management8.1.0AllAllAll
ApplicationOracleFinancial Services Price Creation And Discovery8.0.6AllAllAll
ApplicationOracleFinancial Services Price Creation And Discovery8.0.7AllAllAll
ApplicationOracleFinancial Services Price Creation And Discovery8.0.6AllAllAll
ApplicationOracleFinancial Services Price Creation And Discovery8.0.7AllAllAll
ApplicationOracleFinancial Services Retail Customer Analytics8.0.6AllAllAll
ApplicationOracleFinancial Services Retail Customer Analytics8.0.6AllAllAll
ApplicationOracleFlexcube Core Banking5.2.0AllAllAll
ApplicationOracleFlexcube Core Banking5.2.0AllAllAll
ApplicationOracleFlexcube Core BankingAllAllAllAll
ApplicationOracleFlexcube Private Banking12.0.0AllAllAll
ApplicationOracleFlexcube Private Banking12.1.0AllAllAll
ApplicationOracleFlexcube Private Banking12.0.0AllAllAll
ApplicationOracleFlexcube Private Banking12.1.0AllAllAll
ApplicationOracleHealth Sciences Information Manager3.0.1AllAllAll
ApplicationOracleHealth Sciences Information Manager3.0.1AllAllAll
ApplicationOracleInsurance Insbridge Rating And Underwriting5.6.1.0AllAllAll
ApplicationOracleInsurance Insbridge Rating And Underwriting5.6.1.0AllAllAll
ApplicationOracleInsurance Insbridge Rating And UnderwritingAllAllAllAll
ApplicationOracleInsurance Policy Administration J2ee10.2.0.37AllAllAll
ApplicationOracleInsurance Policy Administration J2ee10.2.4.12AllAllAll
ApplicationOracleInsurance Policy Administration J2ee11.0.2.25AllAllAll
ApplicationOracleInsurance Policy Administration J2ee11.1.0.15AllAllAll
ApplicationOracleInsurance Policy Administration J2ee11.2.0.26AllAllAll
ApplicationOracleInsurance Policy Administration J2ee10.2.0.37AllAllAll
ApplicationOracleInsurance Policy Administration J2ee10.2.4.12AllAllAll
ApplicationOracleInsurance Policy Administration J2ee11.0.2.25AllAllAll
ApplicationOracleInsurance Policy Administration J2ee11.1.0.15AllAllAll
ApplicationOracleInsurance Policy Administration J2ee11.2.0.26AllAllAll
ApplicationOracleInsurance Rules Palette10.2.0.37AllAllAll
ApplicationOracleInsurance Rules Palette10.2.4.12AllAllAll
ApplicationOracleInsurance Rules Palette11.0.2.25AllAllAll
ApplicationOracleInsurance Rules Palette11.1.0.15AllAllAll
ApplicationOracleInsurance Rules Palette11.2.0.26AllAllAll
ApplicationOracleInsurance Rules Palette10.2.0.37AllAllAll
ApplicationOracleInsurance Rules Palette10.2.4.12AllAllAll
ApplicationOracleInsurance Rules Palette11.0.2.25AllAllAll
ApplicationOracleInsurance Rules Palette11.1.0.15AllAllAll
ApplicationOracleInsurance Rules Palette11.2.0.26AllAllAll
ApplicationOracleJd Edwards World Securitya9.4AllAllAll
ApplicationOracleOracle Goldengate Application Adapters19.1.0.0.0AllAllAll
ApplicationOracleOracle Goldengate Application Adapters19.1.0.0.0AllAllAll
ApplicationOraclePeoplesoft Enterprise Peopletools8.56AllAllAll
ApplicationOraclePeoplesoft Enterprise Peopletools8.57AllAllAll
ApplicationOraclePeoplesoft Enterprise Peopletools8.58AllAllAll
ApplicationOraclePeoplesoft Enterprise Peopletools8.56AllAllAll
ApplicationOraclePeoplesoft Enterprise Peopletools8.57AllAllAll
ApplicationOraclePeoplesoft Enterprise Peopletools8.58AllAllAll
ApplicationOraclePolicy AutomationAllAllAllAll
ApplicationOraclePolicy Automation Connector For Siebel10.4.6AllAllAll
ApplicationOraclePolicy Automation Connector For Siebel10.4.6AllAllAll
ApplicationOraclePolicy Automation For Mobile DevicesAllAllAllAll
ApplicationOraclePrimavera Unifier18.8AllAllAll
ApplicationOraclePrimavera Unifier19.12AllAllAll
ApplicationOraclePrimavera Unifier18.8AllAllAll
ApplicationOraclePrimavera Unifier19.12AllAllAll
ApplicationOracleRetail Advanced Inventory Planning14.1AllAllAll
ApplicationOracleRetail Advanced Inventory Planning14.1AllAllAll
ApplicationOracleRetail Assortment Planning15.0.3.0AllAllAll
ApplicationOracleRetail Assortment Planning16.0.3.0AllAllAll
ApplicationOracleRetail Assortment Planning15.0.3.0AllAllAll
ApplicationOracleRetail Assortment Planning16.0.3.0AllAllAll
ApplicationOracleRetail Bulk Data Integration15.0.3.0AllAllAll
ApplicationOracleRetail Bulk Data Integration16.0.3.0AllAllAll
ApplicationOracleRetail Bulk Data Integration15.0.3.0AllAllAll
ApplicationOracleRetail Bulk Data Integration16.0.3.0AllAllAll
ApplicationOracleRetail Customer Management And Segmentation Foundation16.0AllAllAll
ApplicationOracleRetail Customer Management And Segmentation Foundation17.0AllAllAll
ApplicationOracleRetail Customer Management And Segmentation Foundation18.0AllAllAll
ApplicationOracleRetail Customer Management And Segmentation Foundation19.0AllAllAll
ApplicationOracleRetail Customer Management And Segmentation Foundation16.0AllAllAll
ApplicationOracleRetail Customer Management And Segmentation Foundation17.0AllAllAll
ApplicationOracleRetail Customer Management And Segmentation Foundation18.0AllAllAll
ApplicationOracleRetail Customer Management And Segmentation Foundation19.0AllAllAll
ApplicationOracleRetail Eftlink15.0.2AllAllAll
ApplicationOracleRetail Eftlink16.0.3AllAllAll
ApplicationOracleRetail Eftlink17.0.2AllAllAll
ApplicationOracleRetail Eftlink18.0.1AllAllAll
ApplicationOracleRetail Eftlink19.0.1AllAllAll
ApplicationOracleRetail Insights Cloud Service Suite19.0AllAllAll
ApplicationOracleRetail Integration Bus14.1AllAllAll
ApplicationOracleRetail Integration Bus15.0AllAllAll
ApplicationOracleRetail Integration Bus16.0AllAllAll
ApplicationOracleRetail Integration Bus14.1AllAllAll
ApplicationOracleRetail Integration Bus15.0AllAllAll
ApplicationOracleRetail Integration Bus16.0AllAllAll
ApplicationOracleRetail Order Broker Cloud Service16.0AllAllAll
ApplicationOracleRetail Order Broker Cloud Service18.0AllAllAll
ApplicationOracleRetail Order Broker Cloud Service19.0AllAllAll
ApplicationOracleRetail Order Broker Cloud Service19.1AllAllAll
ApplicationOracleRetail Order Broker Cloud Service19.2AllAllAll
ApplicationOracleRetail Order Broker Cloud Service19.3AllAllAll
ApplicationOracleRetail Order Broker Cloud Service16.0AllAllAll
ApplicationOracleRetail Order Broker Cloud Service18.0AllAllAll
ApplicationOracleRetail Order Broker Cloud Service19.0AllAllAll
ApplicationOracleRetail Order Broker Cloud Service19.1AllAllAll
ApplicationOracleRetail Order Broker Cloud Service19.2AllAllAll
ApplicationOracleRetail Order Broker Cloud Service19.3AllAllAll
ApplicationOracleRetail Predictive Application Server14.1.3.0AllAllAll
ApplicationOracleRetail Predictive Application Server15.0.3.0AllAllAll
ApplicationOracleRetail Predictive Application Server16.0.3.0AllAllAll
ApplicationOracleRetail Predictive Application Server14.1.3.0AllAllAll
ApplicationOracleRetail Predictive Application Server15.0.3.0AllAllAll
ApplicationOracleRetail Predictive Application Server16.0.3.0AllAllAll
ApplicationOracleRetail Xstore Point Of Service15.0.4AllAllAll
ApplicationOracleRetail Xstore Point Of Service16.0.6AllAllAll
ApplicationOracleRetail Xstore Point Of Service17.0.4AllAllAll
ApplicationOracleRetail Xstore Point Of Service18.0.3AllAllAll
ApplicationOracleRetail Xstore Point Of Service19.0.2AllAllAll
ApplicationOracleSiebel Apps - MarketingAllAllAllAll
ApplicationOracleSiebel Ui FrameworkAllAllAllAll
ApplicationOracleSpatial And Graph12.2.0.1AllAllAll
ApplicationOracleSpatial And Graph18cAllAllAll
ApplicationOracleSpatial And Graph19cAllAllAll
ApplicationOracleSpatial And Graph12.2.0.1AllAllAll
ApplicationOracleSpatial And Graph18cAllAllAll
ApplicationOracleSpatial And Graph19cAllAllAll
ApplicationOracleStoragetek Acsls8.5.1AllAllAll
ApplicationOracleStoragetek Tape Analytics Sw Tool2.3.1AllAllAll
ApplicationOracleStoragetek Tape Analytics Sw Tool2.3.1AllAllAll
ApplicationOracleUtilities Framework2.2.0.0.0AllAllAll
ApplicationOracleUtilities Framework4.2.0.2.0AllAllAll
ApplicationOracleUtilities Framework4.2.0.3.0AllAllAll
ApplicationOracleUtilities Framework4.4.0.0.0AllAllAll
ApplicationOracleUtilities Framework4.4.0.2.0AllAllAll
ApplicationOracleUtilities Framework2.2.0.0.0AllAllAll
ApplicationOracleUtilities Framework4.2.0.2.0AllAllAll
ApplicationOracleUtilities Framework4.2.0.3.0AllAllAll
ApplicationOracleUtilities Framework4.4.0.0.0AllAllAll
ApplicationOracleUtilities Framework4.4.0.2.0AllAllAll
ApplicationOracleUtilities FrameworkAllAllAllAll
ApplicationOracleWeblogic Server10.3.6.0.0AllAllAll
ApplicationOracleWeblogic Server10.3.6.0.0AllAllAll
ApplicationQosReload4jAllAllAllAll
  • cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:communications_application_session_controller:3.9m0p1:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:communications_application_session_controller:3.9m0p1:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:communications_eagle_ftp_table_base_retrieval:4.5:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.4.1.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.4.1.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.7.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.7.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.1.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.1.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:financial_services_retail_customer_analytics:8.0.6:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:financial_services_retail_customer_analytics:8.0.6:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:flexcube_core_banking:5.2.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:flexcube_core_banking:5.2.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:flexcube_core_banking:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:health_sciences_information_manager:3.0.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:health_sciences_information_manager:3.0.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.0.37:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.4.12:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.0.2.25:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.1.0.15:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.2.0.26:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.0.37:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.4.12:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.0.2.25:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.1.0.15:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.2.0.26:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:insurance_rules_palette:10.2.0.37:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:insurance_rules_palette:10.2.4.12:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:insurance_rules_palette:11.0.2.25:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:insurance_rules_palette:11.1.0.15:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:insurance_rules_palette:11.2.0.26:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:insurance_rules_palette:10.2.0.37:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:insurance_rules_palette:10.2.4.12:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:insurance_rules_palette:11.0.2.25:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:insurance_rules_palette:11.1.0.15:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:insurance_rules_palette:11.2.0.26:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:oracle_goldengate_application_adapters:19.1.0.0.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:oracle_goldengate_application_adapters:19.1.0.0.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_advanced_inventory_planning:14.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_advanced_inventory_planning:14.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_assortment_planning:15.0.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_assortment_planning:16.0.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_assortment_planning:15.0.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_assortment_planning:16.0.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_bulk_data_integration:15.0.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_bulk_data_integration:16.0.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_bulk_data_integration:15.0.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_bulk_data_integration:16.0.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:16.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:16.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_eftlink:15.0.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_eftlink:16.0.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_eftlink:17.0.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_eftlink:18.0.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_eftlink:19.0.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_insights_cloud_service_suite:19.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_integration_bus:14.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_integration_bus:16.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_integration_bus:14.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_integration_bus:16.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_order_broker_cloud_service:16.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_order_broker_cloud_service:18.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_order_broker_cloud_service:19.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_order_broker_cloud_service:19.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_order_broker_cloud_service:19.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_order_broker_cloud_service:19.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_order_broker_cloud_service:16.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_order_broker_cloud_service:18.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_order_broker_cloud_service:19.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_order_broker_cloud_service:19.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_order_broker_cloud_service:19.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_order_broker_cloud_service:19.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_predictive_application_server:14.1.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_predictive_application_server:16.0.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_predictive_application_server:14.1.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_predictive_application_server:16.0.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0.6:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:siebel_apps_-_marketing:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:siebel_ui_framework:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:spatial_and_graph:12.2.0.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:spatial_and_graph:18c:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:spatial_and_graph:19c:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:spatial_and_graph:12.2.0.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:spatial_and_graph:18c:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:spatial_and_graph:19c:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:storagetek_acsls:8.5.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:utilities_framework:2.2.0.0.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:utilities_framework:4.2.0.2.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:utilities_framework:4.2.0.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:utilities_framework:4.4.0.2.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:utilities_framework:2.2.0.0.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:utilities_framework:4.2.0.2.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:utilities_framework:4.2.0.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:utilities_framework:4.4.0.2.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:qos:reload4j:*:*:*:*:*:*:*:*:

Social Mentions

Source Title Posted (UTC)
Twitter Icon @yazicivo ? Log4j 2.15.0 has been released with many goodies logging.apache.org/log4j/2.x/chan… along with a fix for CVE-2020-9488 vulne… twitter.com/i/web/status/1… 2021-12-10 09:36:31
Twitter Icon @yazicivo You are affected by Log4j 2 JNDI lookup vulnerability CVE-2020-9488 if • you are using PatternLayout • without -Dlo… twitter.com/i/web/status/1… 2021-12-10 09:36:31
Twitter Icon @utkuozdemir @yazicivo Small correction here: I think the CVE you are talking about is CVE-2021-44228, not CVE-2020-9488. 2021-12-10 10:36:11
Twitter Icon @hatano CVE-2020-9488ってどうしてLog4j(V1.2)がSMTPSするときっていう話になっているんだろう。SSL/TLSはJava標準を使うんじゃないのかな。 2021-12-16 10:53:30
Twitter Icon @yamadamn とっくにEOLとなったLog4j 1.xに影響を与えるCVEを公開したとのこと。 CVE-2019-17571 CVE-2020-9488 CVE-2021-4104 CVE-2022-23302 CVE-2022-23305 C… twitter.com/i/web/status/1… 2022-01-19 11:43:16
Twitter Icon @ipssignatures I know no IPS that has a protection/signature/rule for the vulnerability CVE-2020-9488. The vuln was published 631… twitter.com/i/web/status/1… 2022-01-19 14:04:02
Twitter Icon @ipssignatures The vuln CVE-2020-9488 has a tweet created 0 days ago and retweeted 20 times. twitter.com/yamadamn/statu… #Sjnmlkmsbbunra 2022-01-19 14:04:02
Twitter Icon @yamadamn @masanobuimai reload4j.qos.ch が更新されてて、1.2.18.1 でほぼ修正されそうですね。 repo1.maven.org/maven2/ch/qos/… 厳密には CVE-2020-9488 の… twitter.com/i/web/status/1… 2022-01-19 23:14:02
Twitter Icon @yamadamn Log4j 1.xのフォークであるreload4jで1.2.18.3もいつの間にか出てて、CVE-2020-9488 の SMTPAppender の問題も修正されたようです。 reload4j.qos.ch 2022-01-25 15:00:57
© CVE.report 2023 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report