CVE-2021-45046
Summary
| CVE | CVE-2021-45046 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-12-14 19:15:00 UTC |
| Updated | 2023-10-26 07:15:00 UTC |
| Description | It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in an information leak and remote code execution in some environments and local code execution in all environments. Log4j 2.16.0 (Java 8) and 2.12.2 (Java 7) fix this issue by removing support for message lookup patterns and disabling JNDI functionality by default. |
Risk And Classification
EPSS: 0.944340000 probability, percentile 0.999850000 (date 2026-04-21)
CISA KEV: Listed on 2023-05-01; due 2023-05-22; ransomware use Known
Problem Types: CWE-917
CISA Known Exploited Vulnerability
| Vendor | Apache |
|---|---|
| Product | Log4j2 |
| Name | Apache Log4j2 Deserialization of Untrusted Data Vulnerability |
| Required Action | Apply updates per vendor instructions. |
| Notes | https://logging.apache.org/log4j/2.x/security.html; https://nvd.nist.gov/vuln/detail/CVE-2021-45046 |
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Apache | Log4j | All | All | All | All |
| Application | Apache | Log4j | 2.0 | - | All | All |
| Application | Apache | Log4j | 2.0 | beta9 | All | All |
| Application | Apache | Log4j | 2.0 | rc1 | All | All |
| Application | Apache | Log4j | 2.0 | rc2 | All | All |
| Application | Apache | Log4j | All | All | All | All |
| Application | Arubanetworks | Silver Peak Orchestrator | - | All | All | All |
| Operating System | Debian | Debian Linux | 10.0 | All | All | All |
| Operating System | Debian | Debian Linux | 11.0 | All | All | All |
| Operating System | Debian | Debian Linux | 9.0 | All | All | All |
| Operating System | Fedoraproject | Fedora | 34 | All | All | All |
| Operating System | Fedoraproject | Fedora | 35 | All | All | All |
| Application | Intel | Audio Development Kit | - | All | All | All |
| Application | Intel | Computer Vision Annotation Tool | - | All | All | All |
| Application | Intel | Datacenter Manager | - | All | All | All |
| Application | Intel | Genomics Kernel Library | - | All | All | All |
| Application | Intel | Oneapi | - | All | All | All |
| Application | Intel | Secure Device Onboard | - | All | All | All |
| Application | Intel | Sensor Solution Firmware Development Kit | - | All | All | All |
| Application | Intel | System Debugger | - | All | All | All |
| Application | Intel | System Studio | - | All | All | All |
| Application | Netapp | Brocade San Navigator | - | All | All | All |
| Application | Netapp | Cloud Insights Acquisition Unit | - | All | All | All |
| Application | Netapp | Cloud Manager | - | All | All | All |
| Application | Netapp | Cloud Secure Agent | - | All | All | All |
| Application | Netapp | Oncommand Insight | - | All | All | All |
| Application | Netapp | Ontap Tools | - | All | All | All |
| Application | Netapp | Snapcenter | - | All | All | All |
| Hardware | Siemens | 6bk1602-0aa12-0tp0 | - | All | All | All |
| Operating System | Siemens | 6bk1602-0aa12-0tp0 Firmware | All | All | All | All |
| Hardware | Siemens | 6bk1602-0aa22-0tp0 | - | All | All | All |
| Operating System | Siemens | 6bk1602-0aa22-0tp0 Firmware | All | All | All | All |
| Hardware | Siemens | 6bk1602-0aa32-0tp0 | - | All | All | All |
| Operating System | Siemens | 6bk1602-0aa32-0tp0 Firmware | All | All | All | All |
| Hardware | Siemens | 6bk1602-0aa42-0tp0 | - | All | All | All |
| Operating System | Siemens | 6bk1602-0aa42-0tp0 Firmware | All | All | All | All |
| Hardware | Siemens | 6bk1602-0aa52-0tp0 | - | All | All | All |
| Operating System | Siemens | 6bk1602-0aa52-0tp0 Firmware | All | All | All | All |
| Application | Siemens | Capital | - | All | All | All |
| Application | Siemens | Captial | All | All | All | All |
| Application | Siemens | Captial | 2019.1 | - | All | All |
| Application | Siemens | Captial | 2019.1 | sp1912 | All | All |
| Application | Siemens | Comos | All | All | All | All |
| Application | Siemens | Cosmos | - | All | All | All |
| Application | Siemens | Desigo Cc Advanced Reports | 4.0 | All | All | All |
| Application | Siemens | Desigo Cc Advanced Reports | 4.1 | All | All | All |
| Application | Siemens | Desigo Cc Advanced Reports | 4.2 | All | All | All |
| Application | Siemens | Desigo Cc Advanced Reports | 5.0 | All | All | All |
| Application | Siemens | Desigo Cc Advanced Reports | 5.1 | All | All | All |
| Application | Siemens | Desigo Cc Info Center | 5.0 | All | All | All |
| Application | Siemens | Desigo Cc Info Center | 5.1 | All | All | All |
| Application | Siemens | Desigo Consumption Control Advanced Reporting | All | All | All | All |
| Application | Siemens | Desigo Consumption Control Advanced Reporting | - | All | All | All |
| Application | Siemens | Desigo Consumption Control Advanced Reporting | 4.0 | All | All | All |
| Application | Siemens | Desigo Consumption Control Advanced Reporting | 4.1 | All | All | All |
| Application | Siemens | Desigo Consumption Control Advanced Reporting | 4.2 | All | All | All |
| Application | Siemens | Desigo Consumption Control Advanced Reporting | 5.0 | All | All | All |
| Application | Siemens | Desigo Consumption Control Advanced Reporting | 5.1 | All | All | All |
| Application | Siemens | Desigo Consumption Control Info Center | 5.0 | All | All | All |
| Application | Siemens | Desigo Consumption Control Info Center | 5.1 | All | All | All |
| Operating System | Siemens | Dynamic Security Assessment | 4.2 | All | All | All |
| Operating System | Siemens | Dynamic Security Assessment | 4.3 | All | All | All |
| Operating System | Siemens | Dynamic Security Assessment | 4.4 | All | All | All |
| Application | Siemens | E-car Operating Center | All | All | All | All |
| Application | Siemens | E-car Operation Center | All | All | All | All |
| Application | Siemens | Energyip | 8.5 | All | All | All |
| Application | Siemens | Energyip | 8.6 | All | All | All |
| Application | Siemens | Energyip | 8.7 | All | All | All |
| Application | Siemens | Energyip | 9.0 | All | All | All |
| Application | Siemens | Energyip Prepay | 3.7 | All | All | All |
| Application | Siemens | Energyip Prepay | 3.8 | All | All | All |
| Application | Siemens | Energy Engage | 3.1 | All | All | All |
| Application | Siemens | Gma-manager | All | All | All | All |
| Application | Siemens | Head-end System Universal Device Integration System | All | All | All | All |
| Application | Siemens | Head-end System Universal Device Integration System | - | All | All | All |
| Application | Siemens | Industrial Edge Management | All | All | All | All |
| Application | Siemens | Industrial Edge Management | - | All | All | All |
| Operating System | Siemens | Industrial Edge Management | - | All | All | All |
| Application | Siemens | Industrial Edge Management Hub | All | All | All | All |
| Operating System | Siemens | Industrial Edge Manangement Hub | - | All | All | All |
| Application | Siemens | Logo! Soft Comfort | All | All | All | All |
| Operating System | Siemens | Logo! Soft Comfort | - | All | All | All |
| Application | Siemens | Mendix | All | All | All | All |
| Operating System | Siemens | Mendix | - | All | All | All |
| Application | Siemens | Mindsphere | All | All | All | All |
| Operating System | Siemens | Mindsphere | All | All | All | All |
| Application | Siemens | Navigator | All | All | All | All |
| Application | Siemens | Nx | All | All | All | All |
| Operating System | Siemens | Nx | - | All | All | All |
| Operating System | Siemens | Opcenter Intelligence | All | All | All | All |
| Application | Siemens | Opcenter Intelligence | All | All | All | All |
| Operating System | Siemens | Operation Scheduler | All | All | All | All |
| Application | Siemens | Operation Scheduler | All | All | All | All |
| Application | Siemens | Sentron Powermanager | 4.1 | All | All | All |
| Application | Siemens | Sentron Powermanager | 4.2 | All | All | All |
| Application | Siemens | Siguard Dsa | 4.2 | All | All | All |
| Application | Siemens | Siguard Dsa | 4.3 | All | All | All |
| Application | Siemens | Siguard Dsa | 4.4 | All | All | All |
| Application | Siemens | Simatic Wincc | 7.4 | All | All | All |
| Application | Siemens | Sipass Integrated | 2.80 | All | All | All |
| Application | Siemens | Sipass Integrated | 2.85 | All | All | All |
| Application | Siemens | Siveillance Command | All | All | All | All |
| Application | Siemens | Siveillance Control | All | All | All | All |
| Application | Siemens | Siveillance Control Pro | All | All | All | All |
| Application | Siemens | Siveillance Identity | 1.5 | All | All | All |
| Application | Siemens | Siveillance Identity | 1.6 | All | All | All |
| Application | Siemens | Siveillance Vantage | All | All | All | All |
| Application | Siemens | Siveillance Vantage | - | All | All | All |
| Application | Siemens | Siveillance Viewpoint | All | All | All | All |
| Application | Siemens | Solid Edge Cam Pro | All | All | All | All |
| Application | Siemens | Solid Edge Harness Design | All | All | All | All |
| Application | Siemens | Solid Edge Harness Design | 2020 | All | All | All |
| Application | Siemens | Solid Edge Harness Design | 2020 | - | All | All |
| Application | Siemens | Solid Edge Harness Design | 2020 | sp2002 | All | All |
| Application | Siemens | Solid Edge Wiring Harness Design | - | All | All | All |
| Application | Siemens | Spectrum Power 4 | All | All | All | All |
| Application | Siemens | Spectrum Power 4 | 4.70 | - | All | All |
| Application | Siemens | Spectrum Power 4 | 4.70 | sp7 | All | All |
| Application | Siemens | Spectrum Power 4 | 4.70 | sp8 | All | All |
| Application | Siemens | Spectrum Power 7 | All | All | All | All |
| Application | Siemens | Spectrum Power 7 | - | All | All | All |
| Application | Siemens | Spectrum Power 7 | 2.30 | All | All | All |
| Application | Siemens | Spectrum Power 7 | 2.30 | - | All | All |
| Application | Siemens | Spectrum Power 7 | 2.30 | sp2 | All | All |
| Hardware | Siemens | Sppa-t3000 Ses3000 | - | All | All | All |
| Operating System | Siemens | Sppa-t3000 Ses3000 Firmware | All | All | All | All |
| Application | Siemens | Teamcenter | All | All | All | All |
| Application | Siemens | Teamcenter Suite | - | All | All | All |
| Application | Siemens | Tracealertserverplus | All | All | All | All |
| Application | Siemens | Vesys | All | All | All | All |
| Application | Siemens | Vesys | - | All | All | All |
| Application | Siemens | Vesys | 2019.1 | All | All | All |
| Application | Siemens | Vesys | 2019.1 | - | All | All |
| Application | Siemens | Vesys | 2019.1 | sp1912 | All | All |
| Application | Siemens | Xpedition Enterprise | - | All | All | All |
| Application | Siemens | Xpedition Enterprise Data Management | All | All | All | All |
| Application | Siemens | Xpedition Package Integrator | - | All | All | All |
| Application | Siemens | Xpedition Package Integrator | All | All | All | All |
| Application | Sonicwall | Email Security | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf | CONFIRM | cert-portal.siemens.com | |
| Debian -- Security Information -- DSA-5022-1 apache-log4j2 | DEBIAN | www.debian.org | |
| Security Advisory | CONFIRM | psirt.global.sonicwall.com | |
| cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf | CONFIRM | cert-portal.siemens.com | |
| oss-security - CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack | MLIST | www.openwall.com | |
| cve-website | MISC | www.cve.org | |
| Oracle Critical Patch Update Advisory - April 2022 | MISC | www.oracle.com | |
| oss-security - Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack | MLIST | www.openwall.com | |
| Ubiquiti UniFi: remote code execution via bundled log4j (GLSA 202310-16) — Gentoo security | MISC | security.gentoo.org | |
| [SECURITY] Fedora 35 Update: log4j-2.17.0-1.fc35 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| Oracle Critical Patch Update Advisory - January 2022 | MISC | www.oracle.com | |
| [SECURITY] Fedora 34 Update: log4j-2.17.0-1.fc34 - package-announce - Fedora Mailing-Lists | MISC | lists.fedoraproject.org | |
| Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021 | CISCO | tools.cisco.com | |
| oss-security - Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack | MLIST | www.openwall.com | |
| INTEL-SA-00646 | CONFIRM | www.intel.com | |
| cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf | CONFIRM | cert-portal.siemens.com | |
| cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf | CONFIRM | cert-portal.siemens.com | |
| [SECURITY] Fedora 35 Update: log4j-2.17.0-1.fc35 - package-announce - Fedora Mailing-Lists | MISC | lists.fedoraproject.org | |
| oss-security - Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack | MLIST | www.openwall.com | |
| Oracle Security Alert Advisory - CVE-2021-44228 | CONFIRM | www.oracle.com | |
| CVE-2021-45046 Apache Log4j Vulnerability in NetApp Products | NetApp Product Security | CONFIRM | security.netapp.com | |
| Log4j – Apache Log4j Security Vulnerabilities | MISC | logging.apache.org | |
| [SECURITY] Fedora 34 Update: log4j-2.17.0-1.fc34 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| VU#930724 - Apache Log4j allows insecure JNDI lookups | CERT-VN | www.kb.cert.org | |
| Oracle Critical Patch Update Advisory - July 2022 | N/A | www.oracle.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
| CISA Known Exploited Vulnerabilities catalog | CISA | www.cisa.gov | kev |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 178942 Debian Security Update for apache-log4j2 (DSA 5022-1)
- 184929 Debian Security Update for apache-log4j2 (CVE-2021-45046)
- 198606 Ubuntu Security Notification for Apache Log4j 2 Vulnerability (USN-5197-1)
- 20252 IBM DB2 Security Update for Log4j (6528672,6549888)
- 216275 VMware vCenter Server 7.0 Apache Log4j Remote Code Execution (RCE) Vulnerability (VMSA-2021-0028)
- 216276 VMware vCenter Server 6.7 Apache Log4j Remote Code Execution (RCE) Vulnerability (VMSA-2021-0028)
- 216277 VMware vCenter Server 6.5 Apache Log4j Remote Code Execution (RCE) Vulnerability (VMSA-2021-0028)
- 240209 Red Hat Update for JBoss Enterprise Application Platform 7.4.4 (RHSA-2022:1296)
- 240210 Red Hat Update for JBoss Enterprise Application Platform 7.4.4 (RHSA-2022:1297)
- 282198 Fedora Security Update for log4j (FEDORA-2021-5c9d12a93e) (Log4Shell)
- 282200 Fedora Security Update for log4j (FEDORA-2021-abbe24e41c) (Log4Shell)
- 317120 Cisco Unified Communications Manager (CUCM) Apache Log4j Vulnerability (cisco-sa-apache-log4j-qRuKNEbd)
- 317121 Cisco Unified Communications Manager IM and Presence Service (formerly CUPS) Apache Log4j Vulnerability (cisco-sa-apache-log4j-qRuKNEbd)
- 317123 Cisco UCS Central Software Apache Log4j Vulnerability (cisco-sa-apache-log4j-qRuKNEbd)
- 353084 Amazon Linux Security Advisory for aws-kinesis-agent : ALAS2-2021-1730
- 353085 Amazon Linux Security Advisory for java-1.8.0-openjdk, java-1.7.0-openjdk, java-1.6.0-openjdk : ALAS-2021-1553
- 353086 Amazon Linux Security Advisory for java-11-openjdk : ALAS2JAVA-OPENJDK11-2021-001
- 353087 Amazon Linux Security Advisory for java-1.8.0-amazon-corretto : ALAS2CORRETTO8-2021-001
- 353088 Amazon Linux Security Advisory for java-17-amazon-corretto, java-11-amazon-corretto, java-1.8.0-openjdk, java-1.7.0-openjdk : ALAS2-2021-1731
- 354369 Amazon Linux Security Advisory for log4j : ALAS2022-2022-225
- 354514 Amazon Linux Security Advisory for log4j : ALAS2022-2021-004
- 354538 Amazon Linux Security Advisory for log4j : ALAS-2022-225
- 376178 Apache Log4j Remote Code Execution (RCE) Vulnerability (CVE-2021-45046)
- 376183 VMware NSX-T Apache Log4j Remote Code Execution (RCE) Vulnerability (VMSA-2021-0028)
- 376184 VMware Identity Manager (vIDM) and Workspace ONE Access Apache Log4j Remote Code Execution (RCE) Vulnerability (VMSA-2021-0028)
- 376185 DataDog Agent Log4j Remote Code Execution (RCE) Vulnerability
- 376192 Elasticsearch Logstash Log4j Remote Code Execution (RCE) Vulnerability
- 376193 Apache Log4j Remote Code Execution (RCE) Vulnerability (Log4Shell) Detected Based on Qualys Log4j scan Utility (CVE-2021-45046)
- 376207 VMware Horizon Windows Agent Apache Log4j Remote Code Execution (RCE) Vulnerabilities (VMSA-2021-0028) (Log4Shell)
- 376230 Dell EMC NetWorker Apache Log4j multiple Remote Code Execution (RCE) Vulnerabilities (DSA-2021-280)
- 376231 Dell EMC NetWorker Server Apache Log4j multiple Remote Code Execution (RCE) Vulnerabilities (DSA-2021-280)
- 376245 VMware Tanzu GemFire Log4j Remote Code Execution (RCE) Vulnerability (VMSA-2021-0028) (Log4Shell)
- 376261 VMware vRealize Orchestrator, VMware vRealize Automation and VMware vRealize Lifecycle Manager Log4j Remote Code Execution (RCE) Vulnerability (VMSA-2021-0028) (Log4Shell)
- 376267 Tableau Server and Desktop Multiple Vulnerabilities (Log4Shell)
- 376406 Adobe ColdFusion advisory for Apache Log4j Vulnerability (Log4Shell)
- 376415 IBM WebSphere Application Server Multiple Vulnerabilities (Log4Shell) (6526750)
- 376417 VMware Horizon Connection Server Apache Log4j Remote Code Execution (RCE) Vulnerabilities (VMSA-2021-0028) (Log4Shell)
- 376450 Symantec Endpoint Protection Manager (SEPM) Log4j Vulnerability (SYMSA19793)
- 376477 Autonomous Health Framework (AHF) Multiple Vulnerabilities (Log4Shell) (Doc ID 2828415.1)
- 590619 Siemens SENTRON Powermanager Apache Log4j Denial of Service (DoS) Vulnerability (SSA-661247) (Log4Shell)
- 590638 Schneider Electric EcoStruxure IT Gateway Apache Log4j Vulnerability (Log4Shell) (SESB-2021-347-01)
- 690752 Free Berkeley Software Distribution (FreeBSD) Security Update for graylog (650734b2-7665-4170-9a0a-eeced5e10a5e)
- 690757 Free Berkeley Software Distribution (FreeBSD) Security Update for opensearch (b0f49cb9-6736-11ec-9eea-589cfc007716) (Log4Shell)
- 710775 Gentoo Linux Ubiquiti UniFi Remote Code Execution (RCE) via bundled log4j Vulnerability (GLSA 202310-16)
- 730303 Apache Flink Emergency Release for Apache Log4j Vulnerability (Log4Shell)
- 730317 VMware Horizon Windows and Linux Agent Apache Log4j Remote Code Execution (RCE) Vulnerabilities (Unauthenticated Check) (Log4Shell)
- 730318 Palo Alto Networks (PAN-OS) Log4j Multiple Vulnerabilities (PAN-184592) (Log4Shell)
- 730329 Dell EMC NetWorker Virtual Edition Multiple Apache Log4j Remote Code Execution (RCE) Vulnerabilities (DSA-2021-280)
- 730331 Dell EMC NetWorker Virtual Edition multiple Apache Log4j Remote Code Execution (RCE) Vulnerabilities (DSA-2021-280)
- 730362 Neo4j Database Server Affected by Apache Log4j Security Vulnerability
- 730367 Dell EMC SRM Remote Code Execution (RCE) Vulnerability (DSA-2021-301)
- 730371 McAfee Web Gateway Multiple Vulnerabilities (WP-3335,WP-4131,WP-4159,WP-4237,WP-4259,WP-4329,WP-4348,WP-4355,WP-4376,WP-4407,WP-4421)
- 751493 OpenSUSE Security Update for log4j (openSUSE-SU-2021:4107-1)
- 751536 OpenSUSE Security Update for log4j (openSUSE-SU-2021:1601-1) (Log4Shell)
- 87473 Cisco Nexus Dashboard Fabric Controller (Formerly DCNM) Apache Log4j Vulnerability (cisco-sa-apache-log4j-qRuKNEbd)