{"api_version":"1","generated_at":"2026-04-22T19:06:19+00:00","cve":"CVE-2021-44832","urls":{"html":"https://cve.report/CVE-2021-44832","api":"https://cve.report/api/cve/CVE-2021-44832.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-44832","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-44832"},"summary":{"title":"CVE-2021-44832","description":"Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.","state":"PUBLIC","assigner":"security@apache.org","published_at":"2021-12-28 20:15:00","updated_at":"2023-11-07 03:39:00"},"problem_types":["CWE-20"],"metrics":[],"references":[{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf","name":"https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf","refsource":"CONFIRM","tags":[],"title":"","mime":"application/pdf","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html","name":"[debian-lts-announce] 20211229 [SECURITY] [DLA 2870-1] apache-log4j2 security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 2870-1] apache-log4j2 security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/","name":"FEDORA-2021-c6f471ce0f","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 35 Update: log4j-2.17.1-1.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.netapp.com/advisory/ntap-20220104-0001/","name":"https://security.netapp.com/advisory/ntap-20220104-0001/","refsource":"CONFIRM","tags":[],"title":"CVE-2021-44832 Apache Log4j Vulnerability in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.oracle.com/security-alerts/cpuapr2022.html","name":"https://www.oracle.com/security-alerts/cpuapr2022.html","refsource":"MISC","tags":[],"title":"Oracle Critical Patch Update Advisory - April 2022","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/","name":"FEDORA-2021-c6f471ce0f","refsource":"","tags":[],"title":"[SECURITY] Fedora 35 Update: log4j-2.17.1-1.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/","name":"FEDORA-2021-1bd9151bab","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 34 Update: log4j-2.17.1-1.fc34 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.oracle.com/security-alerts/cpujan2022.html","name":"https://www.oracle.com/security-alerts/cpujan2022.html","refsource":"MISC","tags":[],"title":"Oracle Critical Patch Update Advisory - January 2022","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/","name":"FEDORA-2021-1bd9151bab","refsource":"","tags":[],"title":"[SECURITY] Fedora 34 Update: log4j-2.17.1-1.fc34 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd","name":"20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021","refsource":"CISCO","tags":[],"title":"Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.openwall.com/lists/oss-security/2021/12/28/1","name":"[oss-security] 20211228 CVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration","refsource":"MLIST","tags":[],"title":"oss-security - CVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender\n when attacker controls configuration","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://issues.apache.org/jira/browse/LOG4J2-3293","name":"https://issues.apache.org/jira/browse/LOG4J2-3293","refsource":"MISC","tags":[],"title":"[LOG4J2-3293] JDBC Appender should use JNDI Manager and JNDI access should be limited. - ASF JIRA","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143","name":"https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143","refsource":"MISC","tags":[],"title":"","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.oracle.com/security-alerts/cpujul2022.html","name":"N/A","refsource":"N/A","tags":[],"title":"Oracle Critical Patch Update Advisory - July 2022","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-44832","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44832","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apache","cpe5":"log4j","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apache","cpe5":"log4j","cpe6":"2.0","cpe7":"-","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apache","cpe5":"log4j","cpe6":"2.0","cpe7":"beta7","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apache","cpe5":"log4j","cpe6":"2.0","cpe7":"beta8","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apache","cpe5":"log4j","cpe6":"2.0","cpe7":"beta9","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apache","cpe5":"log4j","cpe6":"2.0","cpe7":"rc1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apache","cpe5":"log4j","cpe6":"2.0","cpe7":"rc2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"cloudcenter","cpe6":"4.10.0.16","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"34","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"35","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"communications_brm_-_elastic_charging_engine","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"communications_brm_-_elastic_charging_engine","cpe6":"12.0.0.5.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"8.5.1.0","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"communications_diameter_signaling_router","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"communications_interactive_session_recorder","cpe6":"6.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"communications_interactive_session_recorder","cpe6":"6.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"communications_offline_mediation_controller","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"communications_offline_mediation_controller","cpe6":"12.0.0.5.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"flexcube_private_banking","cpe6":"12.1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"health_sciences_data_management_workbench","cpe6":"2.5.2.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"health_sciences_data_management_workbench","cpe6":"3.0.0.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"health_sciences_data_management_workbench","cpe6":"3.1.0.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"12.2.24","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"policy_automation","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"12.2.24","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"policy_automation_for_mobile_devices","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"primavera_gateway","cpe6":"21.12.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"17.12.11","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"primavera_gateway","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"18.8.13","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"primavera_gateway","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"19.12.12","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"primavera_gateway","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"20.12.7","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"primavera_gateway","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"primavera_p6_enterprise_project_portfolio_management","cpe6":"21.12.0.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"19.12.18.0","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"primavera_p6_enterprise_project_portfolio_management","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"20.12.12.0","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"primavera_p6_enterprise_project_portfolio_management","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"primavera_unifier","cpe6":"18.8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"primavera_unifier","cpe6":"19.12","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"primavera_unifier","cpe6":"20.12","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"primavera_unifier","cpe6":"21.12","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"product_lifecycle_analytics","cpe6":"3.6.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"retail_assortment_planning","cpe6":"16.0.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"retail_fiscal_management","cpe6":"14.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"retail_order_broker","cpe6":"18.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"retail_order_broker","cpe6":"19.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"retail_xstore_point_of_service","cpe6":"17.0.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"retail_xstore_point_of_service","cpe6":"18.0.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"retail_xstore_point_of_service","cpe6":"19.0.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"retail_xstore_point_of_service","cpe6":"20.0.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"retail_xstore_point_of_service","cpe6":"21.0.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"siebel_ui_framework","cpe6":"21.12","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"21.12","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"siebel_ui_framework","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"weblogic_server","cpe6":"12.2.1.3.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"weblogic_server","cpe6":"12.2.1.4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"44832","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"weblogic_server","cpe6":"14.1.1.0.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2021-44832","qid":"178977","title":"Debian Security Update for apache-log4j2 (DLA 2870-1)"},{"cve":"CVE-2021-44832","qid":"180584","title":"Debian Security Update for apache-log4j2 (CVE-2021-44832)"},{"cve":"CVE-2021-44832","qid":"198626","title":"Ubuntu Security Notification for Apache Log4j 2 Vulnerabilities (USN-5222-1)"},{"cve":"CVE-2021-44832","qid":"20252","title":"IBM DB2 Security Update for Log4j (6528672,6549888)"},{"cve":"CVE-2021-44832","qid":"240209","title":"Red Hat Update for JBoss Enterprise Application Platform 7.4.4 (RHSA-2022:1296)"},{"cve":"CVE-2021-44832","qid":"240210","title":"Red Hat Update for JBoss Enterprise Application Platform 7.4.4 (RHSA-2022:1297)"},{"cve":"CVE-2021-44832","qid":"282215","title":"Fedora Security Update for log4j (FEDORA-2021-1bd9151bab)"},{"cve":"CVE-2021-44832","qid":"282216","title":"Fedora Security Update for log4j (FEDORA-2021-c6f471ce0f)"},{"cve":"CVE-2021-44832","qid":"353129","title":"Amazon Linux Security Advisory for aws-kinesis-agent : ALAS2-2022-1734"},{"cve":"CVE-2021-44832","qid":"354307","title":"Amazon Linux Security Advisory for log4j : ALAS2022-2022-011"},{"cve":"CVE-2021-44832","qid":"354369","title":"Amazon Linux Security Advisory for log4j : ALAS2022-2022-225"},{"cve":"CVE-2021-44832","qid":"354538","title":"Amazon Linux Security Advisory for log4j : ALAS-2022-225"},{"cve":"CVE-2021-44832","qid":"376209","title":"Apache Log4j Remote Code Execution (RCE) Vulnerability (CVE-2021-44832)"},{"cve":"CVE-2021-44832","qid":"376210","title":"Apache Log4j Remote Code Execution (RCE) Vulnerability (Log4Shell) Detected Based on Qualys Log4j scan Utility (CVE-2021-44832)"},{"cve":"CVE-2021-44832","qid":"376425","title":"Oracle Hypertext Transfer Protocol Server (HTTP Server) Multiple Vulnerabilities (Log4Shell) (Doc_ID_2817011.1)"},{"cve":"CVE-2021-44832","qid":"376473","title":"IBM Spectrum Control Multiple Vulnerabilities (6561029)"},{"cve":"CVE-2021-44832","qid":"376547","title":"Oracle PeopleSoft Enterprise PeopleTools Product Multiple Vulnerabilities (CPUAPR2022)"},{"cve":"CVE-2021-44832","qid":"691064","title":"Free Berkeley Software Distribution (FreeBSD) Security Update for rundeck3 (27c822a0-addc-11ed-a9ee-dca632b19f10)"},{"cve":"CVE-2021-44832","qid":"730318","title":"Palo Alto Networks (PAN-OS) Log4j Multiple Vulnerabilities (PAN-184592) (Log4Shell)"},{"cve":"CVE-2021-44832","qid":"730362","title":"Neo4j Database Server Affected by Apache Log4j Security Vulnerability"},{"cve":"CVE-2021-44832","qid":"730371","title":"McAfee Web Gateway Multiple Vulnerabilities (WP-3335,WP-4131,WP-4159,WP-4237,WP-4259,WP-4329,WP-4348,WP-4355,WP-4376,WP-4407,WP-4421)"},{"cve":"CVE-2021-44832","qid":"751571","title":"OpenSUSE Security Update for log4j (openSUSE-SU-2021:4208-1)"},{"cve":"CVE-2021-44832","qid":"751576","title":"OpenSUSE Security Update for log4j (openSUSE-SU-2022:0002-1)"},{"cve":"CVE-2021-44832","qid":"87483","title":"Oracle WebLogic Server Multiple Vulnerabilities (Log4Shell) (Doc_ID_2817011.1)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"security@apache.org","ID":"CVE-2021-44832","STATE":"PUBLIC","TITLE":"Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Apache Log4j2","version":{"version_data":[{"version_affected":"<","version_name":"log4j-core","version_value":"2.17.1"},{"version_affected":">=","version_name":"log4j-core","version_value":"2.13.0"},{"version_affected":"<","version_name":"log4j-core","version_value":"2.12.4"},{"version_affected":">=","version_name":"log4j-core","version_value":"2.4"},{"version_affected":"<","version_name":"log4j-core","version_value":"2.3.2"},{"version_affected":">=","version_name":"log4j-core","version_value":"2.0-beta7"}]}}]},"vendor_name":"Apache Software Foundation"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2."}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":[{"other":"moderate"}],"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-20 Improper Input Validation"}]},{"description":[{"lang":"eng","value":"CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')"}]}]},"references":{"reference_data":[{"refsource":"CISCO","name":"20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"},{"refsource":"MISC","url":"https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143","name":"https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143"},{"refsource":"MISC","url":"https://issues.apache.org/jira/browse/LOG4J2-3293","name":"https://issues.apache.org/jira/browse/LOG4J2-3293"},{"refsource":"MLIST","name":"[oss-security] 20211228 CVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration","url":"http://www.openwall.com/lists/oss-security/2021/12/28/1"},{"refsource":"MLIST","name":"[debian-lts-announce] 20211229 [SECURITY] [DLA 2870-1] apache-log4j2 security update","url":"https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html"},{"refsource":"CONFIRM","name":"https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf"},{"refsource":"FEDORA","name":"FEDORA-2021-c6f471ce0f","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/"},{"refsource":"FEDORA","name":"FEDORA-2021-1bd9151bab","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/"},{"url":"https://www.oracle.com/security-alerts/cpujan2022.html","refsource":"MISC","name":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20220104-0001/","url":"https://security.netapp.com/advisory/ntap-20220104-0001/"},{"url":"https://www.oracle.com/security-alerts/cpuapr2022.html","refsource":"MISC","name":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"url":"https://www.oracle.com/security-alerts/cpujul2022.html","refsource":"MISC","name":"https://www.oracle.com/security-alerts/cpujul2022.html"}]},"source":{"defect":["LOG4J2-3293",""],"discovery":"UNKNOWN"},"timeline":[{"lang":"eng","time":"2021-12-27","value":"reported"},{"lang":"eng","time":"2021-12-27","value":"patch proposed, 2.17.1-rc1"},{"lang":"eng","time":"2021-12-28","value":"fixed"},{"lang":"eng","time":"2021-12-28","value":"public"}]},"nvd":{"publishedDate":"2021-12-28 20:15:00","lastModifiedDate":"2023-11-07 03:39:00","problem_types":["CWE-20"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":6.6,"baseSeverity":"MEDIUM"},"exploitabilityScore":0.7,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:C/I:C/A:C","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":8.5},"severity":"HIGH","exploitabilityScore":6.8,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apache:log4j:2.0:rc1:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apache:log4j:2.0:beta9:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apache:log4j:2.0:rc2:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apache:log4j:2.0:beta8:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apache:log4j:2.0:beta7:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apache:log4j:2.0:-:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*","versionStartIncluding":"2.13.0","versionEndExcluding":"2.17.1","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*","versionStartIncluding":"2.4","versionEndExcluding":"2.12.4","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.1","versionEndExcluding":"2.3.2","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.12.0","versionEndIncluding":"17.12.11","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"20.12.0","versionEndIncluding":"20.12.7","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:retail_assortment_planning:16.0.3:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:21.12.0.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*","versionStartIncluding":"20.12.0.0","versionEndIncluding":"20.12.12.0","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"19.12.0","versionEndIncluding":"19.12.12","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"18.8.0","versionEndIncluding":"18.8.13","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:retail_fiscal_management:14.2:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*","versionStartIncluding":"19.12.0","versionEndIncluding":"19.12.18.0","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:siebel_ui_framework:21.12:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0.0","versionEndIncluding":"8.5.1.0","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:cisco:cloudcenter:4.10.0.16:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:retail_order_broker:18.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0.2:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:retail_xstore_point_of_service:20.0.1:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.12.0","versionEndIncluding":"17.12.11","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:retail_order_broker:19.1:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"20.12.0","versionEndIncluding":"20.12.7","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:siebel_ui_framework:*:*:*:*:*:*:*:*","versionEndIncluding":"21.12","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:21.12.0.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*","versionStartIncluding":"20.12.0.0","versionEndIncluding":"20.12.12.0","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*","versionStartIncluding":"19.12.0.0","versionEndIncluding":"19.12.18.0","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"19.12.0","versionEndIncluding":"19.12.12","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"18.8.0","versionEndIncluding":"18.8.13","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*","versionStartIncluding":"8.3.0.0","versionEndIncluding":"8.5.1.0","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.0","versionEndIncluding":"12.2.24","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:product_lifecycle_analytics:3.6.1:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:health_sciences_data_management_workbench:2.5.2.1:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.5.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:*:*:*:*:*:*:*:*","versionEndExcluding":"12.0.0.4.6","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:retail_xstore_point_of_service:21.0.1:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.0","versionEndIncluding":"12.2.24","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.0.0.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.1.0.3:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.5.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:communications_offline_mediation_controller:*:*:*:*:*:*:*:*","versionEndExcluding":"12.0.0.4.4","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"44832","Ordinal":"222696","Title":"CVE-2021-44832","CVE":"CVE-2021-44832","Year":"2021"},"notes":[]}}}