QID 376193

Date Published: 2021-12-17

QID 376193: Apache Log4j Remote Code Execution (RCE) Vulnerability (Log4Shell) Detected Based on Qualys Log4j scan Utility (CVE-2021-45046)

Apache Log4j is a Java-based logging utility. It is part of the Apache Logging Services, a project of the Apache Software Foundation.

CVE-2021-45046: A zero-day exploit affecting the popular Apache Log4j utility to Remote Code Execution.

Affected versions:
Log4j versions from 2.x prior to 2.12.2
Log4j versions 2.13.0 prior to and including 2.15.0

QID Detection: (Authenticated)
Operating System: Windows
This QID reads the file generated by Qualys utility Qualys Log4j Scan Utility for Windows
The QID reads 1st 100000 characters from the generated out put file.

QID Detection: (Authenticated)
Operating System: Linux
This QID reads the file generated by Qualys utility Qualys Log4j Scan Utility for Linux to find vulnerable instances of Log4j.

Successful exploitation of this vulnerability could lead to remote code execution (RCE) on the target.

  • CVSS V3 rated as Critical - 9 severity.
  • CVSS V2 rated as Medium - 5.1 severity.
    • Solution
    Apache recommends customers to upgrade to Log4j 2.3.1 (for Java 6), 2.12.3 (for Java 7), or 2.17.0 (for Java 8 and later). Please refer to the mitigations mentioned here Log4j.
    Vendor References

    CVEs related to QID 376193

    CVE-2021-45046 |
    Software Advisories
    Advisory ID Software Component Link
    Apache Log4j URL Logo logging.apache.org/log4j/2.x/security.html
    By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].