QID 376362

Date Published: 2022-01-24

QID 376362: Salesforce Data Loader Log4j Remote Code Execution (RCE) Vulnerability

Data Loader is a tool to export, import, update, or delete data in Salesforce. Many users with correct permissions use this tool on a daily basis. Versions of Data Loader (53.0.1 and below) that were downloaded and installed by users before December 20, 2021, may be affected by the Apache Log4j vulnerabilities

This vulnerability is officially known as CVE 2021-44228, or informally it is known as Log4Shell or LogJam. Log4Shell is a Remote Code Execution (RCE) class vulnerability

Affected Versions:
Data Loader Versions 53.0.1 and below

QID detection logic(Authenticated):
This QID checks for vulnerable versions of Data Loader

NOTE: QID will detect Data Loader versions only work if the data loader process running.

This allows hackers to input arbitrary code into an application and hackers can put their own code by adding a single string to the log, which gives them full control over the server.

  • CVSS V3 rated as Critical - 10 severity.
  • CVSS V2 rated as Critical - 9.3 severity.
  • Solution
    Users are advised to download latest version, For more info kindly refer to CVE 2021-44228

    CVEs related to QID 376362

    Software Advisories
    Advisory ID Software Component Link
    CVE 2021-44228 URL Logo salesforcetime.com/2021/12/31/salesforce-data-loader-log4j-vulnerability/