CVE-2021-42550
CVSS v3.1
6.6 (Medium)
CVSS v2.0
8.5 (High)
EPSS
1.55 % (87th)
Affected Products
6
Advisories
3
In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.
Weaknesses
- CWE-502
- Deserialization of Untrusted Data
- CVE Status
- PUBLISHED
- CNA
- Switzerland Government Common Vulnerability Program
- Published Date
-
2021-12-16 19:15:08
(2 years ago) - Updated Date
-
2022-12-12 21:13:07
(21 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Configuration #4
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...