CVE-2021-45046

CVSS v3.1 9 (Critical)

CVSS v2.0 5.1 (Medium)

EPSS 97.31 % (100^th)

Affected Products 61

Advisories 18

NVD Status Analyzed

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in an information leak and remote code execution in some environments and local code execution in all environments. Log4j 2.16.0 (Java 8) and 2.12.2 (Java 7) fix this issue by removing support for message lookup patterns and disabling JNDI functionality by default.

Weaknesses

CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')

Related CVEs

CVE Status: PUBLISHED
NVD Status: Analyzed
CNA: Apache Software Foundation
Published Date: 2021-12-14 19:15:07
(2 years ago)
Updated Date: 2024-06-27 19:24:09
(2 months ago)

Apache Log4j2 Deserialization of Untrusted Data Vulnerability (CISA - Known Exploited Vulnerabilities Catalog)

Description: Apache Log4j2 contains a deserialization of untrusted data vulnerability due to the incomplete fix of CVE-2021-44228, where the Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-default configurations.
Required Action: Apply updates per vendor instructions.
Known to be Used in Ransomware Campaigns: Known
Notes: https://logging.apache.org/log4j/2.x/security.html; https://nvd.nist.gov/vuln/detail/CVE-2021-45046

Vendor: Apache
Product: Log4j2
In CISA Catalog from: 2023-05-01
(16 months ago)
Due Date: 2023-05-22
(16 months ago)

Affected Products

Configuration #1

	CPE23	From	Up To
Apache Log4j from 2.0.1 version and prior 2.12.2 version	cpe:2.3:a:apache:log4j	>= 2.0.1	< 2.12.2
Apache Log4j from 2.13.0 version and prior 2.16.0 version	cpe:2.3:a:apache:log4j	>= 2.13.0	< 2.16.0
Apache Log4j 2.0	cpe:2.3:a:apache:log4j:2.0:-
Apache Log4j 2.0 Beta9	cpe:2.3:a:apache:log4j:2.0:beta9
Apache Log4j 2.0 Rc1	cpe:2.3:a:apache:log4j:2.0:rc1
Apache Log4j 2.0 Rc2	cpe:2.3:a:apache:log4j:2.0:rc2

Configuration #2

		CPE23	From	Up To
	Intel Audio Development Kit	cpe:2.3:a:intel:audio_development_kit:-
	Intel Computer Vision Annotation Tool	cpe:2.3:a:intel:computer_vision_annotation_tool:-
	Intel Datacenter Manager	cpe:2.3:a:intel:datacenter_manager:-
	Intel Genomics Kernel Library	cpe:2.3:a:intel:genomics_kernel_library:-
	Intel Oneapi for Eclipse	cpe:2.3:a:intel:oneapi:-:::::eclipse
	Intel Secure Device Onboard	cpe:2.3:a:intel:secure_device_onboard:-
	Intel Sensor Solution Firmware Development Kit	cpe:2.3:a:intel:sensor_solution_firmware_development_kit:-
	Intel System Debugger	cpe:2.3:a:intel:system_debugger:-
	Intel System Studio	cpe:2.3:a:intel:system_studio:-

Configuration #3

AND

		CPE23
OR
	Siemens Sppa-t3000 Ses3000 Firmware	cpe:2.3:o:siemens:sppa-t3000_ses3000_firmware
OR
	Running on/with
	Siemens Sppa-t3000 Ses3000	cpe:2.3:h:siemens:sppa-t3000_ses3000:-

Configuration #4

	CPE23	Up To
Siemens Captial prior 2019.1 version	cpe:2.3:a:siemens:captial	< 2019.1
Siemens Captial 2019.1	cpe:2.3:a:siemens:captial:2019.1:-
Siemens Captial 2019.1 SP1912	cpe:2.3:a:siemens:captial:2019.1:sp1912
Siemens Comos	cpe:2.3:a:siemens:comos
Siemens Desigo Cc Advanced Reports 4.0	cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.0
Siemens Desigo Cc Advanced Reports 4.1	cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.1
Siemens Desigo Cc Advanced Reports 4.2	cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.2
Siemens Desigo Cc Advanced Reports 5.0	cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.0
Siemens Desigo Cc Advanced Reports 5.1	cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.1
Siemens Desigo Cc Info Center 5.0	cpe:2.3:a:siemens:desigo_cc_info_center:5.0
Siemens Desigo Cc Info Center 5.1	cpe:2.3:a:siemens:desigo_cc_info_center:5.1
Siemens E-car Operation Center prior 2021-12-13 version	cpe:2.3:a:siemens:e-car_operation_center	< 2021-12-13
Siemens Energy Engage 3.1	cpe:2.3:a:siemens:energy_engage:3.1
Siemens Energyip 8.5	cpe:2.3:a:siemens:energyip:8.5
Siemens Energyip 8.6	cpe:2.3:a:siemens:energyip:8.6
Siemens Energyip 8.7	cpe:2.3:a:siemens:energyip:8.7
Siemens Energyip 9.0	cpe:2.3:a:siemens:energyip:9.0
Siemens Energyip Prepay 3.7	cpe:2.3:a:siemens:energyip_prepay:3.7
Siemens Energyip Prepay 3.8	cpe:2.3:a:siemens:energyip_prepay:3.8
Siemens Gma-manager prior 8.6.2j-398 version	cpe:2.3:a:siemens:gma-manager	< 8.6.2j-398
Siemens Head-end System Universal Device Integration System	cpe:2.3:a:siemens:head-end_system_universal_device_integration_system
Siemens Industrial Edge Management	cpe:2.3:a:siemens:industrial_edge_management
Siemens Industrial Edge Management Hub prior 2021-12-13 version	cpe:2.3:a:siemens:industrial_edge_management_hub	< 2021-12-13
Siemens Logo! Soft Comfort	cpe:2.3:a:siemens:logo\%21_soft_comfort
Siemens Mendix	cpe:2.3:a:siemens:mendix
Siemens Mindsphere prior 2021-12-11 version	cpe:2.3:a:siemens:mindsphere	< 2021-12-11
Siemens Navigator prior 2021-12-13 version	cpe:2.3:a:siemens:navigator	< 2021-12-13
Siemens Nx	cpe:2.3:a:siemens:nx
Siemens Opcenter Intelligence 3.2 and prior versions	cpe:2.3:a:siemens:opcenter_intelligence	<= 3.2
Siemens Operation Scheduler 1.1.3 and prior versions	cpe:2.3:a:siemens:operation_scheduler	<= 1.1.3
Siemens Sentron Powermanager 4.1	cpe:2.3:a:siemens:sentron_powermanager:4.1
Siemens Sentron Powermanager 4.2	cpe:2.3:a:siemens:sentron_powermanager:4.2
Siemens Siguard Dsa 4.2	cpe:2.3:a:siemens:siguard_dsa:4.2
Siemens Siguard Dsa 4.3	cpe:2.3:a:siemens:siguard_dsa:4.3
Siemens Siguard Dsa 4.4	cpe:2.3:a:siemens:siguard_dsa:4.4
Siemens Sipass Integrated 2.80	cpe:2.3:a:siemens:sipass_integrated:2.80
Siemens Sipass Integrated 2.85	cpe:2.3:a:siemens:sipass_integrated:2.85
Siemens Siveillance Command 4.16.2.1 and prior versions	cpe:2.3:a:siemens:siveillance_command	<= 4.16.2.1
Siemens Siveillance Control Pro	cpe:2.3:a:siemens:siveillance_control_pro
Siemens Siveillance Identity 1.5	cpe:2.3:a:siemens:siveillance_identity:1.5
Siemens Siveillance Identity 1.6	cpe:2.3:a:siemens:siveillance_identity:1.6
Siemens Siveillance Vantage	cpe:2.3:a:siemens:siveillance_vantage
Siemens Siveillance Viewpoint	cpe:2.3:a:siemens:siveillance_viewpoint
Siemens Solid Edge Cam Pro	cpe:2.3:a:siemens:solid_edge_cam_pro
Siemens Solid Edge Harness Design prior 2020 version	cpe:2.3:a:siemens:solid_edge_harness_design	< 2020
Siemens Solid Edge Harness Design 2020	cpe:2.3:a:siemens:solid_edge_harness_design:2020
Siemens Solid Edge Harness Design 2020	cpe:2.3:a:siemens:solid_edge_harness_design:2020:-
Siemens Solid Edge Harness Design 2020 SP2002	cpe:2.3:a:siemens:solid_edge_harness_design:2020:sp2002
Siemens Spectrum Power 4 prior 4.70 version	cpe:2.3:a:siemens:spectrum_power_4	< 4.70
Siemens Spectrum Power 4 4.70	cpe:2.3:a:siemens:spectrum_power_4:4.70:-
Siemens Spectrum Power 4 4.70 SP7	cpe:2.3:a:siemens:spectrum_power_4:4.70:sp7
Siemens Spectrum Power 4 4.70 SP8	cpe:2.3:a:siemens:spectrum_power_4:4.70:sp8
Siemens Spectrum Power 7 prior 2.30 version	cpe:2.3:a:siemens:spectrum_power_7	< 2.30
Siemens Spectrum Power 7 2.30	cpe:2.3:a:siemens:spectrum_power_7:2.30
Siemens Spectrum Power 7 2.30	cpe:2.3:a:siemens:spectrum_power_7:2.30:-
Siemens Spectrum Power 7 2.30 SP2	cpe:2.3:a:siemens:spectrum_power_7:2.30:sp2
Siemens Teamcenter	cpe:2.3:a:siemens:teamcenter
Siemens Tracealertserverplus	cpe:2.3:a:siemens:tracealertserverplus
Siemens Vesys prior 2019.1 version	cpe:2.3:a:siemens:vesys	< 2019.1
Siemens Vesys 2019.1	cpe:2.3:a:siemens:vesys:2019.1
Siemens Vesys 2019.1	cpe:2.3:a:siemens:vesys:2019.1:-
Siemens Vesys 2019.1 SP1912	cpe:2.3:a:siemens:vesys:2019.1:sp1912
Siemens Xpedition Enterprise	cpe:2.3:a:siemens:xpedition_enterprise:-
Siemens Xpedition Package Integrator	cpe:2.3:a:siemens:xpedition_package_integrator:-

Configuration #5

		CPE23	From	Up To
	Debian Linux 10.0	cpe:2.3:o:debian:debian_linux:10.0
	Debian Linux 11.0	cpe:2.3:o:debian:debian_linux:11.0

Configuration #6

		CPE23	From	Up To
	Sonicwall Email Security prior 10.0.12 version	cpe:2.3:a:sonicwall:email_security		< 10.0.12

Configuration #7

		CPE23	From	Up To
	Fedoraproject Fedora 34	cpe:2.3:o:fedoraproject:fedora:34
	Fedoraproject Fedora 35	cpe:2.3:o:fedoraproject:fedora:35

Configuration #8

AND

		CPE23	Up To
OR
	Siemens 6bk1602-0aa12-0tp0	cpe:2.3:h:siemens:6bk1602-0aa12-0tp0:-
OR
	Running on/with
	Siemens 6bk1602-0aa12-0tp0 Firmware prior 2.7.0 version	cpe:2.3:o:siemens:6bk1602-0aa12-0tp0_firmware	< 2.7.0

Configuration #9

AND

		CPE23	Up To
OR
	Siemens 6bk1602-0aa22-0tp0	cpe:2.3:h:siemens:6bk1602-0aa22-0tp0:-
OR
	Running on/with
	Siemens 6bk1602-0aa22-0tp0 Firmware prior 2.7.0 version	cpe:2.3:o:siemens:6bk1602-0aa22-0tp0_firmware	< 2.7.0

Configuration #10

AND

		CPE23	Up To
OR
	Siemens 6bk1602-0aa32-0tp0	cpe:2.3:h:siemens:6bk1602-0aa32-0tp0:-
OR
	Running on/with
	Siemens 6bk1602-0aa32-0tp0 Firmware prior 2.7.0 version	cpe:2.3:o:siemens:6bk1602-0aa32-0tp0_firmware	< 2.7.0

Configuration #11

AND

		CPE23	Up To
OR
	Siemens 6bk1602-0aa42-0tp0	cpe:2.3:h:siemens:6bk1602-0aa42-0tp0:-
OR
	Running on/with
	Siemens 6bk1602-0aa42-0tp0 Firmware prior 2.7.0 version	cpe:2.3:o:siemens:6bk1602-0aa42-0tp0_firmware	< 2.7.0

Configuration #12

AND

		CPE23	Up To
OR
	Siemens 6bk1602-0aa52-0tp0	cpe:2.3:h:siemens:6bk1602-0aa52-0tp0:-
OR
	Running on/with
	Siemens 6bk1602-0aa52-0tp0 Firmware prior 2.7.0 version	cpe:2.3:o:siemens:6bk1602-0aa52-0tp0_firmware	< 2.7.0

Weaknesses

Related CVEs

Apache Log4j2 Deserialization of Untrusted Data Vulnerability (CISA - Known Exploited Vulnerabilities Catalog)

Affected Products

Apache

Debian

Fedoraproject

Intel

Siemens

Sonicwall