Apache Log4j CVE-2017-5645 Remote Code Execution Vulnerability

Bugtraq ID: 97702
Class: Input Validation Error
CVE: CVE-2017-5645
Remote: Yes
Local: No
Published: Apr 17 2017 12:00AM
Updated: Aug 21 2017 03:11PM
Credit: Marcio Almeida de Macedo of Red Team at Telstra.
Vulnerable: Redhat JBoss Web Server 3.1 for RHEL 7
Redhat JBoss Web Server 3.1 for RHEL 6
Redhat Enterprise Linux Workstation Optional 7
Redhat Enterprise Linux Workstation 7
Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server Optional 7
Redhat Enterprise Linux Server EUS 7.3
Redhat Enterprise Linux Server 7
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux ComputeNode Optional 7
Redhat Enterprise Linux ComputeNode 7
Redhat Enterprise Linux Client Optional 7
Redhat Enterprise Linux 7 Client
Oracle Enterprise Linux 7
Apache Log4j 2.8.1
Apache Log4j 2.6.2
Apache Log4j 2.6.1
Apache Log4j 2.4.1
Apache Log4j 2.0.2
Apache Log4j 2.0.1
Apache Log4j 2.8
Apache Log4j 2.7
Apache Log4j 2.6
Apache Log4j 2.5
Apache Log4j 2.4
Apache Log4j 2.3
Apache Log4j 2.2
Apache Log4j 2.1
Apache Log4j 2.0-alpha1
Apache Log4j 2.0 RC2
Apache Log4j 2.0 RC1
Apache Log4j 2.0 beta9
Apache Log4j 2.0 beta8
Apache Log4j 2.0 beta7
Apache Log4j 2.0 beta6
Apache Log4j 2.0 beta5
Apache Log4j 2.0 Beta4
Apache Log4j 2.0 beta3
Apache Log4j 2.0 Beta2
Apache Log4j 2.0 Beta1
Apache Log4j 2.0 alpha2
Not Vulnerable: Apache Log4j 2.8.2


 

Privacy Statement
Copyright 2010, SecurityFocus