Apache Log4j CVE-2017-5645 Remote Code Execution Vulnerability

Bugtraq ID: 97702
Class: Input Validation Error
CVE: CVE-2017-5645
Remote: Yes
Local: No
Published: Apr 17 2017 12:00AM
Updated: Apr 26 2018 11:00AM
Credit: Marcio Almeida de Macedo of Red Team at Telstra.
Vulnerable: Redhat JBoss Web Server 3.1 for RHEL 7
Redhat JBoss Web Server 3.1 for RHEL 6
Redhat Enterprise Linux Workstation Optional 7
Redhat Enterprise Linux Workstation 7
Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server Optional 7
Redhat Enterprise Linux Server EUS 7.3
Redhat Enterprise Linux Server 7
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux ComputeNode Optional 7
Redhat Enterprise Linux ComputeNode 7
Redhat Enterprise Linux Client Optional 7
Redhat Enterprise Linux 7 Client
Oracle Weblogic Server 10.3.6 0
Oracle Weblogic Server 12.2.1.3
Oracle Weblogic Server 12.2.1.2
Oracle Weblogic Server 12.1.3.0
Oracle WebCenter Portal 12.2.1.3.0
Oracle WebCenter Portal 12.2.1.2.0
Oracle Utilities Framework 4.3
Oracle Utilities Framework 4.2
Oracle Utilities Framework 2.2
Oracle Transportation Management 6.4.2
Oracle Transportation Management 6.4.1
Oracle Transportation Management 6.3.5
Oracle Transportation Management 6.3.4
Oracle Transportation Management 6.3.3
Oracle Transportation Management 6.3.2
Oracle Transportation Management 6.3.1
Oracle Transportation Management 6.2.11
Oracle Transportation Management 6.3.7
Oracle Transportation Management 6.3.6
Oracle Secure Global Desktop 5.3
Oracle Retail Xstore Point of Service 15.0.1
Oracle Retail Xstore Point of Service 7.1.6
Oracle Retail Xstore Point of Service 7.0.6
Oracle Retail Xstore Point of Service 6.0.11
Oracle Retail Workforce Management 1.64
Oracle Retail Workforce Management 1.60.7
Oracle Retail Store Inventory Management 16.0.1
Oracle Retail Store Inventory Management 15.0.2
Oracle Retail Store Inventory Management 14.1.3
Oracle Retail Store Inventory Management 14.0.4
Oracle Retail Store Inventory Management 13.2.9
Oracle Retail Store Inventory Management 13.1.9
Oracle Retail Store Inventory Management 13.0.7
Oracle Retail Store Inventory Management 12.0.12
Oracle Retail Returns Management 14.1.3
Oracle Retail Returns Management 14.0.4
Oracle Retail Returns Management 2.4.9
Oracle Retail Returns Management 2.3.8
Oracle Retail Price Management 16.0
Oracle Retail Price Management 15.0
Oracle Retail Price Management 14.1
Oracle Retail Price Management 14.0
Oracle Retail Price Management 13.2
Oracle Retail Price Management 13.1
Oracle Retail Price Management 13.0
Oracle Retail Price Management 12.0
Oracle Retail Point-of-Service 14.1.3
Oracle Retail Point-of-Service 14.0.4
Oracle Retail Order Management System 5.0
Oracle Retail Order Management System 4.7
Oracle Retail Order Management System 4.5
Oracle Retail Order Management System 4.0
Oracle Retail Order Broker 5.2
Oracle Retail Order Broker 5.1
Oracle Retail Order Broker 16.0
Oracle Retail Order Broker 15.0
Oracle Retail Invoice Matching 16.0
Oracle Retail Invoice Matching 15.0
Oracle Retail Invoice Matching 14.1
Oracle Retail Invoice Matching 14.0
Oracle Retail Invoice Matching 13.2
Oracle Retail Invoice Matching 13.1
Oracle Retail Invoice Matching 13.0
Oracle Retail Invoice Matching 12.0
Oracle Retail Invoice Matching 11.0
Oracle Retail Invoice Matching 10.2
Oracle Retail Insights 16.0
Oracle Retail Insights 15.0
Oracle Retail Insights 14.1
Oracle Retail Insights 14.0
Oracle Retail Fiscal Management 14.1
Oracle Retail EFTLink 16.0.3
Oracle Retail EFTLink 15.0.2
Oracle Retail Customer Management and Segmentation Foundation 16.0
Oracle Retail Customer Management and Segmentation Foundation 15.0
Oracle Retail Customer Management and Segmentation Foundation 11.4
Oracle Retail Customer Management and Segmentation Foundation 10.8
Oracle Retail Convenience and Fuel POS 2.1.132
Oracle Retail Central Office 14.1.3
Oracle Retail Central Office 14.0.4
Oracle Retail Back Office 14.1.3
Oracle Retail Back Office 14.0.4
Oracle Retail Assortment Planning 16.0.1
Oracle Retail Assortment Planning 15.0.3
Oracle Retail Assortment Planning 14.1.3
Oracle Retail Advanced Inventory Planning 15.0
Oracle Retail Advanced Inventory Planning 14.1
Oracle Retail Advanced Inventory Planning 13.4
Oracle Retail Advanced Inventory Planning 13.2
Oracle PeopleSoft Enterprise FIN Supply Chain Portal Pack Brazil 9.1
Oracle PeopleSoft Enterprise FIN Supply Chain Portal Pack Argentina 9.1
Oracle MICROS Retail XBRi Loss Prevention 10.8.1
Oracle MICROS Retail XBRi Loss Prevention 10.8
Oracle MICROS Retail XBRi Loss Prevention 10.7
Oracle MICROS Retail XBRi Loss Prevention 10.6
Oracle MICROS Retail XBRi Loss Prevention 10.5
Oracle MICROS Retail XBRi Loss Prevention 10.0.1
Oracle MICROS Lucas 2.9.5
Oracle Managed File Transfer 12.2.1.3.0
Oracle Managed File Transfer 12.2.1.2.0
Oracle Managed File Transfer 12.1.3.0.0
Oracle JD Edwards World Security A9.4
Oracle JD Edwards World Security A9.3
Oracle JD Edwards World Security A9.2
Oracle FLEXCUBE Private Banking 12.0
Oracle FLEXCUBE Private Banking 2.1
Oracle FLEXCUBE Core Banking 11.7
Oracle FLEXCUBE Core Banking 11.6
Oracle FLEXCUBE Core Banking 11.5
Oracle Enterprise Repository 12.1.3.0.0
Oracle Enterprise Repository 11.1.1.7.0
Oracle Enterprise Manager Ops Center 12.3.2
Oracle Enterprise Manager Ops Center 12.2.2
Oracle Enterprise Linux 7
Oracle Endeca Server 7.7
Oracle Endeca Information Discovery Integrator 3.2
Oracle Endeca Information Discovery Integrator 3.1
Oracle Communications Unified Inventory Management 7.3
Oracle Communications Unified Inventory Management 7.1
Oracle Communications Unified Inventory Management 7.0
Oracle Communications Services Gatekeeper 6.0
Oracle Communications Services Gatekeeper 5.1
Oracle Communications Network Intelligence 7.3
Oracle Communications Network Charging and Control 6.0
Oracle Communications Convergent Charging Controller 6.0
Oracle Communications BRM - Elastic Charging Engine 7.5
Oracle Business Intelligence Data Warehouse Administration Console 11.1.1.6.4
Oracle Big Data Discovery 1.6
Oracle Autovue for Agile Product Lifecycle Management 21.0.1
Oracle Autovue for Agile Product Lifecycle Management 21.0
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.1.0.1
Oracle Application Testing Suite 12.5.0.3
Oracle Agile PLM MCAD Connector 3.6
Oracle Agile PLM MCAD Connector 3.5
Oracle Agile PLM MCAD Connector 3.4
Oracle Agile PLM MCAD Connector 3.3
Oracle Agile PLM 9.3.5
Oracle Agile PLM 9.3.3
Oracle Agile PLM 9.3.6
Oracle Agile PLM 9.3.4
Oracle Agile Material and Equipment Management for Pharmaceuticals 9.3.4
Oracle Agile Material and Equipment Management for Pharmaceuticals 9.3.3
Oracle Agile Engineering Data Management 6.2.1
Oracle Agile Engineering Data Management 6.2
Oracle Agile Engineering Data Management 6.1.3
Apache Log4j 2.8.1
Apache Log4j 2.6.2
Apache Log4j 2.6.1
Apache Log4j 2.4.1
Apache Log4j 2.0.2
Apache Log4j 2.0.1
Apache Log4j 2.8
Apache Log4j 2.7
Apache Log4j 2.6
Apache Log4j 2.5
Apache Log4j 2.4
Apache Log4j 2.3
Apache Log4j 2.2
Apache Log4j 2.1
Apache Log4j 2.0-alpha1
Apache Log4j 2.0 RC2
Apache Log4j 2.0 RC1
Apache Log4j 2.0 beta9
Apache Log4j 2.0 beta8
Apache Log4j 2.0 beta7
Apache Log4j 2.0 beta6
Apache Log4j 2.0 beta5
Apache Log4j 2.0 Beta4
Apache Log4j 2.0 beta3
Apache Log4j 2.0 Beta2
Apache Log4j 2.0 Beta1
Apache Log4j 2.0 alpha2
Not Vulnerable: Apache Log4j 2.8.2


 

Privacy Statement
Copyright 2010, SecurityFocus