VDB
RHSA-2022%3A0044
RHSA-2022%3A0044
PUBLISHED
CVSS 5.900000095367432 MEDIUM
A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.
Risk Scores
CVSS 3.1
5.900000095367432
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift-logging/elasticsearch6-rhel8@sha256:d927a7bc1d652d75fa215cd9beceb1ccd6798acf85aeebd1e1c7d16c33f2dfa8_ppc64le as a component of OpenShift Logging 5.3 | *, *, * |
| Red Hat | openshift-logging/cluster-logging-operator-bundle@sha256:01a657ad4ab264e03ad1610dcadc81a51b748fdb1da0b0e46c654d143e2015a4_amd64 as a component of OpenShift Logging 5.3 | *, openshift-logging/cluster-logging-operator-bundle@sha256:01a657ad4ab264e03ad1610dcadc81a51b748fdb1da0b0e46c654d143e2015a4_amd64, * |
| Red Hat | openshift-logging/kibana6-rhel8@sha256:391edf452d53bbadd9bdde53f29d376bec925cca035a49e31c637fcc305b6ba7_amd64 as a component of OpenShift Logging 5.3 | *, *, * |
| Red Hat | openshift-logging/fluentd-rhel8@sha256:af2150d0617141547ffb4b8bfcbf006150f84f3dabf0d4247cadfbfcb9dd95e7_ppc64le as a component of OpenShift Logging 5.3 | openshift-logging/fluentd-rhel8@sha256:af2150d0617141547ffb4b8bfcbf006150f84f3dabf0d4247cadfbfcb9dd95e7_ppc64le, *, * |
| Red Hat | openshift-logging/cluster-logging-rhel8-operator@sha256:3aa8b24cb2d0475ef7a9e58444efb47a175807b59120f52d879cb32a2ffe5d5e_amd64 as a component of OpenShift Logging 5.3 | *, *, * |
| Red Hat | openshift-logging/log-file-metric-exporter-rhel8@sha256:f4b36efa840b0d4bb4ac86732c1a4acfa41a062a41c0c2643b000ae450f9378d_amd64 as a component of OpenShift Logging 5.3 | openshift-logging/log-file-metric-exporter-rhel8@sha256:f4b36efa840b0d4bb4ac86732c1a4acfa41a062a41c0c2643b000ae450f9378d_amd64, *, * |
| Apache | log4j-core | |
| Red Hat | openshift-logging/kibana6-rhel8@sha256:a8941764c298bddf04667504279493809989b16b207cae9dd12251ccbe1a973e_s390x as a component of OpenShift Logging 5.3 | *, openshift-logging/kibana6-rhel8@sha256:a8941764c298bddf04667504279493809989b16b207cae9dd12251ccbe1a973e_s390x, * |
| Red Hat | openshift-logging/elasticsearch-rhel8-operator@sha256:65e25c2abd42d2646fbe26eeb6d8e9573c05b5655444d4c8bdd0c98ab514215d_ppc64le as a component of OpenShift Logging 5.3 | *, *, openshift-logging/elasticsearch-rhel8-operator@sha256:65e25c2abd42d2646fbe26eeb6d8e9573c05b5655444d4c8bdd0c98ab514215d_ppc64le |
| Red Hat | openshift-logging/kibana6-rhel8@sha256:735715dc558536f3d7cbf5c803433398267b0b66d18cb2de6b160b6e96aeb2dc_ppc64le as a component of OpenShift Logging 5.3 | openshift-logging/kibana6-rhel8@sha256:735715dc558536f3d7cbf5c803433398267b0b66d18cb2de6b160b6e96aeb2dc_ppc64le, *, * |
| Red Hat | openshift-logging/elasticsearch-proxy-rhel8@sha256:f634b1460d55a64b259607f09a18ca948bd6d5892cd84ac422bbb8c04f7d1821_s390x as a component of OpenShift Logging 5.3 | *, *, openshift-logging/elasticsearch-proxy-rhel8@sha256:f634b1460d55a64b259607f09a18ca948bd6d5892cd84ac422bbb8c04f7d1821_s390x |
| Red Hat | openshift-logging/fluentd-rhel8@sha256:7d074118836ac50edfae7d5d086908515d42d0a34539620822ea845fa7c48523_amd64 as a component of OpenShift Logging 5.3 | *, openshift-logging/fluentd-rhel8@sha256:7d074118836ac50edfae7d5d086908515d42d0a34539620822ea845fa7c48523_amd64, * |
| Red Hat | openshift-logging/log-file-metric-exporter-rhel8@sha256:d96928202c725b5ff8c9626c2ee7ee41be398b5b8b9b9c1f79bee04ea6342149_ppc64le as a component of OpenShift Logging 5.3 | openshift-logging/log-file-metric-exporter-rhel8@sha256:d96928202c725b5ff8c9626c2ee7ee41be398b5b8b9b9c1f79bee04ea6342149_ppc64le, *, * |
| Red Hat | openshift-logging/logging-curator5-rhel8@sha256:e21c35bb4968d1b1e90b9a53f09778d1a78017d7538a8857eea85a3a1a0be12b_ppc64le as a component of OpenShift Logging 5.3 | *, openshift-logging/logging-curator5-rhel8@sha256:e21c35bb4968d1b1e90b9a53f09778d1a78017d7538a8857eea85a3a1a0be12b_ppc64le, * |
| Red Hat | openshift-logging/elasticsearch-rhel8-operator@sha256:e060849bd17fc0cc9854f6fdaaed47f24f5d7c8ed3b89d4153cea07ff06f0d25_s390x as a component of OpenShift Logging 5.3 | *, *, * |
| Red Hat | openshift-logging/elasticsearch-proxy-rhel8@sha256:d645f2d1e1d9a2b80dc1ee94ebfab49f8ec5491ebcd2d6a7c9cd97912132b3fb_ppc64le as a component of OpenShift Logging 5.3 | *, *, openshift-logging/elasticsearch-proxy-rhel8@sha256:d645f2d1e1d9a2b80dc1ee94ebfab49f8ec5491ebcd2d6a7c9cd97912132b3fb_ppc64le |
| Red Hat | openshift-logging/cluster-logging-rhel8-operator@sha256:9b60cec9c2b4261e2191b52f5b592e00a12858471f9490e4ccc15725d3ec2318_s390x as a component of OpenShift Logging 5.3 | openshift-logging/cluster-logging-rhel8-operator@sha256:9b60cec9c2b4261e2191b52f5b592e00a12858471f9490e4ccc15725d3ec2318_s390x, *, * |
| Red Hat | openshift-logging/logging-curator5-rhel8@sha256:fd332245d026a70c22523a63486c344acb1c5eb96568e53aad11ca31693edfba_amd64 as a component of OpenShift Logging 5.3 | *, *, openshift-logging/logging-curator5-rhel8@sha256:fd332245d026a70c22523a63486c344acb1c5eb96568e53aad11ca31693edfba_amd64 |
| Red Hat | openshift-logging/eventrouter-rhel8@sha256:a00b1dfb84681bd5b33587eb21adea2fcfea882dd5a78523c85022f16986c367_amd64 as a component of OpenShift Logging 5.3 | openshift-logging/eventrouter-rhel8@sha256:a00b1dfb84681bd5b33587eb21adea2fcfea882dd5a78523c85022f16986c367_amd64, *, * |
…and 11 more
Exploit Intelligence
- Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105) (github-poc-repo)
- A vulnerable Spring Boot application that uses log4j and is vulnerable to CVE-2021-44228, CVE-2021-44832, CVE-2021-45046 and CVE-2021-45105 (github-poc-repo)
- Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint. (github-poc-repo)
- Discover and remediate Log4Shell vulnerability [CVE-2021-45105] (github-poc)
- dileepdkumar/https-github.com-pravin-pp-log4j2-CVE-2021-45105-1 (github-poc)
- dileepdkumar/https-github.com-dileepdkumar-https-github.com-pravin-pp-log4j2-CVE-2021-45105-v (github-poc)
- dileepdkumar/https-github.com-dileepdkumar-https-github.com-pravin-pp-log4j2-CVE-2021-45105 (github-poc)
- dileepdkumar/https-github.com-pravin-pp-log4j2-CVE-2021-45105 (github-poc)
- log4j2 dos exploit,CVE-2021-45105 exploit,Denial of Service poc (github-poc)
- Replicating CVE-2021-45105 (github-poc)
…and 6 more exploits
Timeline
- Jan 10, 2022 CVE Published
- May 1, 2026 Distribution Patch
- May 1, 2026 Distribution Patch
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 29, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2022:0044 advisory
- https://access.redhat.com/security/updates/classification/#important advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1958999 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2034067 issue
- https://issues.redhat.com/browse/LOG-1975 advisory
- https://issues.redhat.com/browse/LOG-2046 advisory
- https://issues.redhat.com/browse/LOG-2051 advisory
- https://issues.redhat.com/browse/LOG-2074 advisory
- https://issues.redhat.com/browse/LOG-2088 advisory
- https://issues.redhat.com/browse/LOG-2110 advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0044.json advisory
- https://access.redhat.com/security/cve/CVE-2021-45105 advisory
- https://www.cve.org/CVERecord?id=CVE-2021-45105 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2021-45105 advisory
- https://issues.apache.org/jira/browse/LOG4J2-3230 advisory
- https://logging.apache.org/log4j/2.x/security.html advisory
- https://www.openwall.com/lists/oss-security/2021/12/19/1 advisory