CVE-2017-5645

Published: Apr 17, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.

Vendor	Product	Versions
Apache Software Foundation	Apache Log4j	affected `All versions between 2.0-alpha1 and 2.8.1`

References

RHSA-2017:2888

vendor-advisory

x_refsource_REDHAT

RHSA-2017:2809

vendor-advisory

x_refsource_REDHAT

97702

vdb-entry

x_refsource_BID

1041294

vdb-entry

x_refsource_SECTRACK

RHSA-2017:2810

vendor-advisory

x_refsource_REDHAT

RHSA-2017:1801

vendor-advisory

x_refsource_REDHAT

RHSA-2017:2889

vendor-advisory

x_refsource_REDHAT

RHSA-2017:2635

vendor-advisory

x_refsource_REDHAT

RHSA-2017:2638

vendor-advisory

x_refsource_REDHAT

RHSA-2017:1417

vendor-advisory

x_refsource_REDHAT

RHSA-2017:2423

vendor-advisory

x_refsource_REDHAT

RHSA-2017:2808

vendor-advisory

x_refsource_REDHAT

1040200

vdb-entry

x_refsource_SECTRACK

RHSA-2017:2636

vendor-advisory

x_refsource_REDHAT

RHSA-2017:3399

vendor-advisory

x_refsource_REDHAT

RHSA-2017:2637

vendor-advisory

x_refsource_REDHAT

RHSA-2017:3244

vendor-advisory

x_refsource_REDHAT

RHSA-2017:3400

vendor-advisory

x_refsource_REDHAT

RHSA-2017:2633

vendor-advisory

x_refsource_REDHAT

RHSA-2017:2811

vendor-advisory

x_refsource_REDHAT

RHSA-2017:1802

vendor-advisory

x_refsource_REDHAT

RHSA-2019:1545

vendor-advisory

x_refsource_REDHAT

[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities

mailing-list

x_refsource_MLIST

[logging-dev] 20191215 Re: Is there any chance that there will be a security fix for log4j-v1.2.17?

mailing-list

x_refsource_MLIST

[logging-dev] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer

mailing-list

x_refsource_MLIST

[oss-security] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer

mailing-list

x_refsource_MLIST

[announce] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer

mailing-list

x_refsource_MLIST

[logging-dev] 20191219 Re: [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer

mailing-list

x_refsource_MLIST

[activemq-issues] 20191226 [jira] [Created] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571

mailing-list

x_refsource_MLIST

[tika-dev] 20191226 [jira] [Created] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571

mailing-list

x_refsource_MLIST

[tika-dev] 20191226 [jira] [Commented] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571

mailing-list

x_refsource_MLIST

[tika-dev] 20191230 [jira] [Created] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]

mailing-list

x_refsource_MLIST

[activemq-issues] 20191230 [jira] [Created] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]

mailing-list

x_refsource_MLIST

[tika-dev] 20200106 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]

mailing-list

x_refsource_MLIST

[tika-dev] 20200107 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]

mailing-list

x_refsource_MLIST

[tika-dev] 20200108 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]

mailing-list

x_refsource_MLIST

[tika-dev] 20200110 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]

mailing-list

x_refsource_MLIST

[tika-dev] 20200111 Re: [jira] [Commented] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571

mailing-list

x_refsource_MLIST

[tika-dev] 20200111 [jira] [Closed] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571

mailing-list

x_refsource_MLIST

[tika-dev] 20200111 [jira] [Resolved] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571

mailing-list

x_refsource_MLIST

[tika-dev] 20200114 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]

mailing-list

x_refsource_MLIST

[tika-dev] 20200115 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]

mailing-list

x_refsource_MLIST

[activemq-issues] 20200122 [jira] [Updated] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571

mailing-list

x_refsource_MLIST

[activemq-issues] 20200122 [jira] [Assigned] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]

mailing-list

x_refsource_MLIST

[activemq-issues] 20200122 [jira] [Updated] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]

mailing-list

x_refsource_MLIST

[activemq-issues] 20200122 [jira] [Assigned] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571

mailing-list

x_refsource_MLIST

[activemq-issues] 20200122 [jira] [Resolved] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]

mailing-list

x_refsource_MLIST

[activemq-issues] 20200127 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571

mailing-list

x_refsource_MLIST

[activemq-issues] 20200208 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571

mailing-list

x_refsource_MLIST

[activemq-issues] 20200228 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571

mailing-list

x_refsource_MLIST

[activemq-issues] 20200228 [jira] [Resolved] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571

mailing-list

x_refsource_MLIST

[activemq-issues] 20200228 [jira] [Updated] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571

mailing-list

x_refsource_MLIST

[logging-commits] 20200425 svn commit: r1059809 - /websites/production/logging/content/log4j/2.13.2/security.html

mailing-list

x_refsource_MLIST

https://www.oracle.com/security-alerts/cpuapr2020.html

x_refsource_MISC

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

x_refsource_CONFIRM

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

x_refsource_CONFIRM

http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

x_refsource_CONFIRM

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

x_refsource_CONFIRM

https://www.oracle.com/security-alerts/cpujul2020.html

x_refsource_MISC

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

x_refsource_CONFIRM

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

x_refsource_MISC

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

x_refsource_MISC

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

x_refsource_MISC

https://www.oracle.com/security-alerts/cpujan2020.html

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20181107-0002/

x_refsource_CONFIRM

https://security.netapp.com/advisory/ntap-20180726-0002/

x_refsource_CONFIRM

https://issues.apache.org/jira/browse/LOG4J2-1863

x_refsource_CONFIRM

[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image

mailing-list

x_refsource_MLIST

[activemq-issues] 20200730 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571

mailing-list

x_refsource_MLIST

[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12

mailing-list

x_refsource_MLIST

https://www.oracle.com/security-alerts/cpuoct2020.html

x_refsource_MISC

https://www.oracle.com/security-alerts/cpujan2021.html

x_refsource_MISC

[doris-commits] 20210402 [GitHub] [incubator-doris] zh0122 opened a new pull request #5594: [FE][Bug]Update log4j-web to fix a security issue

mailing-list

x_refsource_MLIST

[beam-issues] 20210528 [jira] [Created] (BEAM-12422) Vendored gRPC 1.36.0 is using a log4j version with security issues

mailing-list

x_refsource_MLIST

https://www.oracle.com/security-alerts/cpuApr2021.html

x_refsource_MISC

[beam-github] 20210701 [GitHub] [beam] lukecwik commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645

mailing-list

x_refsource_MLIST

[beam-github] 20210701 [GitHub] [beam] lukecwik opened a new pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645

mailing-list

x_refsource_MLIST

[beam-github] 20210701 [GitHub] [beam] codecov[bot] commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645

mailing-list

x_refsource_MLIST

[beam-github] 20210701 [GitHub] [beam] codecov[bot] edited a comment on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645

mailing-list

x_refsource_MLIST

[beam-github] 20210701 [GitHub] [beam] suztomo commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645

mailing-list

x_refsource_MLIST

https://www.oracle.com/security-alerts/cpuoct2021.html

x_refsource_MISC

https://www.oracle.com/security-alerts/cpujan2022.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-5645

Description

Affected Products

References