Download
| Alert*
oval:org.secpod.oval:def:78649
The host is installed with Apache Log4j 2.0.x through 2.17.0 (excluding security releases 2.3.2 and 2.12.4) and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle an issue in the logging configuration file. Successful exploitation ... oval:org.secpod.oval:def:78162 apache-log4j2: Apache Log4j - Logging Framework for Java Several security issues were fixed in Apache Log4j 2. oval:org.secpod.oval:def:78165 apache-log4j2: Apache Log4j - Logging Framework for Java Several security issues were fixed in Apache Log4j 2. oval:org.secpod.oval:def:121394 Log4j is a tool to help the programmer output log statements to a variety of output targets. oval:org.secpod.oval:def:121393 Log4j is a tool to help the programmer output log statements to a variety of output targets. oval:org.secpod.oval:def:77374 apache-log4j2: Apache Log4j - Logging Framework for Java Several security issues were fixed in Apache Log4j 2. oval:org.secpod.oval:def:76620 The host is installed with Apache Log4j 2.0.x through 2.17.0 (excluding security releases 2.3.2 and 2.12.4) and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle an issue in the logging configuration file. Successful exploitation ... oval:org.secpod.oval:def:1700801 Apache Log4j2 versions 2.0-beta7 through 2.17.0 are vulnerable to a remote code execution attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remo ... oval:org.secpod.oval:def:706274 apache-log4j2: Apache Log4j - Logging Framework for Java Several security issues were fixed in Apache Log4j 2. |