CVE-2017-5645 : CVE-2017-5645

获取后续新漏洞提醒登录后订阅

一、漏洞 CVE-2017-5645 基础信息

漏洞信息

对漏洞内容有疑问？看看神龙的深度分析是否有帮助！

查看神龙十问 ↗

尽管我们使用了先进的大模型技术，但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性，但请您根据实际情况进行核实和判断。

Vulnerability Title

N/A

来源: 美国国家漏洞数据库 NVD

Vulnerability Description

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.

来源: 美国国家漏洞数据库 NVD

CVSS Information

N/A

来源: 美国国家漏洞数据库 NVD

Vulnerability Type

N/A

来源: 美国国家漏洞数据库 NVD

Vulnerability Title

Apache Log4j 代码问题漏洞

来源: 中国国家信息安全漏洞库 CNNVD

Vulnerability Description

Apache Log4j是美国阿帕奇（Apache）基金会的一款基于Java的开源日志记录工具。 Apache Log4j 2.8.2之前的2.x版本中存在代码问题漏洞。攻击者可利用该漏洞执行任意代码。

来源: 中国国家信息安全漏洞库 CNNVD

CVSS Information

N/A

来源: 中国国家信息安全漏洞库 CNNVD

Vulnerability Type

N/A

来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商	产品	影响版本	CPE	订阅
Apache Software Foundation	Apache Log4j	All versions between 2.0-alpha1 and 2.8.1	-

二、漏洞 CVE-2017-5645 的公开POC

#	POC 描述	源链接	神龙链接
1	CVE-2017-5645 - Apache Log4j RCE due Insecure Deserialization	https://github.com/pimps/CVE-2017-5645	POC详情
2	In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.	https://github.com/projectdiscovery/nuclei-templates/blob/main/network/cves/2017/CVE-2017-5645.yaml	POC详情
3	None	https://github.com/Threekiii/Awesome-POC/blob/master/%E4%B8%AD%E9%97%B4%E4%BB%B6%E6%BC%8F%E6%B4%9E/Apache%20Log4j%20Server%20%E5%8F%8D%E5%BA%8F%E5%88%97%E5%8C%96%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2017-5645.md	POC详情
4		https://github.com/vulhub/vulhub/blob/master/log4j/CVE-2017-5645/README.md	POC详情

AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2017-5645 的情报信息

Please 登录 to view more intelligence information

🔗 https://issues.apache.org/jira/browse/LOG4J2-1863x_refsource_CONFIRM
🔗 https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.htmlx_refsource_MISC
🔗 http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlx_refsource_CONFIRM
🔗 https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlx_refsource_MISC
🔗 https://security.netapp.com/advisory/ntap-20180726-0002/x_refsource_CONFIRM
🔗 https://www.oracle.com/security-alerts/cpujul2020.htmlx_refsource_MISC
🔗 http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.htmlx_refsource_CONFIRM
🔗 https://security.netapp.com/advisory/ntap-20181107-0002/x_refsource_CONFIRM
🔗 https://www.oracle.com/security-alerts/cpujan2020.htmlx_refsource_MISC
🔗 https://www.oracle.com/security-alerts/cpuoct2021.htmlx_refsource_MISC
🔗 https://www.oracle.com/security-alerts/cpuoct2020.htmlx_refsource_MISC
🔗 https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.htmlx_refsource_CONFIRM
🔗 https://www.oracle.com/security-alerts/cpuApr2021.htmlx_refsource_MISC
🔗 https://www.oracle.com/security-alerts/cpujan2022.htmlx_refsource_MISC
🔗 https://www.oracle.com/security-alerts/cpujan2021.htmlx_refsource_MISC
🔗 https://www.oracle.com/security-alerts/cpuapr2020.htmlx_refsource_MISC
🔗 http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.htmlx_refsource_CONFIRM
🔗 http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.htmlx_refsource_CONFIRM
🔗 https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.htmlx_refsource_MISC
🔗 http://www.securityfocus.com/bid/97702vdb-entryx_refsource_BID
🔗 http://www.securitytracker.com/id/1040200vdb-entryx_refsource_SECTRACK
🔗 http://www.securitytracker.com/id/1041294vdb-entryx_refsource_SECTRACK
🔗 https://access.redhat.com/errata/RHSA-2017:2889vendor-advisoryx_refsource_REDHAT
🔗 https://access.redhat.com/errata/RHSA-2017:2633vendor-advisoryx_refsource_REDHAT
🔗 https://access.redhat.com/errata/RHSA-2017:1801vendor-advisoryx_refsource_REDHAT
🔗 https://access.redhat.com/errata/RHSA-2017:1417vendor-advisoryx_refsource_REDHAT
🔗 https://access.redhat.com/errata/RHSA-2017:2635vendor-advisoryx_refsource_REDHAT
🔗 https://access.redhat.com/errata/RHSA-2017:1802vendor-advisoryx_refsource_REDHAT
🔗 https://access.redhat.com/errata/RHSA-2017:3244vendor-advisoryx_refsource_REDHAT
🔗 https://access.redhat.com/errata/RHSA-2017:2637vendor-advisoryx_refsource_REDHAT
🔗 https://access.redhat.com/errata/RHSA-2017:2638vendor-advisoryx_refsource_REDHAT
🔗 https://access.redhat.com/errata/RHSA-2017:3400vendor-advisoryx_refsource_REDHAT
🔗 https://access.redhat.com/errata/RHSA-2017:2809vendor-advisoryx_refsource_REDHAT
🔗 https://access.redhat.com/errata/RHSA-2017:2810vendor-advisoryx_refsource_REDHAT
🔗 https://access.redhat.com/errata/RHSA-2017:3399vendor-advisoryx_refsource_REDHAT
🔗 https://access.redhat.com/errata/RHSA-2017:2636vendor-advisoryx_refsource_REDHAT
🔗 https://access.redhat.com/errata/RHSA-2017:2808vendor-advisoryx_refsource_REDHAT
🔗 https://access.redhat.com/errata/RHSA-2017:2811vendor-advisoryx_refsource_REDHAT
🔗 https://access.redhat.com/errata/RHSA-2017:2423vendor-advisoryx_refsource_REDHAT
🔗 https://access.redhat.com/errata/RHSA-2017:2888vendor-advisoryx_refsource_REDHAT
🔗 https://access.redhat.com/errata/RHSA-2019:1545vendor-advisoryx_refsource_REDHAT
🔗 https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6%40%3Cdev.tika.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f%40%3Cdev.tika.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1%40%3Cdev.tika.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7%40%3Cdev.tika.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2%40%3Cdev.tika.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad%40%3Cdev.tika.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8%40%3Cdev.tika.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc%40%3Cdev.logging.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead%40%3Cissues.activemq.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c%40%3Cissues.activemq.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826%40%3Cissues.activemq.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917%40%3Cannounce.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919%40%3Cissues.activemq.apache.org%3Emailing-listx_refsource_MLIST
🔗 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer-Apache Mail Archivesmailing-listx_refsource_MLIST
🔗 http://www.openwall.com/lists/oss-security/2019/12/19/2mailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9%40%3Cdev.logging.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d%40%3Ccommits.logging.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287%40%3Cissues.beam.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5%40%3Cdev.tika.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c%40%3Cdev.tika.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26%40%3Cdev.tika.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1%40%3Cdev.tika.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60%40%3Cdev.tika.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c%40%3Cissues.activemq.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac%40%3Cissues.activemq.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e%40%3Cissues.activemq.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf%40%3Cissues.activemq.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211%40%3Cissues.activemq.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397%40%3Cissues.activemq.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3%40%3Cissues.activemq.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78%40%3Cissues.activemq.apache.org%3Emailing-listx_refsource_MLIST
🔗 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571-Apache Mail Archivesmailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422%40%3Ccommits.doris.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44%40%3Cgithub.beam.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83%40%3Cgithub.beam.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8%40%3Cgithub.beam.apache.org%3Emailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3Emailing-listx_refsource_MLIST
🔗 [GitHub] [beam] codecov[bot] commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645-Apache Mail Archivesmailing-listx_refsource_MLIST
🔗 https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f%40%3Cgithub.beam.apache.org%3Emailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2017-5645

四、漏洞 CVE-2017-5645 的评论

暂无评论

支持本站 — 捐款将帮助我们持续运营

一、漏洞 CVE-2017-5645 基础信息

漏洞信息

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

受影响产品

二、漏洞 CVE-2017-5645 的公开POC

三、漏洞 CVE-2017-5645 的情报信息

四、漏洞 CVE-2017-5645 的评论

发表评论

支持本站 — 捐款将帮助我们持续运营

一、 漏洞 CVE-2017-5645 基础信息

漏洞信息

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

受影响产品

二、漏洞 CVE-2017-5645 的公开POC

三、漏洞 CVE-2017-5645 的情报信息

四、漏洞 CVE-2017-5645 的评论

发表评论

一、漏洞 CVE-2017-5645 基础信息