CVE-2021-45046— Apache Log4j 代码问题漏洞
公开利用映射 2
Metasploit · 1 log4shell_scanner.rb#CVE-2021-45046 [auxiliary]
Nuclei · 1 CVE-2021-45046.yaml [template]
已观察到在野利用 cisa_kev · confirmed
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2021-45046 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗ 尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in an information leak and remote code execution in some environments and local code execution in all environments. Log4j 2.16.0 (Java 8) and 2.12.2 (Java 7) fix this issue by removing support for message lookup patterns and disabling JNDI functionality by default.
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
表达式语言语句中使用的特殊元素转义处理不恰当(表达式语言注入)
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Apache Log4j 代码问题漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Apache Log4j是美国阿帕奇(Apache)基金会的一款基于Java的开源日志记录工具。 Apache Log4j 2.15.0版本存在代码问题漏洞,该漏洞源于当日志配置使用非默认模式布局和上下文查找或线程上下文映射模式使用 JNDI 查找模式制作恶意输入数据,从而导致拒绝服务攻击。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
| 厂商 | 产品 | 影响版本 | CPE | 订阅 |
|---|---|---|---|---|
| Apache Software Foundation | Apache Log4j | Apache Log4j2 ~ 2.16.0 | - |
二、漏洞 CVE-2021-45046 的公开POC
| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | Windows Server Log4j Scanner - Powershell - CVE-2021-45046 and CVE-2021-44228 | https://github.com/X1pe0/Log4J-Scan-Win | POC详情 |
| 2 | Log4j 2.15.0 Privilege Escalation -- CVE-2021-45046 | https://github.com/cckuailong/Log4j_CVE-2021-45046 | POC详情 |
| 3 | Oh no another one | https://github.com/BobTheShoplifter/CVE-2021-45046-Info | POC详情 |
| 4 | Replicating CVE-2021-45046 | https://github.com/tejas-nagchandi/CVE-2021-45046 | POC详情 |
| 5 | None | https://github.com/pravin-pp/log4j2-CVE-2021-45046 | POC详情 |
| 6 | Public testing data. Samples of log4j library versions to help log4j scanners / detectors improve their accuracy for detecting CVE-2021-45046 and CVE-2021-44228. TAG_TESTING, OWNER_KEN, DC_PUBLIC | https://github.com/mergebase/log4j-samples | POC详情 |
| 7 | A simple script to remove Log4J JndiLookup.class from jars in a given directory, to temporarily protect from CVE-2021-45046 and CVE-2021-44228. | https://github.com/lukepasek/log4jjndilookupremove | POC详情 |
| 8 | None | https://github.com/ludy-dev/cve-2021-45046 | POC详情 |
| 9 | Log4j 漏洞本地检测脚本。 Scan all java processes on your host to check whether it's affected by log4j2 remote code execution vulnerability (CVE-2021-45046) | https://github.com/lijiejie/log4j2_vul_local_scanner | POC详情 |
| 10 | Log4Shell(CVE-2021-45046) Sandbox Signature | https://github.com/CaptanMoss/Log4Shell-Sandbox-Signature | POC详情 |
| 11 | None | https://github.com/shaily29-eng/CyberSecurity_CVE-2021-45046 | POC详情 |
| 12 | Apache Log4j2 Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-default configurations. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-45046.yaml | POC详情 |
| 13 | Apache Log4j2 Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-default configurations. | https://github.com/projectdiscovery/nuclei-templates/blob/main/dast/cves/2021/CVE-2021-45046.yaml | POC详情 |
AI 生成 POC高级
未找到公开 POC。
登录以生成 AI POC三、漏洞 CVE-2021-45046 的情报信息
请登录查看更多情报信息。
CVE-2021-45046 厂商安全公告 (13)
- https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdfx_refsource_CONFIRM
- https://www.oracle.com/security-alerts/cpuapr2022.htmlx_refsource_MISC
- https://www.oracle.com/security-alerts/cpujul2022.htmlx_refsource_MISC
- https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdfx_refsource_CONFIRM
- https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdfx_refsource_CONFIRM
- https://www.cve.org/CVERecord?id=CVE-2021-44228x_refsource_MISC
- https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdfx_refsource_CONFIRM
- https://www.oracle.com/security-alerts/alert-cve-2021-44228.htmlx_refsource_CONFIRM
- https://www.oracle.com/security-alerts/cpujan2022.htmlx_refsource_MISC
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbdvendor-advisoryx_refsource_CISCO
CVE-2021-45046 邮件列表归档 (5)
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/vendor-advisoryx_refsource_FEDORA
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/vendor-advisoryx_refsource_FEDORA
CVE-2021-45046 其他参考 (3)
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032x_refsource_CONFIRM
- https://logging.apache.org/log4j/2.x/security.htmlx_refsource_CONFIRM
同批安全公告 · Apache Software Foundation · 2021-12-14 · 共 3 条
| CVE-2021-4104 | Apache Log4j 代码问题漏洞 | |
| CVE-2021-44549 | Apache Sling Commons Messaging Mail 信任管理问题漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2021-45046
暂无评论