CVE-2021-45105

Опубликовано: 18 дек. 2021

Источник: nvd

CVSS3: 5.9

CVSS2: 4.3

EPSS Средний

Описание

Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0, 2.12.3, and 2.3.1.

Ссылки

http://www.openwall.com/lists/oss-security/2021/12/19/1
Mailing List
Mitigation
Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf
Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf
Third Party Advisory
https://logging.apache.org/log4j/2.x/security.html
Release Notes
Vendor Advisory
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
Third Party Advisory
https://security.netapp.com/advisory/ntap-20211218-0001/
Third Party Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
Third Party Advisory
https://www.debian.org/security/2021/dsa-5024
Third Party Advisory
https://www.kb.cert.org/vuls/id/930724
Third Party Advisory
US Government Resource
https://www.oracle.com/security-alerts/cpuapr2022.html
Patch
Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2022.html
Patch
Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2022.html
Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-1541/
Third Party Advisory
VDB Entry
http://www.openwall.com/lists/oss-security/2021/12/19/1
Mailing List
Mitigation
Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf
Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf
Third Party Advisory
https://logging.apache.org/log4j/2.x/security.html
Release Notes
Vendor Advisory
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
Third Party Advisory
https://security.netapp.com/advisory/ntap-20211218-0001/
Third Party Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*

Версия от 2.0 (включая) до 2.3.1 (исключая)

cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*

Версия от 2.4 (включая) до 2.12.3 (исключая)

cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*

Версия от 2.13.0 (включая) до 2.16.0 (включая)

Конфигурация 2

cpe:2.3:a:netapp:cloud_manager:-:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

Конфигурация 4

Одно из

cpe:2.3:a:sonicwall:email_security:*:*:*:*:*:*:*:*

Версия до 10.0.12 (включая)

cpe:2.3:a:sonicwall:network_security_manager:*:*:*:*:on-premises:*:*:*

Версия от 2.0 (включая) до 3.0 (исключая)

cpe:2.3:a:sonicwall:network_security_manager:*:*:*:*:saas:*:*:*

Версия от 2.0 (включая) до 3.0 (исключая)

cpe:2.3:a:sonicwall:web_application_firewall:*:*:*:*:*:*:*:*

Версия от 3.0.0 (включая) до 3.1.0 (исключая)

Конфигурация 5

Одновременно

cpe:2.3:o:sonicwall:6bk1602-0aa12-0tp0_firmware:*:*:*:*:*:*:*:*

Версия до 2.7.0 (исключая)

cpe:2.3:h:sonicwall:6bk1602-0aa12-0tp0:-:*:*:*:*:*:*:*

Конфигурация 6

Одновременно

cpe:2.3:o:sonicwall:6bk1602-0aa22-0tp0_firmware:*:*:*:*:*:*:*:*

Версия до 2.7.0 (исключая)

cpe:2.3:h:sonicwall:6bk1602-0aa22-0tp0:-:*:*:*:*:*:*:*

Конфигурация 7

Одновременно

cpe:2.3:o:sonicwall:6bk1602-0aa32-0tp0_firmware:*:*:*:*:*:*:*:*

Версия до 2.7.0 (исключая)

cpe:2.3:h:sonicwall:6bk1602-0aa32-0tp0:-:*:*:*:*:*:*:*

Конфигурация 8

Одновременно

cpe:2.3:o:sonicwall:6bk1602-0aa42-0tp0_firmware:*:*:*:*:*:*:*:*

Версия до 2.7.0 (исключая)

cpe:2.3:h:sonicwall:6bk1602-0aa42-0tp0:-:*:*:*:*:*:*:*

Конфигурация 9

Одновременно

cpe:2.3:o:sonicwall:6bk1602-0aa52-0tp0_firmware:*:*:*:*:*:*:*:*

Версия до 2.7.0 (исключая)

cpe:2.3:h:sonicwall:6bk1602-0aa52-0tp0:-:*:*:*:*:*:*:*

Конфигурация 10

Одно из

cpe:2.3:a:oracle:agile_engineering_data_management:6.2.1.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*

cpe:2.3:a:oracle:agile_plm_mcad_connector:3.6:*:*:*:*:*:*:*

cpe:2.3:a:oracle:autovue_for_agile_product_lifecycle_management:21.0.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:banking_deposits_and_lines_of_credit_servicing:2.12.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:banking_enterprise_default_management:2.7.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:banking_enterprise_default_management:2.12.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:banking_loans_servicing:2.12.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:banking_party_management:2.7.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:banking_payments:14.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:banking_platform:2.12.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:banking_trade_finance:14.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:banking_treasury_management:14.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:business_intelligence:5.5.0.0.0:*:*:*:enterprise:*:*:*

cpe:2.3:a:oracle:communications_asap:7.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.7.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.15.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.15.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_convergence:3.0.2.2.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_convergence:3.0.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_convergent_charging_controller:*:*:*:*:*:*:*:*

Версия от 12.0.1.0.0 (включая) до 12.0.4.0.0 (включая)

cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*

Версия от 8.3.0.0 (включая) до 8.5.1.0 (включая)

cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_eagle_ftp_table_base_retrieval:4.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*

Версия до 9.0 (исключая)

cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:*

Версия от 12.0.1.0.0 (включая) до 12.0.4.0.0 (включая)

cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_performance_intelligence_center:10.4.0.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_service_broker:6.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*

Версия до 9.0 (исключая)

cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*

Версия до 9.0 (исключая)

cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_user_data_repository:12.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:e-business_suite:12.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_manager_base_platform:13.5.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.4.1.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.5.1.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*

Версия от 8.0.7 (включая) до 8.1.1 (включая)

cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.0.8.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.0.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.1.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:flexcube_universal_banking:*:*:*:*:*:*:*:*

Версия от 12.1.0 (включая) до 12.4 (включая)

cpe:2.3:a:oracle:flexcube_universal_banking:*:*:*:*:*:*:*:*

Версия от 14.0.0 (включая) до 14.3.0 (включая)

cpe:2.3:a:oracle:flexcube_universal_banking:11.83.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:flexcube_universal_banking:14.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:health_sciences_empirica_signal:9.1.0.6:*:*:*:*:*:*:*

cpe:2.3:a:oracle:health_sciences_empirica_signal:9.2.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:health_sciences_inform:6.2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:health_sciences_inform:6.3.2.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:health_sciences_inform:7.0.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:health_sciences_information_manager:*:*:*:*:*:*:*:*

Версия от 3.0.1 (включая) до 3.0.4 (включая)

cpe:2.3:a:oracle:healthcare_data_repository:8.1.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:healthcare_foundation:*:*:*:*:*:*:*:*

Версия от 7.3.0.1 (включая) до 7.3.0.4 (включая)

cpe:2.3:a:oracle:healthcare_master_person_index:5.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:healthcare_translational_research:4.1.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:healthcare_translational_research:4.1.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:hospitality_suite8:8.13.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:hospitality_suite8:8.14.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:hospitality_token_proxy_service:19.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:hyperion_bi\+:*:*:*:*:*:*:*:*

Версия до 11.2.8.0 (исключая)

cpe:2.3:a:oracle:hyperion_data_relationship_management:*:*:*:*:*:*:*:*

Версия до 11.2.8.0 (исключая)

cpe:2.3:a:oracle:hyperion_infrastructure_technology:*:*:*:*:*:*:*:*

Версия до 11.2.8.0 (исключая)

cpe:2.3:a:oracle:hyperion_planning:*:*:*:*:*:*:*:*

Версия до 11.2.8.0 (исключая)

cpe:2.3:a:oracle:hyperion_profitability_and_cost_management:*:*:*:*:*:*:*:*

Версия до 11.2.8.0 (исключая)

cpe:2.3:a:oracle:hyperion_tax_provision:*:*:*:*:*:*:*:*

Версия до 11.2.8.0 (исключая)

cpe:2.3:a:oracle:identity_management_suite:12.2.1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:identity_management_suite:12.2.1.4.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:identity_manager_connector:9.1.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:insurance_data_gateway:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:*

Версия от 5.4 (включая) до 5.6.0.0 (включая)

cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.2.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:managed_file_transfer:12.2.1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:management_cloud_engine:1.5.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*

Версия до 8.0.29 (включая)

cpe:2.3:a:oracle:payment_interface:19.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:payment_interface:20.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*

cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*

Версия от 17.12.0 (включая) до 17.12.11 (включая)

cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*

Версия от 18.8.0 (включая) до 18.8.13 (включая)

cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*

Версия от 19.12.0 (включая) до 19.12.12 (включая)

cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*

Версия от 20.12.0 (включая) до 20.12.7 (включая)

cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*

Версия от 19.12.0.0 (включая) до 19.12.18.0 (включая)

cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*

Версия от 20.12.0.0 (включая) до 20.12.12.0 (включая)

cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:21.12.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_central_office:14.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_customer_insights:15.0.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_customer_insights:16.0.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_data_extractor_for_merchandising:15.0.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_data_extractor_for_merchandising:16.0.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_eftlink:16.0.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_eftlink:17.0.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_eftlink:18.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_eftlink:19.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_eftlink:20.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_eftlink:21.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_financial_integration:*:*:*:*:*:*:*:*

Версия от 16.0.1 (включая) до 16.0.3 (включая)

cpe:2.3:a:oracle:retail_financial_integration:14.1.3.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_financial_integration:15.0.3.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_financial_integration:19.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_financial_integration:19.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_integration_bus:*:*:*:*:*:*:*:*

Версия от 16.0.1 (включая) до 16.0.3 (включая)

cpe:2.3:a:oracle:retail_integration_bus:*:*:*:*:*:*:*:*

Версия от 19.0.0 (включая) до 19.0.1.0 (включая)

cpe:2.3:a:oracle:retail_integration_bus:14.1.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_integration_bus:14.1.3.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_integration_bus:15.0.3.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_integration_bus:19.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_integration_bus:19.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_invoice_matching:15.0.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_invoice_matching:16.0.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_merchandising_system:16.0.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_merchandising_system:19.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_order_broker:18.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_order_broker:19.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_order_management_system:19.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_point-of-service:14.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_predictive_application_server:14.1.3.46:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3.115:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_predictive_application_server:16.0.3.240:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_price_management:13.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_price_management:14.0.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_price_management:14.1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_price_management:15.0.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_price_management:16.0.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_service_backbone:*:*:*:*:*:*:*:*

Версия от 16.0.1 (включая) до 16.0.3 (включая)

cpe:2.3:a:oracle:retail_service_backbone:14.1.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_service_backbone:14.1.3.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_service_backbone:15.0.3.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_service_backbone:19.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_service_backbone:19.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_service_backbone:19.0.1.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_store_inventory_management:14.0.4.13:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_store_inventory_management:14.1.3.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_store_inventory_management:14.1.3.14:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_store_inventory_management:15.0.3.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_store_inventory_management:15.0.3.8:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_store_inventory_management:16.0.3.7:*:*:*:*:*:*:*

cpe:2.3:a:oracle:siebel_ui_framework:*:*:*:*:*:*:*:*

Версия до 21.12 (включая)

cpe:2.3:a:oracle:sql_developer:*:*:*:*:*:*:*:*

Версия до 21.4.2 (исключая)

cpe:2.3:a:oracle:taleo_platform:*:*:*:*:*:*:*:*

Версия до 22.1 (исключая)

cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:*

Версия от 4.3.0.1.0 (включая) до 4.3.0.6.0 (включая)

cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:utilities_framework:4.4.0.2.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:utilities_framework:4.4.0.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*

EPSS

Процентиль: 98%

0.65452

Средний

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2021-45105

CVSS3: 5.9

ubuntu

больше 3 лет назад

CVE-2021-45105

CVSS3: 5.9

redhat

больше 3 лет назад

CVE-2021-45105

CVSS3: 5.9

debian

больше 3 лет назад

Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and ...

openSUSE-SU-2021:4118-1

suse-cvrf

больше 3 лет назад

Security update for log4j

openSUSE-SU-2021:1605-1

suse-cvrf

больше 3 лет назад

Security update for log4j

EPSS

Процентиль: 98%

0.65452

Средний

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-20