Описание
ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.18 in Java applications, allows an attacker to execute arbitrary code by compromising an existing logback configuration file or by injecting an environment variable before program execution.
A successful attack requires the presence of Janino library and Spring Framework to be present on the user's class path. In addition, the attacker must have write access to a
configuration file. Alternatively, the attacker could inject a malicious
environment variable pointing to a malicious configuration file. In both
cases, the attack requires existing privilege.
An arbitrary code execution vector has been discovered in the maven logback-core package. This vulnerability allows an attacker to execute arbitrary code by compromising an existing logback configuration file or by injecting an environment variable before program execution. A successful attack requires the presence of the Janino library and Spring Framework to be present on the user's class path. In addition, the attacker must either have write access to a configuration file or the attacker could inject a malicious environment variable pointing to a malicious configuration file. In both cases, the attack requires existing privilege.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| AMQ Clients | logback-core | Fix deferred | ||
| Logging Subsystem for Red Hat OpenShift | logback-core | Fix deferred | ||
| Migration Toolkit for Applications 8 | logback-core | Fix deferred | ||
| OpenShift Serverless | openshift-serverless-1/kn-ekb-dispatcher-rhel8 | Fix deferred | ||
| OpenShift Serverless | openshift-serverless-1/kn-ekb-kafka-controller-rhel8 | Fix deferred | ||
| OpenShift Serverless | openshift-serverless-1/kn-ekb-post-install-rhel8 | Fix deferred | ||
| OpenShift Serverless | openshift-serverless-1/kn-ekb-receiver-rhel8 | Fix deferred | ||
| OpenShift Serverless | openshift-serverless-1/kn-ekb-webhook-kafka-rhel8 | Fix deferred | ||
| OpenShift Serverless | openshift-serverless-1/kn-eventing-istio-controller-rhel8 | Fix deferred | ||
| Red Hat AMQ Broker 7 | logback-core | Fix deferred |
Показывать по
Дополнительная информация
Статус:
EPSS
6.4 Medium
CVSS3
Связанные уязвимости
ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.18 in Java applications, allows an attacker to execute arbitrary code by compromising an existing logback configuration file or by injecting an environment variable before program execution. A successful attack requires the presence of Janino library and Spring Framework to be present on the user's class path. In addition, the attacker must have write access to a configuration file. Alternatively, the attacker could inject a malicious environment variable pointing to a malicious configuration file. In both cases, the attack requires existing privilege.
ACE vulnerability in conditional configuration file processing by QOS ...
QOS.CH logback-core is vulnerable to Arbitrary Code Execution through file processing
EPSS
6.4 Medium
CVSS3