CVE-2021-44228 – Apache Log4j2 Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-44228
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. • https://github.com/fullhunt/log4j-scan https://github.com/Puliczek/CVE-2021-44228-PoC-log4j-bypass-words https://github.com/cyberstruggle/L4sh https://github.com/woodpecker-appstore/log4j-payload-generator https://github.com/tangxiaofeng7/apache-log4j-poc https://www.exploit-db.com/exploits/51183 https://www.exploit-db.com/exploits/50592 https://www.exploit-db.com/exploits/50590 https://github.com/logpresso/CVE-2021-44228-Scanner https://github.com/jas502n/Log4j2-CVE-2021-44228 h • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption CWE-502: Deserialization of Untrusted Data CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •
CVE-2013-5488
https://notcve.org/view.php?id=CVE-2013-5488
Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS), Cisco Security Manager, Cisco Unified Service Monitor, and Cisco Unified Operations Manager, does not properly interact with the ActiveMQ component, which allows remote attackers to cause a denial of service (memory consumption) via simultaneous TCP sessions, aka Bug IDs CSCuh54766, CSCuh01267, CSCuh95976, and CSCuh95969. Cisco Common Services, utilizado en Cisco Prime LAN Management Solution (LMS), Cisco Security Manager, Cisco Unified Service Monitor, y Cisco Unified Operations Manager, no interactua apropiadamente con el componente ActiveMQ, lo que permite a atacantes remotos causar una denegación de servicio (agotamiento de memoria) a través de sesiones TCP simultáneas, tambien conocidas como Bug IDs CSCuh54766, CSCuh01267, CSCuh95976, y CSCuh95969. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5488 http://tools.cisco.com/security/center/viewAlert.x?alertId=30749 http://www.securityfocus.com/bid/62333 https://exchange.xforce.ibmcloud.com/vulnerabilities/87026 • CWE-20: Improper Input Validation •
CVE-2013-3440
https://notcve.org/view.php?id=CVE-2013-3440
Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cisco Unified Operations Manager allow remote attackers to inject arbitrary web script or HTML, and obtain improperly secured cookies, via unspecified vectors, aka Bug ID CSCud80186. Múltiples vulnerabilidades XSS en el interfaz web de administración de Cisco Unified Operations Manager, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias y obtener cookies seguras a través de vectores no especificados. Aka Bug ID CSCud80186. • http://osvdb.org/95584 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3440 http://tools.cisco.com/security/center/viewAlert.x?alertId=30175 http://www.securityfocus.com/bid/61414 http://www.securitytracker.com/id/1028819 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2013-3439
https://notcve.org/view.php?id=CVE-2013-3439
Cross-site scripting (XSS) vulnerability in Cisco Unified Operations Manager allows remote attackers to inject arbitrary web script or HTML via a crafted URL in an unspecified HTTP header field, aka Bug ID CSCud80182. Múltiples vulnerabilidades XSS en Cisco Unified Operations Manager, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias a través de una URL manipulada en un campo en la cabecera de un HTML. Aka Bug ID CSCud80182. • http://osvdb.org/95585 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3439 http://tools.cisco.com/security/center/viewAlert.x?alertId=30174 http://www.securityfocus.com/bid/61416 http://www.securitytracker.com/id/1028825 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2013-3437
https://notcve.org/view.php?id=CVE-2013-3437
SQL injection vulnerability in the management application in Cisco Unified Operations Manager allows remote authenticated users to execute arbitrary SQL commands via an entry field, aka Bug ID CSCud80179. Vulnerabilidad de inyección SQL en Cisco Unified Operations Manager, permite a usuarios autenticados la ejecución arbitraria de comandos SQL a través de un campo de entrada. Aka Bug ID CSCud80179. • http://osvdb.org/95472 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3437 http://tools.cisco.com/security/center/viewAlert.x?alertId=30153 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •