CVE-2019-17571
log4j: deserialization of untrusted data in SocketServer
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.
Incluido en Log4j versión 1.2 existe una clase SocketServer que es vulnerable a la deserialización de datos no confiables, que pueden ser explotada para ejecutar código arbitrario remotamente cuando se combina con un dispositivo de deserialización al escuchar el tráfico de red no confiable para datos de registro. Esto afecta a Log4j versiones desde 1.2 hasta 1.2.17.
A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-10-14 CVE Reserved
- 2019-12-20 CVE Published
- 2019-12-25 First Exploit
- 2024-07-15 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-502: Deserialization of Untrusted Data
CAPEC
References (117)
| URL | Date | SRC |
|---|---|---|
| https://github.com/shadow-horse/CVE-2019-17571 | 2019-12-25 | |
| https://github.com/Al1ex/CVE-2019-17571 | 2020-07-16 |
| URL | Date | SRC |
|---|---|---|
| https://www.oracle.com/security-alerts/cpuApr2021.html | 2023-11-07 | |
| https://www.oracle.com/security-alerts/cpuapr2022.html | 2023-11-07 | |
| https://www.oracle.com/security-alerts/cpujul2022.html | 2023-11-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apache Search vendor "Apache" | Log4j Search vendor "Apache" for product "Log4j" | <= 1.2.17 Search vendor "Apache" for product "Log4j" and version " <= 1.2.17" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 18.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "18.04" | lts |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 15.1 Search vendor "Opensuse" for product "Leap" and version "15.1" | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Oncommand System Manager Search vendor "Netapp" for product "Oncommand System Manager" | >= 3.0 <= 3.1.3 Search vendor "Netapp" for product "Oncommand System Manager" and version " >= 3.0 <= 3.1.3" | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Oncommand Workflow Automation Search vendor "Netapp" for product "Oncommand Workflow Automation" | - | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Application Testing Suite Search vendor "Oracle" for product "Application Testing Suite" | 13.3.0.1 Search vendor "Oracle" for product "Application Testing Suite" and version "13.3.0.1" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Communications Network Integrity Search vendor "Oracle" for product "Communications Network Integrity" | >= 7.3.2 <= 7.3.6 Search vendor "Oracle" for product "Communications Network Integrity" and version " >= 7.3.2 <= 7.3.6" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Endeca Information Discovery Studio Search vendor "Oracle" for product "Endeca Information Discovery Studio" | 3.2.0 Search vendor "Oracle" for product "Endeca Information Discovery Studio" and version "3.2.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Financial Services Lending And Leasing Search vendor "Oracle" for product "Financial Services Lending And Leasing" | >= 14.1.0 <= 14.8.0 Search vendor "Oracle" for product "Financial Services Lending And Leasing" and version " >= 14.1.0 <= 14.8.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Financial Services Lending And Leasing Search vendor "Oracle" for product "Financial Services Lending And Leasing" | 12.5.0 Search vendor "Oracle" for product "Financial Services Lending And Leasing" and version "12.5.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Mysql Enterprise Monitor Search vendor "Oracle" for product "Mysql Enterprise Monitor" | <= 8.0.29 Search vendor "Oracle" for product "Mysql Enterprise Monitor" and version " <= 8.0.29" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Primavera Gateway Search vendor "Oracle" for product "Primavera Gateway" | >= 16.2 <= 16.2.11 Search vendor "Oracle" for product "Primavera Gateway" and version " >= 16.2 <= 16.2.11" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Primavera Gateway Search vendor "Oracle" for product "Primavera Gateway" | >= 17.12.0 <= 17.12.7 Search vendor "Oracle" for product "Primavera Gateway" and version " >= 17.12.0 <= 17.12.7" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Rapid Planning Search vendor "Oracle" for product "Rapid Planning" | 12.1 Search vendor "Oracle" for product "Rapid Planning" and version "12.1" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Rapid Planning Search vendor "Oracle" for product "Rapid Planning" | 12.2 Search vendor "Oracle" for product "Rapid Planning" and version "12.2" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Retail Extract Transform And Load Search vendor "Oracle" for product "Retail Extract Transform And Load" | 19.0 Search vendor "Oracle" for product "Retail Extract Transform And Load" and version "19.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Retail Service Backbone Search vendor "Oracle" for product "Retail Service Backbone" | 14.1 Search vendor "Oracle" for product "Retail Service Backbone" and version "14.1" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Retail Service Backbone Search vendor "Oracle" for product "Retail Service Backbone" | 15.0 Search vendor "Oracle" for product "Retail Service Backbone" and version "15.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Retail Service Backbone Search vendor "Oracle" for product "Retail Service Backbone" | 16.0 Search vendor "Oracle" for product "Retail Service Backbone" and version "16.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Weblogic Server Search vendor "Oracle" for product "Weblogic Server" | 10.3.6.0.0 Search vendor "Oracle" for product "Weblogic Server" and version "10.3.6.0.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Weblogic Server Search vendor "Oracle" for product "Weblogic Server" | 12.1.3.0.0 Search vendor "Oracle" for product "Weblogic Server" and version "12.1.3.0.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Weblogic Server Search vendor "Oracle" for product "Weblogic Server" | 12.2.1.3.0 Search vendor "Oracle" for product "Weblogic Server" and version "12.2.1.3.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Weblogic Server Search vendor "Oracle" for product "Weblogic Server" | 12.2.1.4.0 Search vendor "Oracle" for product "Weblogic Server" and version "12.2.1.4.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Weblogic Server Search vendor "Oracle" for product "Weblogic Server" | 14.1.1.0.0 Search vendor "Oracle" for product "Weblogic Server" and version "14.1.1.0.0" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Bookkeeper Search vendor "Apache" for product "Bookkeeper" | < 4.14.3 Search vendor "Apache" for product "Bookkeeper" and version " < 4.14.3" | - |
Affected
| ||||||