Request a Demo
Rewterz
Rewterz Threat Alert – FormBook Malware – Active IOCs
January 18, 2022
Rewterz
Rewterz Threat Advisory – CVE-2022-0185 – Linux Kernel Vulnerability
January 19, 2022

Rewterz Threat Advisory – Multiple Apache Log4j Vulnerabilities

Severity

High

Analysis Summary

CVE-2022-23307 

Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the in Apache Chainsaw component. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2022-23305 

Apache Log4j is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the JDBCAppender, which could allow the attacker to view, add, modify or delete information in the back-end database.

CVE-2022-23302 

Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Impact

  • Code Execution
  • Data Manipulation

Affected Vendors

Apache

Affected Products

  • Apache Chainsaw 2.0.0
  • Apache Log4j 1.2

Remediation

Upgrade to the latest version of Apache Log4j, Apache Chainsaw, available from the Apache Web site.

Apache Log4j:

https://logging.apache.org/log4j/1.2/index.html

Apache Chainsaw:

https://logging.apache.org/chainsaw/2.x/