CVE-2021-4104

Description from NVD

JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228. Note this issue only affects Log4j 1.2 when specifically configured to use JMSAppender, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.

Information Acquisition Date:2021-12-31T16:40Z
CVSS 2.0: 6.8 MEDIUM CVSS 3.x: 8.1 HIGH

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:M/Au:N/C:P/I:P/A:P

NVD References

 https://access.redhat.com/security/cve/CVE-2021-4104
     source:MISC
     tags:Mitigation    Third Party Advisory    
 https://www.cve.org/CVERecord?id=CVE-2021-44228
     source:MISC
     tags:Not Applicable    Third Party Advisory    
 https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126
     source:MISC
     tags:Issue Tracking    Patch    Third Party Advisory    
 VU#930724
     source:CERT-VN
     tags:Mitigation    Patch    Third Party Advisory    US Government Resource    
 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0033
     source:CONFIRM
     tags:
 https://security.netapp.com/advisory/ntap-20211223-0007/
     source:CONFIRM
     tags:

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag:

List of frequently cited URLs

URLNum of Times Referred to
https://logging.apache.org/log4j/2.x/security.html23
http://cyberiqs.com/latestnews20
https://reload4j.qos.ch6
https://access.redhat.com/security/cve/CVE-2021-41046
https://bit.ly/31PnEJp5
https://twitter.com/pyn3rd/status/14708126811331911685
https://security.sios.com/vulnerability/misc-security-vulne...4
https://blog.segu-info.com.ar/2021/12/resumen-de-todos-los-...4
https://github.com/cisagov/log4j-scanner3
http://vulmon.com/vulnerabilitydetails?qid=CVE-2021-41043
https://www.ipa.go.jp/security/ciadr/vul/alert20211213.html3
https://www.snort.org/downloads3
https://www.tenable.com/blog/cve-2021-44228-cve-2021-45046-...3
https://issues.apache.org/jira/browse/LOG4J2-3133
https://networks.unify.com/security/advisories/OBSO-2201-01...3
https://blog.cloudflare.com/inside-the-log4j2-vulnerability...3
https://www.bleepingcomputer.com/news/security/upgraded-to-...3

Information from Twitter

User URL Info Source Date
isac_kolej https://www.ibm.com/support/pages/node/6825215 Source isac_kolej       1613243486957887492 2023/01/12

List of frequently cited URLs

URLNum of Times Referred to
logging.apache.org23
cyberiqs.com20
reload4j.qos.ch6
access.redhat.com6
bit.ly5
twitter.com5
security.sios.com4
blog.segu-info.com.ar4
github.com3
vulmon.com3
www.ipa.go.jp3
www.snort.org3
www.tenable.com3
issues.apache.org3
networks.unify.com3
blog.cloudflare.com3
www.bleepingcomputer.com3

Information from Twitter

User URL Info Source
isac_kolej ibm.com Show Tweet
GitHub Search Results: Up to 10
NameURL
cckuailong/log4shell_1.x https://github.com/cckuailong/log4shell_1.x
NCSC-NL/log4shell https://github.com/NCSC-NL/log4shell
logpresso/CVE-2021-44228-Scanner https://github.com/logpresso/CVE-2021-44228-Scanner
TheInterception/Log4J-Simulation-Tool https://github.com/TheInterception/Log4J-Simulation-Tool
GitHub Search Results: Up to 10
NameURL
cckuailong/log4shell_1.x github.com
NCSC-NL/log4shell github.com
logpresso/CVE-2021-44228-Scanner github.com
TheInterception/Log4J-Simulation-Tool github.com
2023/01/12 Score : 0
Added Har-sia Database : 2021/12/13
Last Modified : 2023/01/12
Highest Scored Date : 2021/12/14
Highest Score : 36