CVE-2021-45046

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in an information leak and remote code execution in some environments and local code execution in all environments. Log4j 2.16.0 (Java 8) and 2.12.2 (Java 7) fix this issue by removing support for message lookup patterns and disabling JNDI functionality by default.

Attack Vector (AV)	Network	Adjacent	Local	Physical
Attack Complexity (AC)	LOW	High
Privileges Required (PR)	None	Low	High
User Interaction (UI)	None	Required
Scope (S)	Unchanged	Changed
Confidentiality (C)	None	Low	High
Integrity (I)	None	Low	High
Availability (A)	None	Low	High

Attack Vector (AV)	Network	Adjacent	Local
Access Complexity (AC)	Low	Medium	High
Authentication (Au)	None	Single	Multiple
Confidentiality (C)	None	Parical	Complete
Integrity (I)	None	Partial	Complete
Availability (A)	None	Partial	Complete

NVD References

Refer to Information on External Sites

CVE Infomation	Exploits or more Infomation
mitre	EXPLOIT DATABASE
NVD	0day.today
vulmon.com	github
CVE Details	Twitter
JVN ENG JPN
Reconshell

URL	Num of Times Referred to
http://vulmon.com/vulnerabilitydetails?qid=CVE	1983
https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...	251
https://www.oracle.com/security-alerts/cpujan2022.html	54
https://cvetrends.com	48
https://www.reddit.com/r/blueteamsec/comments/rd38z9/log4j_...	38
http://twinybots.ch	23
http://cyberiqs.com/latestnews	19
https://www.jpcert.or.jp/at/2021/at210050.html	16
https://lists.astaro.com/ASGV9-IPS-rules.html#0	13
https://ift.tt/3pW2kds	10
https://www.truesec.com/hub/blog/apache-log4j-injection-vul...	10
https://www.techsolvency.com/story-so-far/cve-2021-44228-lo...	9
https://lists.apache.org/thread/83y7dx5xvn3h5290q1twn16tlto...	8
https://aws.amazon.com/jp/security/security-bulletins/AWS-2...	7
https://www.cybereason.com/blog/cybereason-releases-vaccine...	7
https://gigazine.net/news/20211216-log4j-log4shell-cve-2021...	6
https://logging.apache.org/log4j/2.x/security.html	6
http://earmas.ga	5
https://opsmtrs.com/3xP0zlo	5
https://www.intel.com/content/www/us/en/security-center/adv...	5
https://www.zdnet.com/article/second-log4j-vulnerability-fo...	5
http://www.kitploit.com/2021/12/log4j-detector-detects-log4...	5
https://github.com/NCSC-NL/log4shell/tree/main/software	4
https://sysdig.com/blog/exploit-detect-mitigate-log4j-cve	4
https://github.blog/2021-12-13-githubs-response-to-log4j-vu...	4
https://www.snort.org/downloads	4
https://tools.cisco.com/security/center/content/CiscoSecuri...	4
https://about.gitlab.com/blog/2021/12/15/updates-and-action...	4
https://tweetedtimes.com/v/21183?s=tnp	4
https://security.sios.com/vulnerability/misc-security-vulne...	4
https://news.ycombinator.com/item?id=29561532	4
https://blog.segu-info.com.ar/2021/12/resumen-de-todos-los-...	4
https://www.hackingarticles.in/a-detailed-guide-on-log4j-pe...	4
https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf	4
https://cloudsecurityalliance.org/articles/log4j-the-evolut...	4
https://bit.ly/3q0PPgA	3
https://buff.ly/3oTpaDe	3
https://cybr.ly/31F2cXL	3
https://hclsw.co/hoge7x	3
https://youtu.be/_sC7ntv0PUY	3
http://apache.org	3
http://codezine.jp/article/detail/15346	3
https://twitter.com/likethecoins/status/1470828794755829765	3
https://www.cve.org/CVERecord?id=CVE-2021-45046	3
http://mi6rogue.com/blog	3
https://www.cisa.gov/uscert/apache-log4j-vulnerability-guid...	3
https://docs.jamf.com/technical-articles/Mitigating_the_Apa...	3
https://guardedbox.es	3
https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnera...	3
https://opensearch.org/blog/releases/2021/12/update-to-1-2-1/	3
https://www.govcert.ch/blog/zero-day-exploit-targeting-popu...	3
https://www.lunasec.io/docs/blog/log4j-zero-day-mitigation-...	3
https://www.splunk.com/en_us/blog/bulletins/splunk-security...	3
https://www.vmware.com/security/advisories/VMSA-2021-0028.html	3
https://core.vmware.com/vmsa-2021-0028-questions-answers-faq	3
https://support.sap.com/content/dam/support/en_us/library/s...	3
https://www.access42.nl/nieuws/cve-2021-44228-proof-of-conc...	3
https://www.tableau.com/about/blog/2021/12/update-apache-lo...	3
https://www.tenable.com/blog/cve-2021-44228-cve-2021-45046-...	3
https://blog.aquasec.com/second-log4j-security-vulnerability	3
https://community.ui.com/releases/UniFi-Network-Application...	3
https://www.openwall.com/lists/oss-security/2021/12/14/4	3
https://access.redhat.com/security/cve/cve-2021-45046	3
https://thehackernews.com/2021/12/second-log4j-vulnerabilit...	3
https://support.citrix.com/article/CTX335705	3
https://www.praetorian.com/blog/log4j-2-15-0-stills-allows-...	3
https://www.solarwinds.com/trust-center/security-advisories...	3
https://blog.cloudflare.com/protection-against-cve-2021-450...	3
https://securityonline.info/log4j-detector-detects-vulnerab...	3
https://blogs.networld.co.jp/entry/2021/12/12/210529	3
https://www.cert.ssi.gouv.fr/alerte/CERTFR-2021-ALE-022/	3
https://noticiasseguridad.com/vulnerabilidades/detalles-de-...	3
https://www.alexvanwolferen.nl/sitecore-solr-fix-log4j-cve-...	3
https://anchisesbr.blogspot.com/2021/12/seguranca-o-caos-do...	3
https://www.bleepingcomputer.com/news/security/cisa-release...	3
https://ipssignatures.appspot.com/?cve=CVE-2021-45046	3
https://blog.talosintelligence.com/2021/12/apache-log4j-rce...	3
https://log4j-tester.trendmicro.com/	3
https://security.paloaltonetworks.com/CVE-2021-44228	3

User	URL	Info Source	Date
fletch_ai	https://bit.ly/3ZSDADv	Source fletch_ai 1636584407820632064	2023/03/17

List of frequently cited URLs

URL	Num of Times Referred to
vulmon.com	1983
alerts.vulmon.com	251
www.oracle.com	54
cvetrends.com	48
www.reddit.com	38
twinybots.ch	23
cyberiqs.com	19
www.jpcert.or.jp	16
lists.astaro.com	13
ift.tt	10
www.truesec.com	10
www.techsolvency.com	9
lists.apache.org	8
aws.amazon.com	7
www.cybereason.com	7
gigazine.net	6
logging.apache.org	6
earmas.ga	5
opsmtrs.com	5
www.intel.com	5
www.zdnet.com	5
www.kitploit.com	5
github.com	4
sysdig.com	4
github.blog	4
www.snort.org	4
tools.cisco.com	4
about.gitlab.com	4
tweetedtimes.com	4
security.sios.com	4
news.ycombinator.com	4
blog.segu-info.com.ar	4
www.hackingarticles.in	4
cert-portal.siemens.com	4
cloudsecurityalliance.org	4
bit.ly	3
buff.ly	3
cybr.ly	3
hclsw.co	3
youtu.be	3
apache.org	3
codezine.jp	3
twitter.com	3
www.cve.org	3
mi6rogue.com	3
www.cisa.gov	3
docs.jamf.com	3
guardedbox.es	3
kb.tableau.com	3
opensearch.org	3
www.govcert.ch	3
www.lunasec.io	3
www.splunk.com	3
www.vmware.com	3
core.vmware.com	3
support.sap.com	3
www.access42.nl	3
www.tableau.com	3
www.tenable.com	3
blog.aquasec.com	3
community.ui.com	3
www.openwall.com	3
access.redhat.com	3
thehackernews.com	3
support.citrix.com	3
www.praetorian.com	3
www.solarwinds.com	3
blog.cloudflare.com	3
securityonline.info	3
blogs.networld.co.jp	3
www.cert.ssi.gouv.fr	3
noticiasseguridad.com	3
www.alexvanwolferen.nl	3
anchisesbr.blogspot.com	3
www.bleepingcomputer.com	3
ipssignatures.appspot.com	3
blog.talosintelligence.com	3
log4j-tester.trendmicro.com	3
security.paloaltonetworks.com	3

Information from Twitter

User	URL	Info Source
fletch_ai	bit.ly	Show Tweet

Name	URL
No Data

Name	URL
No Data

2023/03/17 Score : 1
Added Har-sia Database : 2021/12/15
Last Modified : 2023/03/17
Highest Scored Date : 2021/12/15
Highest Score : 568

CVE-2021-45046

Description from NVD

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:H/Au:N/C:P/I:P/A:P

NVD References

Refer to Information on External Sites

Information from Twitter

Information from Twitter