HTTP: Apache Log4j JDBC Appender DataSource Arbitrary Code Execution
This signature detects attempts to exploit a known vulnerability against Apache Log4j. A successful attack can lead to arbitrary code execution.
Extended Description
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.
Affected Products
Oracle retail_xstore_point_of_service
Short Name
HTTP:APACHE:LOG4J-JDBC-APNDR-CE
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Apache Appender Arbitrary CVE-2021-44832 Code DataSource Execution JDBC Log4j
Release Date
12/29/2021
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3693
False Positive
Unknown
Vendors
Apache
Oracle
Fedoraproject
Cisco
Debian
CVSS Score
6.0