CVE-2021-44228 - Vulnerability Details

CVE-2021-44228 - Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is in the KEV database since Dec. 10, 2021.

The EPSS score is 0.94358.

Exploitation active

Automatable yes

Technical Impact total

Vendors	Products
Apache Subscribe	Log4j Subscribe
Apple Subscribe	Xcode Subscribe
Bentley Subscribe	Synchro Subscribe Synchro 4d Subscribe
Cisco Subscribe	Advanced Malware Protection Virtual Private Cloud Appliance Subscribe Automated Subsea Tuning Subscribe Broadworks Subscribe Business Process Automation Subscribe Cloud Connect Subscribe Cloudcenter Subscribe Cloudcenter Cost Optimizer Subscribe Cloudcenter Suite Subscribe Cloudcenter Suite Admin Subscribe Cloudcenter Workload Manager Subscribe Common Services Platform Collector Subscribe Connected Mobile Experiences Subscribe Contact Center Domain Manager Subscribe Contact Center Management Portal Subscribe Crosswork Data Gateway Subscribe Crosswork Network Automation Subscribe Crosswork Network Controller Subscribe Crosswork Optimization Engine Subscribe Crosswork Platform Infrastructure Subscribe Crosswork Zero Touch Provisioning Subscribe Customer Experience Cloud Agent Subscribe Cx Cloud Agent Subscribe Cyber Vision Subscribe Cyber Vision Sensor Management Extension Subscribe Data Center Network Manager Subscribe Dna Center Subscribe Dna Spaces Subscribe Dna Spaces\ Subscribe Dna Spaces Connector Subscribe Emergency Responder Subscribe Enterprise Chat And Email Subscribe Evolved Programmable Network Manager Subscribe Finesse Subscribe Firepower 1010 Subscribe Firepower 1120 Subscribe Firepower 1140 Subscribe Firepower 1150 Subscribe Firepower 2110 Subscribe Firepower 2120 Subscribe Firepower 2130 Subscribe Firepower 2140 Subscribe Firepower 4110 Subscribe Firepower 4112 Subscribe Firepower 4115 Subscribe Firepower 4120 Subscribe Firepower 4125 Subscribe Firepower 4140 Subscribe Firepower 4145 Subscribe Firepower 4150 Subscribe Firepower 9300 Subscribe Firepower Threat Defense Subscribe Fog Director Subscribe Fxos Subscribe Identity Services Engine Subscribe Integrated Management Controller Supervisor Subscribe Intersight Virtual Appliance Subscribe Iot Operations Dashboard Subscribe Mobility Services Engine Subscribe Network Assurance Engine Subscribe Network Dashboard Fabric Controller Subscribe Network Insights For Data Center Subscribe Network Services Orchestrator Subscribe Nexus Dashboard Subscribe Nexus Insights Subscribe Optical Network Controller Subscribe Packaged Contact Center Enterprise Subscribe Paging Server Subscribe Prime Service Catalog Subscribe Sd-wan Vmanage Subscribe Smart Phy Subscribe Ucs Central Subscribe Ucs Central Software Subscribe Ucs Director Subscribe Unified Communications Manager Subscribe Unified Communications Manager Im \& Presence Service Subscribe Unified Communications Manager Im And Presence Service Subscribe Unified Computing System Subscribe Unified Contact Center Enterprise Subscribe Unified Contact Center Express Subscribe Unified Contact Center Management Portal Subscribe Unified Customer Voice Portal Subscribe Unified Intelligence Center Subscribe Unified Sip Proxy Subscribe Unified Workforce Optimization Subscribe Unity Connection Subscribe Video Surveillance Manager Subscribe Video Surveillance Operations Manager Subscribe Virtual Topology System Subscribe Virtualized Infrastructure Manager Subscribe Virtualized Voice Browser Subscribe Wan Automation Engine Subscribe Webex Meetings Server Subscribe Workload Optimization Manager Subscribe
Debian Subscribe	Debian Linux Subscribe
Fedoraproject Subscribe	Fedora Subscribe
Intel Subscribe	Computer Vision Annotation Tool Subscribe Datacenter Manager Subscribe Genomics Kernel Library Subscribe Oneapi Sample Browser Subscribe Secure Device Onboard Subscribe System Studio Subscribe
Netapp Subscribe	Active Iq Unified Manager Subscribe Brocade San Navigator Subscribe Cloud Insights Subscribe Cloud Manager Subscribe Cloud Secure Agent Subscribe Oncommand Insight Subscribe Ontap Tools Subscribe Snapcenter Subscribe Solidfire \& Hci Storage Node Subscribe Solidfire Enterprise Sds Subscribe
Percussion Subscribe	Rhythmyx Subscribe
Redhat Subscribe	Amq Streams Subscribe Camel Quarkus Subscribe Integration Subscribe Jboss Data Grid Subscribe Jboss Enterprise Application Platform Subscribe Jboss Enterprise Application Platform Eus Subscribe Jboss Enterprise Bpms Platform Subscribe Jboss Fuse Subscribe Logging Subscribe Openshift Subscribe Openshift Application Runtimes Subscribe
Siemens Subscribe	6bk1602-0aa12-0tp0 Subscribe 6bk1602-0aa12-0tp0 Firmware Subscribe 6bk1602-0aa22-0tp0 Subscribe 6bk1602-0aa22-0tp0 Firmware Subscribe 6bk1602-0aa32-0tp0 Subscribe 6bk1602-0aa32-0tp0 Firmware Subscribe 6bk1602-0aa42-0tp0 Subscribe 6bk1602-0aa42-0tp0 Firmware Subscribe 6bk1602-0aa52-0tp0 Subscribe 6bk1602-0aa52-0tp0 Firmware Subscribe Capital Subscribe Comos Subscribe Desigo Cc Advanced Reports Subscribe Desigo Cc Info Center Subscribe E-car Operation Center Subscribe Energy Engage Subscribe Energyip Subscribe Energyip Prepay Subscribe Gma-manager Subscribe Head-end System Universal Device Integration System Subscribe Industrial Edge Management Subscribe Industrial Edge Management Hub Subscribe Logo\! Soft Comfort Subscribe Mendix Subscribe Mindsphere Subscribe Navigator Subscribe Nx Subscribe Opcenter Intelligence Subscribe Operation Scheduler Subscribe Sentron Powermanager Subscribe Siguard Dsa Subscribe Sipass Integrated Subscribe Siveillance Command Subscribe Siveillance Control Pro Subscribe Siveillance Identity Subscribe Siveillance Vantage Subscribe Siveillance Viewpoint Subscribe Solid Edge Cam Pro Subscribe Solid Edge Harness Design Subscribe Spectrum Power 4 Subscribe Spectrum Power 7 Subscribe Sppa-t3000 Ses3000 Subscribe Sppa-t3000 Ses3000 Firmware Subscribe Teamcenter Subscribe Vesys Subscribe Xpedition Enterprise Subscribe Xpedition Package Integrator Subscribe
Snowsoftware Subscribe	Snow Commander Subscribe Vm Access Proxy Subscribe
Sonicwall Subscribe	Email Security Subscribe

Configuration 1 [-]

AND

cpe:2.3:o:siemens:6bk1602-0aa12-0tp0_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6bk1602-0aa12-0tp0:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:siemens:6bk1602-0aa22-0tp0_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6bk1602-0aa22-0tp0:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:siemens:6bk1602-0aa32-0tp0_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6bk1602-0aa32-0tp0:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:siemens:6bk1602-0aa42-0tp0_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6bk1602-0aa42-0tp0:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:siemens:6bk1602-0aa52-0tp0_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6bk1602-0aa52-0tp0:-:*:*:*:*:*:*:*

Configuration 6 [-]

OR	cpe:2.3:a:apache:log4j::::::::
	cpe:2.3:a:apache:log4j::::::::
	cpe:2.3:a:apache:log4j::::::::
	cpe:2.3:a:apache:log4j:2.0:-::::::
	cpe:2.3:a:apache:log4j:2.0:beta9::::::
	cpe:2.3:a:apache:log4j:2.0:rc1::::::
	cpe:2.3:a:apache:log4j:2.0:rc2::::::

Configuration 7 [-]

AND

cpe:2.3:o:siemens:sppa-t3000_ses3000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sppa-t3000_ses3000:-:*:*:*:*:*:*:*

Configuration 8 [-]

OR	cpe:2.3:a:siemens:capital::::::::
	cpe:2.3:a:siemens:capital:2019.1:-::::::
	cpe:2.3:a:siemens:capital:2019.1:sp1912::::::
	cpe:2.3:a:siemens:comos::::::::
	cpe:2.3:a:siemens:desigo_cc_advanced_reports:3.0:::::::*
	cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.0:::::::*
	cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.1:::::::*
	cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.2:::::::*
	cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.0:::::::*
	cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.1:::::::*
	cpe:2.3:a:siemens:desigo_cc_info_center:5.0:::::::*
	cpe:2.3:a:siemens:desigo_cc_info_center:5.1:::::::*
	cpe:2.3:a:siemens:e-car_operation_center::::::::
	cpe:2.3:a:siemens:energy_engage:3.1:::::::*
	cpe:2.3:a:siemens:energyip:8.5:::::::*
	cpe:2.3:a:siemens:energyip:8.6:::::::*
	cpe:2.3:a:siemens:energyip:8.7:::::::*
	cpe:2.3:a:siemens:energyip:9.0:::::::*
	cpe:2.3:a:siemens:energyip_prepay::::::::
	cpe:2.3:a:siemens:gma-manager::::::::
	cpe:2.3:a:siemens:head-end_system_universal_device_integration_system::::::::
	cpe:2.3:a:siemens:industrial_edge_management::::::::
	cpe:2.3:a:siemens:industrial_edge_management_hub::::::::
	cpe:2.3:a:siemens:logo\!_soft_comfort::::::::
	cpe:2.3:a:siemens:mendix::::::::
	cpe:2.3:a:siemens:mindsphere::::::::
	cpe:2.3:a:siemens:navigator::::::::
	cpe:2.3:a:siemens:nx::::::::
	cpe:2.3:a:siemens:opcenter_intelligence::::::::
	cpe:2.3:a:siemens:operation_scheduler::::::::
	cpe:2.3:a:siemens:sentron_powermanager:4.1:::::::*
	cpe:2.3:a:siemens:sentron_powermanager:4.2:::::::*
	cpe:2.3:a:siemens:siguard_dsa::::::::
	cpe:2.3:a:siemens:sipass_integrated:2.80:::::::*
	cpe:2.3:a:siemens:sipass_integrated:2.85:::::::*
	cpe:2.3:a:siemens:siveillance_command::::::::
	cpe:2.3:a:siemens:siveillance_control_pro::::::::
	cpe:2.3:a:siemens:siveillance_identity:1.5:::::::*
	cpe:2.3:a:siemens:siveillance_identity:1.6:::::::*
	cpe:2.3:a:siemens:siveillance_vantage::::::::
	cpe:2.3:a:siemens:siveillance_viewpoint::::::::
	cpe:2.3:a:siemens:solid_edge_cam_pro::::::::
	cpe:2.3:a:siemens:solid_edge_harness_design::::::::
	cpe:2.3:a:siemens:solid_edge_harness_design:2020:::::::*
	cpe:2.3:a:siemens:solid_edge_harness_design:2020:-::::::
	cpe:2.3:a:siemens:solid_edge_harness_design:2020:sp2002::::::
	cpe:2.3:a:siemens:spectrum_power_4::::::::
	cpe:2.3:a:siemens:spectrum_power_4:4.70:-::::::
	cpe:2.3:a:siemens:spectrum_power_4:4.70:sp7::::::
	cpe:2.3:a:siemens:spectrum_power_4:4.70:sp8::::::
	cpe:2.3:a:siemens:spectrum_power_7::::::::
	cpe:2.3:a:siemens:spectrum_power_7:2.30:::::::*
	cpe:2.3:a:siemens:spectrum_power_7:2.30:-::::::
	cpe:2.3:a:siemens:spectrum_power_7:2.30:sp2::::::
	cpe:2.3:a:siemens:teamcenter::::::::
	cpe:2.3:a:siemens:vesys::::::::
	cpe:2.3:a:siemens:vesys:2019.1:::::::*
	cpe:2.3:a:siemens:vesys:2019.1:-::::::
	cpe:2.3:a:siemens:vesys:2019.1:sp1912::::::
	cpe:2.3:a:siemens:vesys:2020.1:-::::::
	cpe:2.3:a:siemens:vesys:2021.1:-::::::
	cpe:2.3:a:siemens:xpedition_enterprise:-:::::::*
	cpe:2.3:a:siemens:xpedition_package_integrator:-:::::::*

Configuration 9 [-]

OR	cpe:2.3:a:intel:computer_vision_annotation_tool:-:::::::*
	cpe:2.3:a:intel:datacenter_manager::::::::
	cpe:2.3:a:intel:genomics_kernel_library:-:::::::*
	cpe:2.3:a:intel:oneapi_sample_browser:-:::::eclipse::
	cpe:2.3:a:intel:secure_device_onboard:-:::::::*
	cpe:2.3:a:intel:system_studio:-:::::::*

Configuration 10 [-]

OR	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:debian:debian_linux:10.0:::::::*
	cpe:2.3:o:debian:debian_linux:11.0:::::::*

Configuration 11 [-]

OR	cpe:2.3:o:fedoraproject:fedora:34:::::::*
	cpe:2.3:o:fedoraproject:fedora:35:::::::*

Configuration 12 [-]

cpe:2.3:a:sonicwall:email_security:*:*:*:*:*:*:*:*

Configuration 13 [-]

OR	cpe:2.3:a:netapp:active_iq_unified_manager:-:::::linux::
	cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere::
	cpe:2.3:a:netapp:active_iq_unified_manager:-:::::windows::
	cpe:2.3:a:netapp:brocade_san_navigator:-:::::::*
	cpe:2.3:a:netapp:cloud_insights:-:::::::*
	cpe:2.3:a:netapp:cloud_manager:-:::::::*
	cpe:2.3:a:netapp:cloud_secure_agent:-:::::::*
	cpe:2.3:a:netapp:oncommand_insight:-:::::::*
	cpe:2.3:a:netapp:ontap_tools:-:::::vmware_vsphere::
	cpe:2.3:a:netapp:snapcenter:-:::::vmware_vsphere::
	cpe:2.3:a:netapp:solidfire_\&_hci_storage_node:-:::::::*
	cpe:2.3:a:netapp:solidfire_enterprise_sds:-:::::::*

Configuration 14 [-]

OR	cpe:2.3:a:cisco:advanced_malware_protection_virtual_private_cloud_appliance::::::::
	cpe:2.3:a:cisco:automated_subsea_tuning::::::::
	cpe:2.3:a:cisco:broadworks::::::::
	cpe:2.3:a:cisco:business_process_automation::::::::
	cpe:2.3:a:cisco:business_process_automation::::::::
	cpe:2.3:a:cisco:business_process_automation::::::::
	cpe:2.3:a:cisco:cloud_connect::::::::
	cpe:2.3:a:cisco:cloudcenter::::::::
	cpe:2.3:a:cisco:cloudcenter_cost_optimizer::::::::
	cpe:2.3:a:cisco:cloudcenter_suite_admin::::::::
	cpe:2.3:a:cisco:cloudcenter_workload_manager::::::::
	cpe:2.3:a:cisco:common_services_platform_collector::::::::
	cpe:2.3:a:cisco:common_services_platform_collector::::::::
	cpe:2.3:a:cisco:connected_mobile_experiences:-:::::::*
	cpe:2.3:a:cisco:contact_center_domain_manager::::::::
	cpe:2.3:a:cisco:contact_center_management_portal::::::::
	cpe:2.3:a:cisco:crosswork_data_gateway::::::::
	cpe:2.3:a:cisco:crosswork_data_gateway:3.0.0:::::::*
	cpe:2.3:a:cisco:crosswork_network_controller::::::::
	cpe:2.3:a:cisco:crosswork_network_controller:3.0.0:::::::*
	cpe:2.3:a:cisco:crosswork_optimization_engine::::::::
	cpe:2.3:a:cisco:crosswork_optimization_engine:3.0.0:::::::*
	cpe:2.3:a:cisco:crosswork_platform_infrastructure::::::::
	cpe:2.3:a:cisco:crosswork_platform_infrastructure:4.1.0:::::::*
	cpe:2.3:a:cisco:crosswork_zero_touch_provisioning::::::::
	cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:3.0.0:::::::*
	cpe:2.3:a:cisco:customer_experience_cloud_agent::::::::
	cpe:2.3:a:cisco:cyber_vision_sensor_management_extension::::::::
	cpe:2.3:a:cisco:data_center_network_manager::::::::
	cpe:2.3:a:cisco:data_center_network_manager:11.3\(1\):::::::*
	cpe:2.3:a:cisco:dna_center::::::::
	cpe:2.3:a:cisco:dna_center::::::::
	cpe:2.3:a:cisco:dna_center::::::::
	cpe:2.3:a:cisco:dna_spaces\:_connector::::::::
	cpe:2.3:a:cisco:emergency_responder::::::::
	cpe:2.3:a:cisco:enterprise_chat_and_email::::::::
	cpe:2.3:a:cisco:evolved_programmable_network_manager::::::::
	cpe:2.3:a:cisco:finesse::::::::
	cpe:2.3:a:cisco:finesse:12.6\(1\):::::::*
	cpe:2.3:a:cisco:fog_director:-:::::::*
	cpe:2.3:a:cisco:identity_services_engine::::::::
	cpe:2.3:a:cisco:identity_services_engine:2.4.0:-::::::
	cpe:2.3:a:cisco:integrated_management_controller_supervisor::::::::
	cpe:2.3:a:cisco:intersight_virtual_appliance::::::::
	cpe:2.3:a:cisco:iot_operations_dashboard:-:::::::*
	cpe:2.3:a:cisco:network_assurance_engine::::::::
	cpe:2.3:a:cisco:network_services_orchestrator::::::::
	cpe:2.3:a:cisco:network_services_orchestrator::::::::
	cpe:2.3:a:cisco:network_services_orchestrator::::::::
	cpe:2.3:a:cisco:network_services_orchestrator::::::::
	cpe:2.3:a:cisco:nexus_dashboard::::::::
	cpe:2.3:a:cisco:nexus_insights::::::::
	cpe:2.3:a:cisco:optical_network_controller::::::::
	cpe:2.3:a:cisco:packaged_contact_center_enterprise::::::::
	cpe:2.3:a:cisco:packaged_contact_center_enterprise:11.6\(1\):::::::*
	cpe:2.3:a:cisco:paging_server::::::::
	cpe:2.3:a:cisco:prime_service_catalog::::::::
	cpe:2.3:a:cisco:sd-wan_vmanage::::::::
	cpe:2.3:a:cisco:sd-wan_vmanage::::::::
	cpe:2.3:a:cisco:sd-wan_vmanage::::::::
	cpe:2.3:a:cisco:sd-wan_vmanage::::::::
	cpe:2.3:a:cisco:smart_phy::::::::
	cpe:2.3:a:cisco:ucs_central::::::::
	cpe:2.3:a:cisco:ucs_director::::::::
cpe:2.3:a:cisco:unified_communications_manager:::::-:::*
cpe:2.3:a:cisco:unified_communications_manager:::::session_management:::*
cpe:2.3:a:cisco:unified_communications_manager:11.5\(1\):::::::*
cpe:2.3:a:cisco:unified_communications_manager:11.5\(1\)::::-:::
cpe:2.3:a:cisco:unified_communications_manager:11.5\(1\)::::session_management:::
cpe:2.3:a:cisco:unified_communications_manager:11.5\(1\)su3:::::::*
cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service::::::::
cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:11.5\(1\):::::::*
cpe:2.3:a:cisco:unified_contact_center_enterprise::::::::
cpe:2.3:a:cisco:unified_contact_center_enterprise:11.6\(2\):::::::*
cpe:2.3:a:cisco:unified_contact_center_express::::::::
cpe:2.3:a:cisco:unified_customer_voice_portal::::::::
cpe:2.3:a:cisco:unified_customer_voice_portal:11.6:::::::*
cpe:2.3:a:cisco:unified_customer_voice_portal:12.0:::::::*
cpe:2.3:a:cisco:unified_customer_voice_portal:12.5:::::::*
cpe:2.3:a:cisco:unified_intelligence_center::::::::
cpe:2.3:a:cisco:unity_connection::::::::
cpe:2.3:a:cisco:video_surveillance_operations_manager::::::::
cpe:2.3:a:cisco:virtual_topology_system::::::::
cpe:2.3:a:cisco:virtualized_infrastructure_manager::::::::
cpe:2.3:a:cisco:virtualized_infrastructure_manager::::::::
cpe:2.3:a:cisco:virtualized_voice_browser::::::::
cpe:2.3:a:cisco:wan_automation_engine::::::::
cpe:2.3:a:cisco:webex_meetings_server::::::::
cpe:2.3:a:cisco:webex_meetings_server:3.0:-::::::
cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release1::::::
cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release2::::::
cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3::::::
cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3:-:::::*
cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_security_patch4::::::
cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_security_patch5::::::
cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_service_pack_2::::::
cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_service_pack_3::::::
cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release4::::::
cpe:2.3:a:cisco:webex_meetings_server:4.0:-::::::
cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release1::::::
cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release2::::::
cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release3::::::
cpe:2.3:a:cisco:workload_optimization_manager::::::::
cpe:2.3:o:cisco:unified_sip_proxy::::::::
cpe:2.3:o:cisco:unified_workforce_optimization::::::::

Configuration 15 [-]

AND

OR	cpe:2.3:h:cisco:firepower_1010:-:::::::*
	cpe:2.3:h:cisco:firepower_1120:-:::::::*
	cpe:2.3:h:cisco:firepower_1140:-:::::::*
	cpe:2.3:h:cisco:firepower_1150:-:::::::*
	cpe:2.3:h:cisco:firepower_2110:-:::::::*
	cpe:2.3:h:cisco:firepower_2120:-:::::::*
	cpe:2.3:h:cisco:firepower_2130:-:::::::*
	cpe:2.3:h:cisco:firepower_2140:-:::::::*
	cpe:2.3:h:cisco:firepower_4110:-:::::::*
	cpe:2.3:h:cisco:firepower_4112:-:::::::*
	cpe:2.3:h:cisco:firepower_4115:-:::::::*
	cpe:2.3:h:cisco:firepower_4120:-:::::::*
	cpe:2.3:h:cisco:firepower_4125:-:::::::*
	cpe:2.3:h:cisco:firepower_4140:-:::::::*
	cpe:2.3:h:cisco:firepower_4145:-:::::::*
	cpe:2.3:h:cisco:firepower_4150:-:::::::*
	cpe:2.3:h:cisco:firepower_9300:-:::::::*

OR	cpe:2.3:o:cisco:fxos:6.2.3:::::::*
	cpe:2.3:o:cisco:fxos:6.3.0:::::::*
	cpe:2.3:o:cisco:fxos:6.4.0:::::::*
	cpe:2.3:o:cisco:fxos:6.5.0:::::::*
	cpe:2.3:o:cisco:fxos:6.6.0:::::::*
	cpe:2.3:o:cisco:fxos:6.7.0:::::::*
	cpe:2.3:o:cisco:fxos:7.0.0:::::::*
	cpe:2.3:o:cisco:fxos:7.1.0:::::::*

Configuration 16 [-]

OR	cpe:2.3:a:cisco:automated_subsea_tuning:02.01.00:::::::*
	cpe:2.3:a:cisco:broadworks:-:::::::*
	cpe:2.3:a:cisco:cloudcenter_suite:4.10.0.15:::::::*
	cpe:2.3:a:cisco:cloudcenter_suite:5.3.0:::::::*
	cpe:2.3:a:cisco:cloudcenter_suite:5.4.1:::::::*
	cpe:2.3:a:cisco:cloudcenter_suite:5.5.0:::::::*
	cpe:2.3:a:cisco:cloudcenter_suite:5.5.1:::::::*
	cpe:2.3:a:cisco:common_services_platform_collector:002.009\(000.000\):::::::*
	cpe:2.3:a:cisco:common_services_platform_collector:002.009\(000.001\):::::::*
	cpe:2.3:a:cisco:common_services_platform_collector:002.009\(000.002\):::::::*
	cpe:2.3:a:cisco:common_services_platform_collector:002.009\(001.000\):::::::*
	cpe:2.3:a:cisco:common_services_platform_collector:002.009\(001.001\):::::::*
	cpe:2.3:a:cisco:common_services_platform_collector:002.009\(001.002\):::::::*
	cpe:2.3:a:cisco:common_services_platform_collector:002.010\(000.000\):::::::*
	cpe:2.3:a:cisco:crosswork_network_automation:-:::::::*
	cpe:2.3:a:cisco:crosswork_network_automation:2.0.0:::::::*
	cpe:2.3:a:cisco:crosswork_network_automation:3.0.0:::::::*
	cpe:2.3:a:cisco:crosswork_network_automation:4.1.0:::::::*
	cpe:2.3:a:cisco:crosswork_network_automation:4.1.1:::::::*
	cpe:2.3:a:cisco:cx_cloud_agent:001.012:::::::*
	cpe:2.3:a:cisco:cyber_vision:4.0.2:::::::*
	cpe:2.3:a:cisco:cyber_vision_sensor_management_extension:4.0.2:::::::*
	cpe:2.3:a:cisco:dna_center:2.2.2.8:::::::*
	cpe:2.3:a:cisco:dna_spaces:-:::::::*
	cpe:2.3:a:cisco:dna_spaces_connector:-:::::::*
	cpe:2.3:a:cisco:emergency_responder:11.5:::::::*
	cpe:2.3:a:cisco:emergency_responder:11.5\(4.65000.14\):::::::*
	cpe:2.3:a:cisco:emergency_responder:11.5\(4.66000.14\):::::::*
	cpe:2.3:a:cisco:enterprise_chat_and_email:12.0\(1\):::::::*
	cpe:2.3:a:cisco:enterprise_chat_and_email:12.5\(1\):::::::*
	cpe:2.3:a:cisco:enterprise_chat_and_email:12.6\(1\):::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1:::::::*
	cpe:2.3:a:cisco:finesse:12.5\(1\):su1::::::
	cpe:2.3:a:cisco:finesse:12.5\(1\):su2::::::
	cpe:2.3:a:cisco:finesse:12.6\(1\):-::::::
	cpe:2.3:a:cisco:finesse:12.6\(1\):es01::::::
	cpe:2.3:a:cisco:finesse:12.6\(1\):es02::::::
	cpe:2.3:a:cisco:finesse:12.6\(1\):es03::::::
	cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.3.0:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.5.0:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:::::::*
	cpe:2.3:a:cisco:identity_services_engine:002.004\(000.914\):-::::::
	cpe:2.3:a:cisco:identity_services_engine:002.006\(000.156\):-::::::
	cpe:2.3:a:cisco:identity_services_engine:002.007\(000.356\):-::::::
	cpe:2.3:a:cisco:identity_services_engine:003.000\(000.458\):-::::::
	cpe:2.3:a:cisco:identity_services_engine:003.001\(000.518\):-::::::
	cpe:2.3:a:cisco:identity_services_engine:003.002\(000.116\):-::::::
	cpe:2.3:a:cisco:integrated_management_controller_supervisor:002.003\(002.000\):::::::*
	cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.3.2.0:::::::*
	cpe:2.3:a:cisco:intersight_virtual_appliance:1.0.9-343:::::::*
	cpe:2.3:a:cisco:mobility_services_engine:-:::::::*
	cpe:2.3:a:cisco:network_assurance_engine:6.0\(2.1912\):::::::*
	cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.0\(1\):::::::*
	cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.1\(1\):::::::*
cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.2\(1\):::::::*
cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.3\(1\):::::::*
cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.4\(1\):::::::*
cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\(1\):::::::*
cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\(2\):::::::*
cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\(3\):::::::*
cpe:2.3:a:cisco:network_insights_for_data_center:6.0\(2.1914\):::::::*
cpe:2.3:a:cisco:network_services_orchestrator:-:::::::*
cpe:2.3:a:cisco:optical_network_controller:1.1:::::::*
cpe:2.3:a:cisco:paging_server:8.3\(1\):::::::*
cpe:2.3:a:cisco:paging_server:8.4\(1\):::::::*
cpe:2.3:a:cisco:paging_server:8.5\(1\):::::::*
cpe:2.3:a:cisco:paging_server:9.0\(1\):::::::*
cpe:2.3:a:cisco:paging_server:9.0\(2\):::::::*
cpe:2.3:a:cisco:paging_server:9.1\(1\):::::::*
cpe:2.3:a:cisco:paging_server:12.5\(2\):::::::*
cpe:2.3:a:cisco:paging_server:14.0\(1\):::::::*
cpe:2.3:a:cisco:prime_service_catalog:12.1:::::::*
cpe:2.3:a:cisco:sd-wan_vmanage:20.3:::::::*
cpe:2.3:a:cisco:sd-wan_vmanage:20.4:::::::*
cpe:2.3:a:cisco:sd-wan_vmanage:20.5:::::::*
cpe:2.3:a:cisco:sd-wan_vmanage:20.6:::::::*
cpe:2.3:a:cisco:sd-wan_vmanage:20.6.1:::::::*
cpe:2.3:a:cisco:sd-wan_vmanage:20.7:::::::*
cpe:2.3:a:cisco:sd-wan_vmanage:20.8:::::::*
cpe:2.3:a:cisco:smart_phy:3.1.2:::::::*
cpe:2.3:a:cisco:smart_phy:3.1.3:::::::*
cpe:2.3:a:cisco:smart_phy:3.1.4:::::::*
cpe:2.3:a:cisco:smart_phy:3.1.5:::::::*
cpe:2.3:a:cisco:smart_phy:3.2.1:::::::*
cpe:2.3:a:cisco:smart_phy:21.3:::::::*
cpe:2.3:a:cisco:ucs_central_software:2.0:::::::*
cpe:2.3:a:cisco:ucs_central_software:2.0\(1a\):::::::*
cpe:2.3:a:cisco:ucs_central_software:2.0\(1b\):::::::*
cpe:2.3:a:cisco:ucs_central_software:2.0\(1c\):::::::*
cpe:2.3:a:cisco:ucs_central_software:2.0\(1d\):::::::*
cpe:2.3:a:cisco:ucs_central_software:2.0\(1e\):::::::*
cpe:2.3:a:cisco:ucs_central_software:2.0\(1f\):::::::*
cpe:2.3:a:cisco:ucs_central_software:2.0\(1g\):::::::*
cpe:2.3:a:cisco:ucs_central_software:2.0\(1h\):::::::*
cpe:2.3:a:cisco:ucs_central_software:2.0\(1k\):::::::*
cpe:2.3:a:cisco:ucs_central_software:2.0\(1l\):::::::*
cpe:2.3:a:cisco:unified_communications_manager:11.5\(1.17900.52\):::::::*
cpe:2.3:a:cisco:unified_communications_manager:11.5\(1.18119.2\):::::::*
cpe:2.3:a:cisco:unified_communications_manager:11.5\(1.18900.97\):::::::*
cpe:2.3:a:cisco:unified_communications_manager:11.5\(1.21900.40\):::::::*
cpe:2.3:a:cisco:unified_communications_manager:11.5\(1.22900.28\):::::::*
cpe:2.3:a:cisco:unified_communications_manager_im_\&_presence_service:11.5\(1\):::::::*
cpe:2.3:a:cisco:unified_communications_manager_im_\&_presence_service:11.5\(1.22900.6\):::::::*
cpe:2.3:a:cisco:unified_computing_system:006.008\(001.000\):::::::*
cpe:2.3:a:cisco:unified_contact_center_enterprise:11.6\(2\):::::::*
cpe:2.3:a:cisco:unified_contact_center_enterprise:12.0\(1\):::::::*
cpe:2.3:a:cisco:unified_contact_center_enterprise:12.5\(1\):::::::*
cpe:2.3:a:cisco:unified_contact_center_enterprise:12.6\(1\):::::::*
cpe:2.3:a:cisco:unified_contact_center_enterprise:12.6\(2\):::::::*
cpe:2.3:a:cisco:unified_contact_center_express:12.5\(1\):-::::::
cpe:2.3:a:cisco:unified_contact_center_express:12.5\(1\):su1::::::
cpe:2.3:a:cisco:unified_contact_center_express:12.6\(1\):::::::*
cpe:2.3:a:cisco:unified_contact_center_express:12.6\(2\):::::::*
cpe:2.3:a:cisco:unified_contact_center_management_portal:12.6\(1\):::::::*
cpe:2.3:a:cisco:unified_customer_voice_portal:11.6\(1\):::::::*
cpe:2.3:a:cisco:unified_customer_voice_portal:12.0\(1\):::::::*
cpe:2.3:a:cisco:unified_customer_voice_portal:12.5\(1\):::::::*
cpe:2.3:a:cisco:unified_customer_voice_portal:12.6\(1\):::::::*
cpe:2.3:a:cisco:unified_intelligence_center:12.6\(1\):-::::::
cpe:2.3:a:cisco:unified_intelligence_center:12.6\(1\):es01::::::
cpe:2.3:a:cisco:unified_intelligence_center:12.6\(1\):es02::::::
cpe:2.3:a:cisco:unified_intelligence_center:12.6\(2\):-::::::
cpe:2.3:a:cisco:unified_sip_proxy:010.000\(000\):::::::*
cpe:2.3:a:cisco:unified_sip_proxy:010.000\(001\):::::::*
cpe:2.3:a:cisco:unified_sip_proxy:010.002\(000\):::::::*
cpe:2.3:a:cisco:unified_sip_proxy:010.002\(001\):::::::*
cpe:2.3:a:cisco:unified_workforce_optimization:11.5\(1\):sr7::::::
cpe:2.3:a:cisco:unity_connection:11.5:::::::*
cpe:2.3:a:cisco:unity_connection:11.5\(1.10000.6\):::::::*
cpe:2.3:a:cisco:video_surveillance_manager:7.14\(1.26\):::::::*
cpe:2.3:a:cisco:video_surveillance_manager:7.14\(2.26\):::::::*
cpe:2.3:a:cisco:video_surveillance_manager:7.14\(3.025\):::::::*
cpe:2.3:a:cisco:video_surveillance_manager:7.14\(4.018\):::::::*
cpe:2.3:a:cisco:virtual_topology_system:2.6.6:::::::*
cpe:2.3:a:cisco:wan_automation_engine:7.1.3:::::::*
cpe:2.3:a:cisco:wan_automation_engine:7.2.1:::::::*
cpe:2.3:a:cisco:wan_automation_engine:7.2.2:::::::*
cpe:2.3:a:cisco:wan_automation_engine:7.2.3:::::::*
cpe:2.3:a:cisco:wan_automation_engine:7.3:::::::*
cpe:2.3:a:cisco:wan_automation_engine:7.4:::::::*
cpe:2.3:a:cisco:wan_automation_engine:7.5:::::::*
cpe:2.3:a:cisco:wan_automation_engine:7.6:::::::*
cpe:2.3:a:cisco:webex_meetings_server:3.0:::::::*
cpe:2.3:a:cisco:webex_meetings_server:4.0:::::::*

Configuration 17 [-]

OR	cpe:2.3:a:snowsoftware:snow_commander::::::::
	cpe:2.3:a:snowsoftware:vm_access_proxy::::::::

Configuration 18 [-]

OR	cpe:2.3:a:bentley:synchro:::::pro:::*
	cpe:2.3:a:bentley:synchro_4d:::::pro:::*

Configuration 19 [-]

cpe:2.3:a:percussion:rhythmyx:*:*:*:*:*:*:*:*

Configuration 20 [-]

cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
EAP 7.4 log4j async
log4j-core	cpe:/a:redhat:jboss_enterprise_application_platform:7.4	RHSA-2021:5140	2021-12-15T00:00:00Z
OpenShift Logging 5.0
openshift-logging/elasticsearch6-rhel8:v5.0.10-1	cpe:/a:redhat:logging:5.0::el8	RHSA-2021:5137	2021-12-14T00:00:00Z
OpenShift Logging 5.1
openshift-logging/elasticsearch6-rhel8:v6.8.1-67	cpe:/a:redhat:logging:5.1::el8	RHSA-2021:5128	2021-12-14T00:00:00Z
OpenShift Logging 5.2
openshift-logging/elasticsearch6-rhel8:v6.8.1-66	cpe:/a:redhat:logging:5.2::el8	RHSA-2021:5127	2021-12-14T00:00:00Z
OpenShift Logging 5.3
openshift-logging/elasticsearch6-rhel8:v6.8.1-65	cpe:/a:redhat:logging:5.3::el8	RHSA-2021:5129	2021-12-14T00:00:00Z
Red Hat AMQ Streams 1.6.5
log4j-core	cpe:/a:redhat:amq_streams:1	RHSA-2021:5133	2021-12-14T00:00:00Z
Red Hat AMQ Streams 1.8.4
log4j-core	cpe:/a:redhat:amq_streams:1	RHSA-2021:5138	2021-12-14T00:00:00Z
Red Hat Data Grid 8.2.2
log4j-core	cpe:/a:redhat:jboss_data_grid:8.2	RHSA-2021:5132	2021-12-14T00:00:00Z
Red Hat Fuse 7.10
log4j-core	cpe:/a:redhat:jboss_fuse:7	RHSA-2021:5134	2021-12-14T00:00:00Z
Red Hat Fuse 7.8.2, 7.9.1, 7.10.1
log4j-core	cpe:/a:redhat:jboss_fuse:7	RHSA-2022:0203	2022-01-20T00:00:00Z
Red Hat Integration
log4j-core	cpe:/a:redhat:integration:1	RHSA-2021:5130	2021-12-14T00:00:00Z
Red Hat Integration Camel Quarkus 1
log4j-core	cpe:/a:redhat:camel_quarkus:2.2	RHSA-2021:5126	2021-12-14T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7
eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7	RHSA-2025:1746	2025-02-24T00:00:00Z
eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7	RHSA-2025:1746	2025-02-24T00:00:00Z
eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7	RHSA-2025:1746	2025-02-24T00:00:00Z
eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7	RHSA-2025:1746	2025-02-24T00:00:00Z
eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7	RHSA-2025:1746	2025-02-24T00:00:00Z
eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7	RHSA-2025:1746	2025-02-24T00:00:00Z
eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7	RHSA-2025:1746	2025-02-24T00:00:00Z
eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7	RHSA-2025:1746	2025-02-24T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7
eap7-hal-console-0:3.2.17-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7	RHSA-2025:1747	2025-02-24T00:00:00Z
eap7-jackson-annotations-0:2.10.4-2.redhat_00004.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7	RHSA-2025:1747	2025-02-24T00:00:00Z
eap7-jackson-core-0:2.10.4-2.redhat_00004.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7	RHSA-2025:1747	2025-02-24T00:00:00Z
eap7-jackson-databind-0:2.10.4-4.redhat_00004.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7	RHSA-2025:1747	2025-02-24T00:00:00Z
eap7-jackson-jaxrs-providers-0:2.10.4-2.redhat_00004.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7	RHSA-2025:1747	2025-02-24T00:00:00Z
eap7-jackson-modules-base-0:2.10.4-4.redhat_00004.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7	RHSA-2025:1747	2025-02-24T00:00:00Z
eap7-jackson-modules-java8-0:2.10.4-2.redhat_00004.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7	RHSA-2025:1747	2025-02-24T00:00:00Z
eap7-jettison-0:1.5.2-2.redhat_00002.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7	RHSA-2025:1747	2025-02-24T00:00:00Z
eap7-netty-0:4.1.63-4.Final_redhat_00002.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7	RHSA-2025:1747	2025-02-24T00:00:00Z
eap7-resteasy-0:3.11.6-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7	RHSA-2025:1747	2025-02-24T00:00:00Z
eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7	RHSA-2025:1747	2025-02-24T00:00:00Z
eap7-wildfly-0:7.3.12-3.GA_redhat_00002.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7	RHSA-2025:1747	2025-02-24T00:00:00Z
Red Hat OpenShift Container Platform 3.11
openshift3/ose-logging-elasticsearch5:v3.11.570-2.gd119820	cpe:/a:redhat:openshift:3.11::el7	RHSA-2021:5094	2021-12-14T00:00:00Z
Red Hat OpenShift Container Platform 4.6
openshift4/ose-logging-elasticsearch6:v4.6.0-202112132021.p0.g2a13a81.assembly.stream	cpe:/a:redhat:openshift:4.6::el8	RHSA-2021:5106	2021-12-16T00:00:00Z
openshift4/ose-metering-hive:v4.6.0-202112140546.p0.g8b9da97.assembly.stream	cpe:/a:redhat:openshift:4.6::el8	RHSA-2021:5106	2021-12-16T00:00:00Z
openshift4/ose-metering-presto:v4.6.0-202112150545.p0.g190688a.assembly.art3595	cpe:/a:redhat:openshift:4.6::el8	RHSA-2021:5141	2021-12-16T00:00:00Z
Red Hat OpenShift Container Platform 4.7
openshift4/ose-metering-hive:v4.7.0-202112140553.p0.g091bb99.assembly.stream	cpe:/a:redhat:openshift:4.7::el8	RHSA-2021:5107	2021-12-16T00:00:00Z
openshift4/ose-metering-presto:v4.7.0-202112150631.p0.gd502108.assembly.4.7.40	cpe:/a:redhat:openshift:4.7::el8	RHSA-2021:5107	2021-12-16T00:00:00Z
Red Hat OpenShift Container Platform 4.8
openshift4/ose-metering-hive:v4.8.0-202112132154.p0.g57dd03a.assembly.stream	cpe:/a:redhat:openshift:4.8::el8	RHSA-2021:5108	2021-12-14T00:00:00Z
openshift4/ose-metering-presto:v4.8.0-202112150431.p0.g4b934ae.assembly.art3599	cpe:/a:redhat:openshift:4.8::el8	RHSA-2021:5148	2021-12-15T00:00:00Z
RHPAM 7.11.1
	cpe:/a:redhat:jboss_enterprise_bpms_platform:7.11	RHSA-2022:0082	2022-01-11T00:00:00Z
RHPAM 7.12.0
log4j-core	cpe:/a:redhat:jboss_enterprise_bpms_platform:7.12	RHSA-2022:0296	2022-01-26T00:00:00Z
Vert.x 4.1.5 SP1
log4j-core	cpe:/a:redhat:openshift_application_runtimes:1.0	RHSA-2021:5093	2021-12-14T00:00:00Z

No data.

Advisories

Source	ID	Title
Debian DLA	DLA-2842-1	apache-log4j2 security update
Debian DSA	DSA-5020-1	apache-log4j2 security update
Debian DSA	DSA-5022-1	apache-log4j2 security update
Github GHSA	GHSA-jfh8-c2jp-5v3q	Remote code injection in Log4j
Ubuntu USN	USN-5192-1	Apache Log4j 2 vulnerability
Ubuntu USN	USN-5192-2	Apache Log4j 2 vulnerability
Ubuntu USN	USN-5197-1	Apache Log4j 2 vulnerability

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html
http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html
http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html
http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html
http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html
http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html
http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html
http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html
http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html
http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html
http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html
http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html
http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html
http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html
http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html
http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html
http://seclists.org/fulldisclosure/2022/Dec/2
http://seclists.org/fulldisclosure/2022/Jul/11
http://seclists.org/fulldisclosure/2022/Mar/23
http://www.openwall.com/lists/oss-security/2021/12/10/1
http://www.openwall.com/lists/oss-security/2021/12/10/2
http://www.openwall.com/lists/oss-security/2021/12/10/3
http://www.openwall.com/lists/oss-security/2021/12/13/1
http://www.openwall.com/lists/oss-security/2021/12/13/2
http://www.openwall.com/lists/oss-security/2021/12/14/4
http://www.openwall.com/lists/oss-security/2021/12/15/3
https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf
https://github.com/advisories/GHSA-jfh8-c2jp-5v3q
https://github.com/cisagov/log4j-affected-db
https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md
https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228
https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/
https://logging.apache.org/log4j/2.x/security.html
https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
https://nvd.nist.gov/vuln/detail/CVE-2021-44228
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
https://security.netapp.com/advisory/ntap-20211210-0007/
https://support.apple.com/kb/HT213189
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
https://twitter.com/kurtseifried/status/1469345530182455296
https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-44228
https://www.cve.org/CVERecord?id=CVE-2021-44228
https://www.debian.org/security/2021/dsa-5020
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html
https://www.kb.cert.org/vuls/id/930724
https://www.lunasec.io/docs/blog/log4j-zero-day/
https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html
https://www.oracle.com/security-alerts/alert-cve-2021-44228.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html

History

Fri, 20 Feb 2026 16:30:00 +0000

Type	Values Removed	Values Added
CPEs	cpe:2.3:a:cisco:cloudcenter_suite:4.10\(0.15\):::::::* cpe:2.3:a:cisco:cloudcenter_suite:5.3\(0\):::::::* cpe:2.3:a:cisco:cloudcenter_suite:5.4\(1\):::::::* cpe:2.3:a:cisco:cloudcenter_suite:5.5\(0\):::::::* cpe:2.3:a:cisco:cloudcenter_suite:5.5\(1\):::::::* cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.004.000.003:::::::* cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.005.000.000:::::::* cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.005.000.:::::::* cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.000.001:::::::* cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.001.000:::::::* cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.002.000:::::::* cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.000:::::::* cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.001.001:::::::* cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.003:::::::* cpe:2.3:a:cisco:connected_analytics_for_network_deployment:008.000.000.000.004:::::::* cpe:2.3:a:cisco:connected_analytics_for_network_deployment:008.000.000:::::::* cpe:2.3:a:cisco:connected_analytics_for_network_deployment:7.3:::::::*	cpe:2.3:a:cisco:cloudcenter_suite:4.10.0.15:::::::* cpe:2.3:a:cisco:cloudcenter_suite:5.3.0:::::::* cpe:2.3:a:cisco:cloudcenter_suite:5.4.1:::::::* cpe:2.3:a:cisco:cloudcenter_suite:5.5.0:::::::* cpe:2.3:a:cisco:cloudcenter_suite:5.5.1:::::::*
Vendors & Products	Cisco connected Analytics For Network Deployment

Wed, 22 Oct 2025 00:15:00 +0000

Type	Values Removed	Values Added
References		https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-44228

Tue, 21 Oct 2025 20:30:00 +0000

Type	Values Removed	Values Added
References	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-44228

Tue, 21 Oct 2025 19:30:00 +0000

Type	Values Removed	Values Added
References		https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-44228

Fri, 08 Aug 2025 19:00:00 +0000

Type	Values Removed	Values Added
CPEs	cpe:2.3:o:cisco:unified_intelligence_center::::::::	cpe:2.3:a:cisco:unified_intelligence_center::::::::

Wed, 16 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.94358}`	epss `{'score': 0.9447}`

Thu, 03 Apr 2025 21:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Intel datacenter Manager Netapp brocade San Navigator Netapp solidfire \& Hci Storage Node Netapp solidfire Enterprise Sds Siemens 6bk1602-0aa12-0tp0 Siemens 6bk1602-0aa12-0tp0 Firmware Siemens 6bk1602-0aa22-0tp0 Siemens 6bk1602-0aa22-0tp0 Firmware Siemens 6bk1602-0aa32-0tp0 Siemens 6bk1602-0aa32-0tp0 Firmware Siemens 6bk1602-0aa42-0tp0 Siemens 6bk1602-0aa42-0tp0 Firmware Siemens 6bk1602-0aa52-0tp0 Siemens 6bk1602-0aa52-0tp0 Firmware Siemens capital
CPEs	cpe:2.3:a:intel:audio_development_kit:-:::::::* cpe:2.3:a:intel:data_center_manager:::::::: cpe:2.3:a:intel:sensor_solution_firmware_development_kit:-:::::::* cpe:2.3:a:intel:system_debugger:-:::::::* cpe:2.3:a:siemens:captial:::::::: cpe:2.3:a:siemens:captial:2019.1:-:::::: cpe:2.3:a:siemens:captial:2019.1:sp1912:::::: cpe:2.3:a:siemens:energyip_prepay:3.7:::::::* cpe:2.3:a:siemens:energyip_prepay:3.8:::::::* cpe:2.3:a:siemens:siguard_dsa:4.2:::::::* cpe:2.3:a:siemens:siguard_dsa:4.3:::::::* cpe:2.3:a:siemens:siguard_dsa:4.4:::::::*	cpe:2.3:a:intel:datacenter_manager:::::::: cpe:2.3:a:netapp:brocade_san_navigator:-:::::::* cpe:2.3:a:netapp:solidfire_\&_hci_storage_node:-:::::::* cpe:2.3:a:netapp:solidfire_enterprise_sds:-:::::::* cpe:2.3:a:siemens:capital:::::::: cpe:2.3:a:siemens:capital:2019.1:-:::::: cpe:2.3:a:siemens:capital:2019.1:sp1912:::::: cpe:2.3:a:siemens:desigo_cc_advanced_reports:3.0:::::::* cpe:2.3:a:siemens:energyip_prepay:::::::: cpe:2.3:a:siemens:siguard_dsa:::::::: cpe:2.3:a:siemens:vesys:2020.1:-:::::: cpe:2.3:a:siemens:vesys:2021.1:-:::::: cpe:2.3:h:siemens:6bk1602-0aa12-0tp0:-:::::::* cpe:2.3:h:siemens:6bk1602-0aa22-0tp0:-:::::::* cpe:2.3:h:siemens:6bk1602-0aa32-0tp0:-:::::::* cpe:2.3:h:siemens:6bk1602-0aa42-0tp0:-:::::::* cpe:2.3:h:siemens:6bk1602-0aa52-0tp0:-:::::::* cpe:2.3:o:siemens:6bk1602-0aa12-0tp0_firmware:::::::: cpe:2.3:o:siemens:6bk1602-0aa22-0tp0_firmware:::::::: cpe:2.3:o:siemens:6bk1602-0aa32-0tp0_firmware:::::::: cpe:2.3:o:siemens:6bk1602-0aa42-0tp0_firmware:::::::: cpe:2.3:o:siemens:6bk1602-0aa52-0tp0_firmware::::::::
Vendors & Products	Intel audio Development Kit Intel data Center Manager Intel sensor Solution Firmware Development Kit Intel system Debugger Siemens captial	Intel datacenter Manager Netapp brocade San Navigator Netapp solidfire \& Hci Storage Node Netapp solidfire Enterprise Sds Siemens 6bk1602-0aa12-0tp0 Siemens 6bk1602-0aa12-0tp0 Firmware Siemens 6bk1602-0aa22-0tp0 Siemens 6bk1602-0aa22-0tp0 Firmware Siemens 6bk1602-0aa32-0tp0 Siemens 6bk1602-0aa32-0tp0 Firmware Siemens 6bk1602-0aa42-0tp0 Siemens 6bk1602-0aa42-0tp0 Firmware Siemens 6bk1602-0aa52-0tp0 Siemens 6bk1602-0aa52-0tp0 Firmware Siemens capital

Tue, 25 Feb 2025 02:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat jboss Enterprise Application Platform Eus
CPEs		cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7 cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7
Vendors & Products		Redhat jboss Enterprise Application Platform Eus

Tue, 04 Feb 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		kev `{'dateAdded': '2021-12-10'}` ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 14 Aug 2024 00:45:00 +0000

Type	Values Removed	Values Added
References		https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: apache

Published: 2021-12-10T00:00:00.000Z

Updated: 2025-10-21T23:25:23.121Z

Reserved: 2021-11-26T00:00:00.000Z

Link: CVE-2021-44228

Vulnrichment

Updated: 2024-08-04T04:17:24.696Z

NVD

Status : Analyzed

Published: 2021-12-10T10:15:09.143

Modified: 2026-02-20T16:15:59.363

Link: CVE-2021-44228

Redhat

Severity : Critical

Publid Date: 2021-12-10T02:01:00Z

Links: CVE-2021-44228 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Exploitation active

Automatable yes

Technical Impact total

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object