CVE-2017-5645

9.8

CRITICAL

Apache Log4j Remote Code Execution Vulnerability

Description

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.

INFO

Published Date :

April 17, 2017, 9:59 p.m.

Last Modified :

Nov. 7, 2023, 2:49 a.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

5.9

Exploitability Score :

3.9 Public PoC/Exploit Available at Github

CVE-2017-5645 has a 36 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2017-5645 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID	Vendor	Product
1	Oracle	soa_suite
2	Oracle	weblogic_server
3	Oracle	communications_webrtc_session_controller
4	Oracle	siebel_ui_framework
5	Oracle	identity_manager_connector
6	Oracle	communications_pricing_design_center
7	Oracle	application_testing_suite
8	Oracle	goldengate_application_adapters
9	Oracle	jd_edwards_enterpriseone_tools
10	Oracle	retail_predictive_application_server
11	Oracle	timesten_in-memory_database
12	Oracle	mysql_enterprise_monitor
13	Oracle	flexcube_investor_servicing
14	Oracle	fusion_middleware_mapviewer
15	Oracle	banking_platform
16	Oracle	communications_instant_messaging_server
17	Oracle	communications_interactive_session_recorder
18	Oracle	insurance_policy_administration
19	Oracle	insurance_rules_palette
20	Oracle	primavera_gateway
21	Oracle	retail_service_backbone
22	Oracle	jdeveloper
23	Oracle	instantis_enterprisetrack
24	Oracle	communications_network_integrity
25	Oracle	endeca_information_discovery_studio
26	Oracle	enterprise_manager_base_platform
27	Oracle	enterprise_manager_for_fusion_middleware
28	Oracle	financial_services_analytical_applications_infrastructure
29	Oracle	policy_automation_connector_for_siebel
30	Oracle	rapid_planning
31	Oracle	communications_messaging_server
32	Oracle	bi_publisher
33	Oracle	enterprise_data_quality
34	Oracle	retail_integration_bus
35	Oracle	financial_services_hedge_management_and_ifrs_valuations
36	Oracle	financial_services_loan_loss_forecasting_and_provisioning
37	Oracle	financial_services_profitability_management
38	Oracle	communications_converged_application_server_-_service_controller
39	Oracle	communications_service_broker
40	Oracle	financial_services_behavior_detection_platform
41	Oracle	goldengate
42	Oracle	policy_automation
43	Oracle	retail_extract_transform_and_load
44	Oracle	communications_online_mediation_controller
45	Oracle	enterprise_manager_for_mysql_database
46	Oracle	insurance_calculation_engine
47	Oracle	retail_advanced_inventory_planning
48	Oracle	retail_clearance_optimization_engine
49	Oracle	tape_library_acsls
50	Oracle	enterprise_manager_for_peoplesoft
51	Oracle	policy_automation_for_mobile_devices
52	Oracle	utilities_advanced_spatial_and_operational_analytics
53	Oracle	api_gateway
54	Oracle	autovue_vuelink_integration
55	Oracle	configuration_manager
56	Oracle	enterprise_manager_for_oracle_database
57	Oracle	financial_services_lending_and_leasing
58	Oracle	financial_services_regulatory_reporting_with_agilereporter
59	Oracle	identity_analytics
60	Oracle	identity_management_suite
61	Oracle	in-memory_performance-driven_planning
62	Oracle	peoplesoft_enterprise_fin_install
63	Oracle	retail_open_commerce_platform
64	Oracle	utilities_work_and_asset_management
1	Redhat	enterprise_linux
2	Redhat	enterprise_linux_desktop
3	Redhat	enterprise_linux_server
4	Redhat	enterprise_linux_workstation
5	Redhat	enterprise_linux_server_aus
6	Redhat	enterprise_linux_server_eus
7	Redhat	enterprise_linux_server_tus
8	Redhat	fuse
1	Netapp	oncommand_insight
2	Netapp	oncommand_workflow_automation
3	Netapp	snapcenter
4	Netapp	storage_automation_store
5	Netapp	service_level_manager
6	Netapp	oncommand_api_services
1	Apache	log4j

: Total Affected Vendor : 4 | Products : 79

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2017-5645.

URL	Resource
http://www.openwall.com/lists/oss-security/2019/12/19/2	Mailing List Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html	Patch
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html	Patch
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html	Patch
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html	Patch Third Party Advisory
http://www.securityfocus.com/bid/97702	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1040200	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1041294	Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2017:1417	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1801	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1802	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2423	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2633	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2635	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2636	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2637	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2638	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2808	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2809	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2810	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2811	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2888	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2889	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3244	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3399	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3400	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:1545	Third Party Advisory
https://issues.apache.org/jira/browse/LOG4J2-1863	Issue Tracking Vendor Advisory
https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9%40%3Cdev.logging.apache.org%3E
https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1%40%3Cdev.tika.apache.org%3E
https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c%40%3Cdev.tika.apache.org%3E
https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6%40%3Cdev.tika.apache.org%3E
https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c%40%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917%40%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac%40%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E
https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc%40%3Cdev.logging.apache.org%3E
https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E
https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287%40%3Cissues.beam.apache.org%3E
https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c%40%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83%40%3Cgithub.beam.apache.org%3E
https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3%40%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211%40%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397%40%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8%40%3Cdev.tika.apache.org%3E
https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919%40%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad%40%3Cdev.tika.apache.org%3E
https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78%40%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1%40%3Cdev.tika.apache.org%3E
https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5%40%3Cdev.tika.apache.org%3E
https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826%40%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f%40%3Cgithub.beam.apache.org%3E
https://lists.apache.org/thread.html/r9d5c1b558a15d374bd5abd2d3ae3ca7e50e796a0efdcf91e9c5b4cdd%40%3Cgithub.beam.apache.org%3E
https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60%40%3Cdev.tika.apache.org%3E
https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d%40%3Ccommits.logging.apache.org%3E
https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead%40%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf%40%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8%40%3Cgithub.beam.apache.org%3E
https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7%40%3Cdev.tika.apache.org%3E
https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2%40%3Cdev.tika.apache.org%3E
https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422%40%3Ccommits.doris.apache.org%3E
https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e%40%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44%40%3Cgithub.beam.apache.org%3E
https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26%40%3Cdev.tika.apache.org%3E
https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374%40%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f%40%3Cdev.tika.apache.org%3E
https://security.netapp.com/advisory/ntap-20180726-0002/	Third Party Advisory
https://security.netapp.com/advisory/ntap-20181107-0002/	Third Party Advisory
https://www.oracle.com/security-alerts/cpuApr2021.html	Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2020.html	Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2020.html	Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2021.html	Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2022.html	Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2020.html	Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2020.html	Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html	Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html	Patch Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html	Patch Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html	Patch Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html	Patch Third Party Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

XiaomingX/awesome-poc-for-red-team

None

Updated: 4 days, 4 hours ago

0 stars 2 fork 2 watcher

Born at : Nov. 17, 2024, 11:53 a.m. This repo has been linked 414 different CVEs too.

rodriguezcappsec/java-vulnerabilities

repo so I can practice java secure code review

Java HTML

Updated: 5 days, 11 hours ago

0 stars 0 fork 0 watcher

Born at : Nov. 13, 2024, 5:51 p.m. This repo has been linked 10 different CVEs too.

CGCL-codes/LibHunter

None

Python Shell Batchfile

Updated: 2 months ago

0 stars 0 fork 0 watcher

Born at : Sept. 14, 2024, 5:56 a.m. This repo has been linked 89 different CVEs too.

LibHunter/LibHunter

None

Python Shell Batchfile

Updated: 5 months, 1 week ago

0 stars 0 fork 0 watcher

Born at : June 5, 2024, 8:22 a.m. This repo has been linked 89 different CVEs too.

q99266/saury-vulnhub

日积月累漏洞库

Updated: 7 months ago

0 stars 0 fork 0 watcher

Born at : April 21, 2024, 5:03 a.m. This repo has been linked 28 different CVEs too.

bakery312/Vulhub-Reproduce

None

Updated: 9 months, 3 weeks ago

0 stars 0 fork 0 watcher

Born at : Jan. 26, 2024, 10:07 a.m. This repo has been linked 161 different CVEs too.

hxysaury/saury-vulnhub

日积月累漏洞库

Updated: 4 months ago

9 stars 1 fork 1 watcher

Born at : Dec. 15, 2023, 9:20 a.m. This repo has been linked 28 different CVEs too.

CGCL-codes/PHunter

None

Java

Updated: 5 months, 4 weeks ago

7 stars 3 fork 3 watcher

Born at : May 27, 2023, 11:55 a.m. This repo has been linked 89 different CVEs too.

GhostTroops/myhktools

struts2全套Exp

struts2-exp

Java Python JavaScript Shell Batchfile VBScript Perl HTML

Updated: 7 months, 2 weeks ago

5 stars 1 fork 1 watcher

Born at : Dec. 21, 2022, 3:15 a.m. This repo has been linked 31 different CVEs too.

Anonymous-Phunter/PHunter

None

Java

Updated: 1 year, 2 months ago

3 stars 1 fork 1 watcher

Born at : Nov. 14, 2022, 2:30 a.m. This repo has been linked 89 different CVEs too.

spmonkey/spassassin

None

Updated: 8 months, 2 weeks ago

7 stars 0 fork 0 watcher

Born at : Oct. 18, 2022, 2:36 a.m. This repo has been linked 1 different CVEs too.

brunsu/woodswiki

None

HTML

Updated: 2 years, 4 months ago

0 stars 0 fork 0 watcher

Born at : Sept. 23, 2022, 1:59 p.m. This repo has been linked 43 different CVEs too.

touchmycrazyredhat/myhktools

None

Java Python JavaScript Shell Batchfile VBScript Perl HTML

Updated: 3 months, 1 week ago

0 stars 0 fork 0 watcher

Born at : Sept. 5, 2022, 2:10 p.m. This repo has been linked 31 different CVEs too.

ADP-Dynatrace/dt-appsec-powerup

Extension for Dynatrace App Sec Reporting

Python Shell

Updated: 2 years, 5 months ago

1 stars 0 fork 0 watcher

Born at : May 26, 2022, 8:18 p.m. This repo has been linked 11 different CVEs too.

Threekiii/Vulhub-Reproduce

一个Vulhub漏洞复现知识库

vulnerability exploit

Updated: 2 months, 2 weeks ago

448 stars 87 fork 87 watcher

Born at : March 3, 2022, 8:38 a.m. This repo has been linked 171 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2017-5645 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2017-5645 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

Action	Type	Old Value	New Value
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc%40%3Cdev.logging.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917%40%3Cannounce.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9%40%3Cdev.logging.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac%40%3Cissues.activemq.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c%40%3Cdev.tika.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1%40%3Cdev.tika.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6%40%3Cdev.tika.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c%40%3Cissues.activemq.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f%40%3Cdev.tika.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8%40%3Cdev.tika.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7%40%3Cdev.tika.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1%40%3Cdev.tika.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60%40%3Cdev.tika.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5%40%3Cdev.tika.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26%40%3Cdev.tika.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2%40%3Cdev.tika.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad%40%3Cdev.tika.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e%40%3Cissues.activemq.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826%40%3Cissues.activemq.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead%40%3Cissues.activemq.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211%40%3Cissues.activemq.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919%40%3Cissues.activemq.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78%40%3Cissues.activemq.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3%40%3Cissues.activemq.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374%40%3Cissues.activemq.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf%40%3Cissues.activemq.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c%40%3Cissues.activemq.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d%40%3Ccommits.logging.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397%40%3Cissues.activemq.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422%40%3Ccommits.doris.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287%40%3Cissues.beam.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8%40%3Cgithub.beam.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83%40%3Cgithub.beam.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/r9d5c1b558a15d374bd5abd2d3ae3ca7e50e796a0efdcf91e9c5b4cdd%40%3Cgithub.beam.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f%40%3Cgithub.beam.apache.org%3E [No types assigned]
Added	Reference		Apache Software Foundation https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44%40%3Cgithub.beam.apache.org%3E [No types assigned]
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc@%3Cdev.logging.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125@%3Cdev.logging.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917@%3Cannounce.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9@%3Cdev.logging.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac@%3Cissues.activemq.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c@%3Cdev.tika.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1@%3Cdev.tika.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6@%3Cdev.tika.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c@%3Cissues.activemq.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f@%3Cdev.tika.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8@%3Cdev.tika.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7@%3Cdev.tika.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1@%3Cdev.tika.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60@%3Cdev.tika.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26@%3Cdev.tika.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5@%3Cdev.tika.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2@%3Cdev.tika.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad@%3Cdev.tika.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826@%3Cissues.activemq.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e@%3Cissues.activemq.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211@%3Cissues.activemq.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead@%3Cissues.activemq.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919@%3Cissues.activemq.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78@%3Cissues.activemq.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3@%3Cissues.activemq.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374@%3Cissues.activemq.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c@%3Cissues.activemq.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf@%3Cissues.activemq.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d@%3Ccommits.logging.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397@%3Cissues.activemq.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422@%3Ccommits.doris.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287@%3Cissues.beam.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8@%3Cgithub.beam.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83@%3Cgithub.beam.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/r9d5c1b558a15d374bd5abd2d3ae3ca7e50e796a0efdcf91e9c5b4cdd@%3Cgithub.beam.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f@%3Cgithub.beam.apache.org%3E
Removed	Reference	Apache Software Foundation https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44@%3Cgithub.beam.apache.org%3E

Action	Type	Old Value	New Value
Changed	Reference Type	https://security.netapp.com/advisory/ntap-20180726-0002/ No Types Assigned	https://security.netapp.com/advisory/ntap-20180726-0002/ Third Party Advisory
Changed	Reference Type	http://www.securitytracker.com/id/1041294 No Types Assigned	http://www.securitytracker.com/id/1041294 Third Party Advisory, VDB Entry
Changed	Reference Type	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html No Types Assigned	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html Patch
Changed	Reference Type	https://access.redhat.com/errata/RHSA-2017:3244 No Types Assigned	https://access.redhat.com/errata/RHSA-2017:3244 Third Party Advisory
Changed	Reference Type	http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html No Types Assigned	http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html Patch
Changed	Reference Type	https://access.redhat.com/errata/RHSA-2017:3400 No Types Assigned	https://access.redhat.com/errata/RHSA-2017:3400 Third Party Advisory
Changed	Reference Type	https://access.redhat.com/errata/RHSA-2017:2889 No Types Assigned	https://access.redhat.com/errata/RHSA-2017:2889 Third Party Advisory
Changed	Reference Type	https://access.redhat.com/errata/RHSA-2017:2888 No Types Assigned	https://access.redhat.com/errata/RHSA-2017:2888 Third Party Advisory
Changed	Reference Type	https://access.redhat.com/errata/RHSA-2017:1417 No Types Assigned	https://access.redhat.com/errata/RHSA-2017:1417 Third Party Advisory
Changed	Reference Type	https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html No Types Assigned	https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html Patch
Changed	Reference Type	http://www.securitytracker.com/id/1040200 No Types Assigned	http://www.securitytracker.com/id/1040200 Third Party Advisory, VDB Entry
Changed	Reference Type	https://access.redhat.com/errata/RHSA-2017:2809 No Types Assigned	https://access.redhat.com/errata/RHSA-2017:2809 Third Party Advisory
Changed	Reference Type	https://access.redhat.com/errata/RHSA-2017:2808 No Types Assigned	https://access.redhat.com/errata/RHSA-2017:2808 Third Party Advisory
Changed	Reference Type	http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html No Types Assigned	http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html Patch
Changed	Reference Type	http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html No Types Assigned	http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html Patch
Changed	Reference Type	https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html No Types Assigned	https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html Patch
Changed	Reference Type	https://access.redhat.com/errata/RHSA-2017:2423 No Types Assigned	https://access.redhat.com/errata/RHSA-2017:2423 Third Party Advisory
Changed	Reference Type	https://access.redhat.com/errata/RHSA-2017:3399 No Types Assigned	https://access.redhat.com/errata/RHSA-2017:3399 Third Party Advisory
Changed	Reference Type	https://access.redhat.com/errata/RHSA-2017:2810 No Types Assigned	https://access.redhat.com/errata/RHSA-2017:2810 Third Party Advisory
Changed	Reference Type	https://access.redhat.com/errata/RHSA-2017:2633 No Types Assigned	https://access.redhat.com/errata/RHSA-2017:2633 Third Party Advisory
Changed	Reference Type	https://access.redhat.com/errata/RHSA-2017:2636 No Types Assigned	https://access.redhat.com/errata/RHSA-2017:2636 Third Party Advisory
Changed	Reference Type	https://access.redhat.com/errata/RHSA-2017:2635 No Types Assigned	https://access.redhat.com/errata/RHSA-2017:2635 Third Party Advisory
Changed	Reference Type	https://access.redhat.com/errata/RHSA-2017:2811 No Types Assigned	https://access.redhat.com/errata/RHSA-2017:2811 Third Party Advisory
Changed	Reference Type	https://access.redhat.com/errata/RHSA-2017:1802 No Types Assigned	https://access.redhat.com/errata/RHSA-2017:1802 Third Party Advisory
Changed	Reference Type	https://access.redhat.com/errata/RHSA-2017:2638 No Types Assigned	https://access.redhat.com/errata/RHSA-2017:2638 Third Party Advisory
Changed	Reference Type	https://access.redhat.com/errata/RHSA-2017:1801 No Types Assigned	https://access.redhat.com/errata/RHSA-2017:1801 Third Party Advisory
Changed	Reference Type	https://access.redhat.com/errata/RHSA-2017:2637 No Types Assigned	https://access.redhat.com/errata/RHSA-2017:2637 Third Party Advisory
Changed	Reference Type	https://issues.apache.org/jira/browse/LOG4J2-1863 Issue Tracking	https://issues.apache.org/jira/browse/LOG4J2-1863 Issue Tracking, Vendor Advisory
Changed	Reference Type	https://security.netapp.com/advisory/ntap-20181107-0002/ No Types Assigned	https://security.netapp.com/advisory/ntap-20181107-0002/ Third Party Advisory
Added	CPE Configuration		OR cpe:2.3:a:netapp:oncommand_api_services:-::::::: cpe:2.3:a:netapp:oncommand_insight:-::::::: cpe:2.3:a:netapp:oncommand_workflow_automation:-::::::: cpe:2.3:a:netapp:service_level_manager:-::::::: cpe:2.3:a:netapp:snapcenter:-::::::: cpe:2.3:a:netapp:storage_automation_store:-:::::::
Added	CPE Configuration		OR cpe:2.3:o:redhat:enterprise_linux:6.0::::::: cpe:2.3:o:redhat:enterprise_linux:6.7::::::: cpe:2.3:o:redhat:enterprise_linux:7.0::::::: cpe:2.3:o:redhat:enterprise_linux:7.3::::::: cpe:2.3:o:redhat:enterprise_linux:7.4::::::: cpe:2.3:o:redhat:enterprise_linux:7.5::::::: cpe:2.3:o:redhat:enterprise_linux:7.6::::::: cpe:2.3:o:redhat:enterprise_linux_desktop:7.0::::::: cpe:2.3:o:redhat:enterprise_linux_server:7.0::::::: cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4::::::: cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6::::::: cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4::::::: cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5::::::: cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6::::::: cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4::::::: cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6::::::: cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::
Added	CPE Configuration		OR cpe:2.3:a:oracle:api_gateway:11.1.2.4.0::::::: cpe:2.3:a:oracle:autovue_vuelink_integration:21.0.0::::::: cpe:2.3:a:oracle:autovue_vuelink_integration:21.0.1::::::: cpe:2.3:a:oracle:banking_platform:2.6.0::::::: cpe:2.3:a:oracle:banking_platform:2.6.1::::::: cpe:2.3:a:oracle:banking_platform:2.6.2::::::: cpe:2.3:a:oracle:bi_publisher:11.1.1.7.0::::::: cpe:2.3:a:oracle:bi_publisher:11.1.1.9.0::::::: cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0::::::: cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0::::::: cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.1::::::: cpe:2.3:a:oracle:communications_messaging_server::::::::* versions up to (excluding) 8.0.2 cpe:2.3:a:oracle:communications_online_mediation_controller:6.1::::::: cpe:2.3:a:oracle:communications_pricing_design_center:11.1::::::: cpe:2.3:a:oracle:communications_pricing_design_center:12.0::::::: cpe:2.3:a:oracle:communications_service_broker:6.0::::::: cpe:2.3:a:oracle:communications_webrtc_session_controller::::::::* versions up to (excluding) 7.2 cpe:2.3:a:oracle:configuration_manager:12.1.2.0.2::::::: cpe:2.3:a:oracle:configuration_manager:12.1.2.0.5::::::: cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.3.0::::::: cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5::::::: cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0::::::: cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:12.1.0.5::::::: cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.2.0.0::::::: cpe:2.3:a:oracle:enterprise_manager_for_mysql_database::::::::* versions up to (including) 13.2.2.0.0 cpe:2.3:a:oracle:enterprise_manager_for_oracle_database:12.1.0.8::::::: cpe:2.3:a:oracle:enterprise_manager_for_oracle_database:13.2.2::::::: cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.1.1.1::::::: cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.2.1.1::::::: cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure::::::::* versions from (including) 7.3.3.0.0 up to (including) 7.3.3.0.2 cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure::::::::* versions from (including) 8.0.0.0.0 up to (including) 8.0.7.0.0 cpe:2.3:a:oracle:financial_services_behavior_detection_platform:6.1.1::::::: cpe:2.3:a:oracle:financial_services_behavior_detection_platform::::::::* versions from (including) 8.0.0.0.0 up to (including) 8.0.4.0.0 cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.4::::::: cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.5::::::: cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.4::::::: cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.5::::::: cpe:2.3:a:oracle:financial_services_profitability_management:6.1.1::::::: cpe:2.3:a:oracle:financial_services_profitability_management::::::::* versions from (including) 8.0.0.0.0 up to (including) 8.0.7.0.0 cpe:2.3:a:oracle:flexcube_investor_servicing:12.0.4::::::: cpe:2.3:a:oracle:flexcube_investor_servicing:12.1.0::::::: cpe:2.3:a:oracle:flexcube_investor_servicing:12.3.0::::::: cpe:2.3:a:oracle:flexcube_investor_servicing:12.4.0::::::: cpe:2.3:a:oracle:flexcube_investor_servicing:14.0.0::::::: cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.2::::::: cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3::::::: cpe:2.3:a:oracle:goldengate_application_adapters:12.3.2.1.1::::::: cpe:2.3:a:oracle:identity_analytics:11.1.1.5.8::::::: cpe:2.3:a:oracle:identity_management_suite:11.1.2.3.0::::::: cpe:2.3:a:oracle:identity_management_suite:12.2.1.3.0::::::: cpe:2.3:a:oracle:insurance_calculation_engine:10.1.1::::::: cpe:2.3:a:oracle:insurance_calculation_engine:10.2.1::::::: cpe:2.3:a:oracle:insurance_policy_administration:10.0::::::: cpe:2.3:a:oracle:insurance_policy_administration:10.1::::::: cpe:2.3:a:oracle:insurance_policy_administration:10.2::::::: cpe:2.3:a:oracle:insurance_policy_administration:11.0::::::: cpe:2.3:a:oracle:insurance_rules_palette:10.0::::::: cpe:2.3:a:oracle:insurance_rules_palette:10.1::::::: cpe:2.3:a:oracle:insurance_rules_palette:10.2::::::: cpe:2.3:a:oracle:insurance_rules_palette:11.0::::::: cpe:2.3:a:oracle:insurance_rules_palette:11.1::::::: cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2::::::: cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0::::::: cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0::::::: cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0::::::: cpe:2.3:a:oracle:mysql_enterprise_monitor::::::::* versions from (including) 3.4.0.0 up to (including) 3.4.7.4297 cpe:2.3:a:oracle:mysql_enterprise_monitor::::::::* versions from (including) 4.0.0.0 up to (including) 4.0.4.5235 cpe:2.3:a:oracle:mysql_enterprise_monitor::::::::* versions from (including) 8.0.0.0.0 up to (including) 8.0.0.8131 cpe:2.3:a:oracle:peoplesoft_enterprise_fin_install:9.2::::::: cpe:2.3:a:oracle:policy_automation:10.4.7::::::: cpe:2.3:a:oracle:policy_automation:12.1.0::::::: cpe:2.3:a:oracle:policy_automation:12.1.1::::::: cpe:2.3:a:oracle:policy_automation:12.2.0::::::: cpe:2.3:a:oracle:policy_automation:12.2.1::::::: cpe:2.3:a:oracle:policy_automation:12.2.2::::::: cpe:2.3:a:oracle:policy_automation:12.2.3::::::: cpe:2.3:a:oracle:policy_automation:12.2.4::::::: cpe:2.3:a:oracle:policy_automation:12.2.5::::::: cpe:2.3:a:oracle:policy_automation:12.2.6::::::: cpe:2.3:a:oracle:policy_automation:12.2.7::::::: cpe:2.3:a:oracle:policy_automation:12.2.8::::::: cpe:2.3:a:oracle:policy_automation:12.2.9::::::: cpe:2.3:a:oracle:policy_automation:12.2.10::::::: cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6::::::: cpe:2.3:a:oracle:policy_automation_for_mobile_devices:10.4.7::::::: cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.1.0::::::: cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.1.1::::::: cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.0::::::: cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.1::::::: cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.2::::::: cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.3::::::: cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.4::::::: cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.5::::::: cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.6::::::: cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.7::::::: cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.8::::::: cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.9::::::: cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.10::::::: cpe:2.3:a:oracle:retail_clearance_optimization_engine:14.0.5::::::: cpe:2.3:a:oracle:retail_extract_transform_and_load:13.0::::::: cpe:2.3:a:oracle:retail_extract_transform_and_load:13.1::::::: cpe:2.3:a:oracle:retail_extract_transform_and_load:13.2::::::: cpe:2.3:a:oracle:retail_integration_bus:14.0.0::::::: cpe:2.3:a:oracle:retail_integration_bus:14.1.0::::::: cpe:2.3:a:oracle:retail_integration_bus:15.0::::::: cpe:2.3:a:oracle:retail_integration_bus:16.0::::::: cpe:2.3:a:oracle:retail_open_commerce_platform:5.3.0::::::: cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.0::::::: cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.1::::::: cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3::::::: cpe:2.3:a:oracle:siebel_ui_framework:18.7::::::: cpe:2.3:a:oracle:siebel_ui_framework:18.8::::::: cpe:2.3:a:oracle:siebel_ui_framework:18.9::::::: cpe:2.3:a:oracle:soa_suite:12.1.3.0.0::::::: cpe:2.3:a:oracle:soa_suite:12.2.2.0.0::::::: cpe:2.3:a:oracle:tape_library_acsls:8.4::::::: cpe:2.3:a:oracle:utilities_work_and_asset_management:1.9.1.2.12:::::::

Action	Type	Old Value	New Value
Added	CVSS V2		(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Added	CVSS V3		AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Changed	Reference Type	https://issues.apache.org/jira/browse/LOG4J2-1863 No Types Assigned	https://issues.apache.org/jira/browse/LOG4J2-1863 Issue Tracking
Changed	Reference Type	http://www.securityfocus.com/bid/97702 No Types Assigned	http://www.securityfocus.com/bid/97702 Third Party Advisory, VDB Entry
Added	CWE		CWE-502
Added	CPE Configuration		OR cpe:2.3:a:apache:log4j:2.0:alpha1::::::* cpe:2.3:a:apache:log4j:2.0:alpha2::::::* cpe:2.3:a:apache:log4j:2.0:beta1::::::* cpe:2.3:a:apache:log4j:2.0:beta2::::::* cpe:2.3:a:apache:log4j:2.0:beta3::::::* cpe:2.3:a:apache:log4j:2.0:beta4::::::* cpe:2.3:a:apache:log4j:2.0:beta5::::::* cpe:2.3:a:apache:log4j:2.0:beta6::::::* cpe:2.3:a:apache:log4j:2.0:beta7::::::* cpe:2.3:a:apache:log4j:2.0:beta8::::::* cpe:2.3:a:apache:log4j:2.0:beta9::::::* cpe:2.3:a:apache:log4j:2.0:rc1::::::* cpe:2.3:a:apache:log4j:2.0:rc2::::::* cpe:2.3:a:apache:log4j:2.0.1::::::: cpe:2.3:a:apache:log4j:2.0.2::::::: cpe:2.3:a:apache:log4j:2.1::::::: cpe:2.3:a:apache:log4j:2.2::::::: cpe:2.3:a:apache:log4j:2.3::::::: cpe:2.3:a:apache:log4j:2.4::::::: cpe:2.3:a:apache:log4j:2.4.1::::::: cpe:2.3:a:apache:log4j:2.5::::::: cpe:2.3:a:apache:log4j:2.6::::::: cpe:2.3:a:apache:log4j:2.6.1::::::: cpe:2.3:a:apache:log4j:2.6.2::::::: cpe:2.3:a:apache:log4j:2.7::::::: cpe:2.3:a:apache:log4j:2.8::::::: cpe:2.3:a:apache:log4j:2.8.1:::::::

CVE-2017-5645

Apache Log4j Remote Code Execution Vulnerability

Description

INFO

April 17, 2017, 9:59 p.m.

Nov. 7, 2023, 2:49 a.m.

Yes !

5.9

3.9

Public PoC/Exploit Available at Github

Affected Products

References to Advisories, Solutions, and Tools

CVE Modified by [email protected]

CVE Modified by [email protected]

Reanalysis by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Initial Analysis by [email protected]

CVE Modified by [email protected]

CWE - Common Weakness Enumeration

Common Attack Pattern Enumeration and Classification (CAPEC)

Exploit Prediction

87.38 }} 5.44%