What is the severity of CVE-2024-12801?

CVE-2024-12801 has been assessed as a critical vulnerability due to its potential to allow Server-Side Request Forgery (SSRF) attacks.

How do I fix CVE-2024-12801?

To fix CVE-2024-12801, upgrade the logback-core package to version 1.3.15 or to any version from 1.5.13 and above.

Which versions of logback are affected by CVE-2024-12801?

CVE-2024-12801 affects logback-core versions from 0.1 up to 1.3.14 and from 1.4.0 up to 1.5.12.

What type of vulnerability is CVE-2024-12801?

CVE-2024-12801 is classified as a Server-Side Request Forgery (SSRF) vulnerability.

Can exploiting CVE-2024-12801 lead to data breaches?

Yes, exploiting CVE-2024-12801 can potentially lead to data breaches by allowing attackers to execute unauthorized requests.

Vulnerability/
CVE-2024-12801

low

2.4

CWE

918

19/12/2024

2/5/2025

CVE-2024-12801: SaxEventRecorder vulnerable to Server-Side Request Forgery (SSRF) attacks

First published: Thu Dec 19 2024(Updated: )

Server-Side Request Forgery (SSRF) in SaxEventRecorder by QOS.CH logback version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 on the Java platform, allows an attacker to forge requests by compromising logback configuration files in XML. The attacks involves the modification of DOCTYPE declaration in XML configuration files.

Credit: vulnerability@ncsc.ch vulnerability@ncsc.ch

Affected Software	Affected Version	How to fix
maven/ch.qos.logback:logback-core	<1.3.15	1.3.15
maven/ch.qos.logback:logback-core	>=1.4.0<1.5.13	1.5.13

Remedy

Update to logback version 1.5.13 or later. If you are using the 1.3.x series, update to logback version 1.3.15 or later. Note that the 1.4.x series remains vulnerable.

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-7232197

Frequently Asked Questions

What is the severity of CVE-2024-12801?
CVE-2024-12801 has been assessed as a critical vulnerability due to its potential to allow Server-Side Request Forgery (SSRF) attacks.
How do I fix CVE-2024-12801?
To fix CVE-2024-12801, upgrade the logback-core package to version 1.3.15 or to any version from 1.5.13 and above.
Which versions of logback are affected by CVE-2024-12801?
CVE-2024-12801 affects logback-core versions from 0.1 up to 1.3.14 and from 1.4.0 up to 1.5.12.
What type of vulnerability is CVE-2024-12801?
CVE-2024-12801 is classified as a Server-Side Request Forgery (SSRF) vulnerability.
Can exploiting CVE-2024-12801 lead to data breaches?
Yes, exploiting CVE-2024-12801 can potentially lead to data breaches by allowing attackers to execute unauthorized requests.

agent/weakness
agent/title
agent/first-publish-date
agent/type
agent/severity
agent/author
agent/trending
collector/mitre-cve
source/MITRE
agent/remedy
agent/references
agent/event
collector/nvd-api
source/NVD
collector/github-advisory-latest
source/GitHub
alias/GHSA-6v67-2wr5-gvf4
alias/CVE-2024-12801
agent/software-canonical-lookup
agent/last-modified-date
agent/softwarecombine
collector/nvd-cve
agent/description
collector/github-advisory
agent/source
agent/tags
collector/ibm-support
source/IBM
package-manager/maven

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.