What is the severity of REDHAT-BUG-2041949?

The severity of REDHAT-BUG-2041949 is high due to the potential for remote code execution through deserialization vulnerabilities.

How do I fix REDHAT-BUG-2041949?

To fix REDHAT-BUG-2041949, update to a supported version of Log4j that is not affected by this vulnerability.

What versions of Log4j are affected by REDHAT-BUG-2041949?

REDHAT-BUG-2041949 affects all versions of Log4j 1.x.

What should I do if I have write access to the Log4j configuration regarding REDHAT-BUG-2041949?

If you have write access to the Log4j configuration, ensure it does not reference any untrusted LDAP services to mitigate the risk of exploitation associated with REDHAT-BUG-2041949.

Are there any known exploits for REDHAT-BUG-2041949?

Yes, there are known exploitation techniques that leverage the deserialization vulnerability in REDHAT-BUG-2041949.

Vulnerability/
REDHAT-BUG-2041949

medium

18/1/2022

26/8/2024

REDHAT-BUG-2041949

First published: Tue Jan 18 2022(Updated: )

JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to <a href="https://access.redhat.com/security/cve/CVE-2021-4104">CVE-2021-4104</a>. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. References: <a href="https://www.openwall.com/lists/oss-security/2022/01/18/3">https://www.openwall.com/lists/oss-security/2022/01/18/3</a>

Affected Software	Affected Version	How to fix
Apache Log4j	<=1.x

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of REDHAT-BUG-2041949?
The severity of REDHAT-BUG-2041949 is high due to the potential for remote code execution through deserialization vulnerabilities.
How do I fix REDHAT-BUG-2041949?
To fix REDHAT-BUG-2041949, update to a supported version of Log4j that is not affected by this vulnerability.
What versions of Log4j are affected by REDHAT-BUG-2041949?
REDHAT-BUG-2041949 affects all versions of Log4j 1.x.
What should I do if I have write access to the Log4j configuration regarding REDHAT-BUG-2041949?
If you have write access to the Log4j configuration, ensure it does not reference any untrusted LDAP services to mitigate the risk of exploitation associated with REDHAT-BUG-2041949.
Are there any known exploits for REDHAT-BUG-2041949?
Yes, there are known exploitation techniques that leverage the deserialization vulnerability in REDHAT-BUG-2041949.

agent/type
agent/first-publish-date
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2022-23302
agent/severity
agent/references
agent/last-modified-date
agent/description
agent/event
agent/source
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/apache
canonical/apache log4j