Lucene search
F5F5:K23173103HistoryJan 31, 2018 - 12:00 a.m.
K23173103 : log4j vulnerability CVE-2017-5645
2018-01-3100:00:00
my.f5.com
275
Security Advisory Description
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code. (CVE-2017-5645)
Impact
There is no impact; F5 products are not affected by this vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| big-ip afm | eq | 11.5.1 | |
| big-ip afm | eq | 11.5.2 | |
| big-ip afm | eq | 11.5.3 | |
| big-ip afm | eq | 11.5.4 | |
| big-ip afm | eq | 11.5.5 | |
| big-ip afm | eq | 11.6.1 | |
| big-ip afm | eq | 11.6.2 | |
| big-ip afm | eq | 11.6.3 | |
| big-ip afm | eq | 12.0.0 | |
| big-ip afm | eq | 12.1.0 |
Related
checkpoint_advisories
checkpoint_advisories
Apache Log4j Remote Code Execution (CVE-2017-5645)
2022-01-02 00:00:00
openvas
openvas
Fedora Update for log4j12 FEDORA-2017-8348115acd
2017-06-13 00:00:00
RedHat Update for log4j RHSA-2017:2423-01
2017-08-08 00:00:00
Huawei EulerOS: Security Advisory for log4j (EulerOS-SA-2017-1214)
2020-01-23 00:00:00
nvd
nvd
CVE-2017-5645
2017-04-17 21:59:00
cvelist
cvelist
CVE-2017-5645
2017-04-17 21:00:00
cve
cve
CVE-2017-5645
2017-04-17 21:59:00
redhat
redhat
osv
osv
CVE-2017-5645
2017-04-17 21:59:00
Deserialization of Untrusted Data in Log4j
2020-01-06 18:43:38
fedora
fedora
[SECURITY] Fedora 26 Update: log4j-2.7-4.fc26
2017-05-02 15:59:49
[SECURITY] Fedora 24 Update: log4j12-1.2.17-19.fc24
2017-06-12 19:29:11
[SECURITY] Fedora 24 Update: log4j-2.5-3.fc24
2017-05-04 18:26:42
nessus
nessus
Fedora 25 : log4j12 (2017-8348115acd)
2017-06-13 00:00:00
Fedora 24 : log4j12 (2017-7e0ff7f73a)
2017-06-13 00:00:00
Scientific Linux Security Update : log4j on SL7.x (noarch) (20170807)
2017-08-22 00:00:00
ubuntucve
ubuntucve
CVE-2017-5645
2017-04-17 00:00:00
github
github
Deserialization of Untrusted Data in Log4j
2020-01-06 18:43:38
debiancve
debiancve
CVE-2017-5645
2017-04-17 21:59:00
veracode
veracode
Remote Code Execution (RCE)
2019-01-15 09:17:41
Remote Code Execution (RCE)
2017-04-18 01:36:45
oraclelinux
oraclelinux
log4j security update
2017-08-09 00:00:00
log4j security update
2022-05-23 00:00:00
seebug
seebug
Apache Log4j socket receiver deserialization vulnerability (CVE-2017-5645)
2017-04-18 00:00:00
symantec
symantec
Apache Log4j CVE-2017-5645 Remote Code Execution Vulnerability
2017-04-17 00:00:00
myhack58
myhack58
prion
prion
Code injection
2017-04-17 21:59:00
redhatcve
redhatcve
CVE-2017-5645
2019-10-10 10:12:57
CVE-2019-17571
2020-04-05 23:06:12
centos
centos
log4j security update
2017-08-31 18:57:53
githubexploit
githubexploit
Exploit for Deserialization of Untrusted Data in Apache Log4J
2019-12-25 16:46:11
amazon
amazon
Important: log4j
2022-01-18 20:15:00
Medium: log4j
2022-01-18 21:37:00
attackerkb
attackerkb
CVE-2019-17571
2019-12-20 00:00:00
ibm
ibm
impervablog
impervablog
Deserialization Attacks Surge Motivated by Illegal Crypto-mining
2018-01-24 17:45:08
oracle
oracle
Oracle Critical Patch Update - April 2018
2018-04-17 00:00:00
Oracle Critical Patch Update Advisory - October 2019
2020-01-22 00:00:00
Oracle Critical Patch Update Advisory - January 2019
2019-01-15 00:00:00