Lucene search
F5F5:K61529042HistoryApr 08, 2020 - 12:00 a.m.
K61529042 : Log4j vulnerability CVE-2019-17571
2020-04-0800:00:00
my.f5.com
296
Security Advisory Description
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17. (CVE-2019-17571)
Impact
There is no impact; F5 products are not affected by this vulnerability.
Related
debian
debian
[SECURITY] [DLA 2065-1] apache-log4j1.2 security update
2020-01-12 22:27:19
[SECURITY] [DSA 4686-1] apache-log4j1.2 security update
2020-05-15 22:17:02
[SECURITY] [DSA 4686-1] apache-log4j1.2 security update
2020-05-15 22:17:02
nessus
nessus
Debian DLA-2065-1 : apache-log4j1.2 security update
2020-01-13 00:00:00
Ubuntu 18.04 LTS : Apache Log4j vulnerability (USN-4495-1)
2020-09-15 00:00:00
Debian DSA-4686-1 : apache-log4j1.2 - security update
2020-05-18 00:00:00
suse
suse
Security update for log4j (important)
2020-01-14 00:00:00
redhat
redhat
(RHSA-2022:5053) Important: log4j security update
2022-06-15 10:01:13
(RHSA-2017:2423) Important: log4j security update
2017-08-07 07:26:13
cloudlinux
cloudlinux
Fixed CVE-2019-17571 in log4j
2022-06-21 20:23:31
ibm
ibm
github
github
Deserialization of Untrusted Data in Log4j
2020-01-06 18:43:49
osv
osv
Deserialization of Untrusted Data in Log4j
2020-01-06 18:43:49
apache-log4j1.2 - security update
2020-05-16 00:00:00
apache-log4j1.2 - security update
2020-01-12 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:0054-1)
2021-04-19 00:00:00
Apache Log4j 1.2.x <= 1.2.17 RCE Vulnerability - Windows
2021-12-22 00:00:00
Debian: Security Advisory (DLA-2065-1)
2020-01-13 00:00:00
nvd
nvd
CVE-2019-17571
2019-12-20 17:15:11
debiancve
debiancve
CVE-2019-17571
2019-12-20 17:15:11
veracode
veracode
Arbitrary Code Execution
2019-12-23 04:57:47
Remote Code Execution (RCE)
2017-04-18 01:36:45
ubuntucve
ubuntucve
CVE-2019-17571
2019-12-20 00:00:00
prion
prion
Deserialization of untrusted data
2019-12-20 17:15:00
cve
cve
CVE-2019-17571
2019-12-20 17:15:11
ubuntu
ubuntu
Apache Log4j vulnerability
2020-09-15 00:00:00
Apache Log4j vulnerabilities
2023-04-05 00:00:00
checkpoint_advisories
checkpoint_advisories
Apache Log4j Remote Code Execution (CVE-2019-17571)
2020-03-01 00:00:00
atlassian
atlassian
symantec
symantec
cvelist
cvelist
CVE-2019-17571
2019-12-20 16:01:21
redhatcve
redhatcve
CVE-2017-5645
2019-10-10 10:12:57
CVE-2019-17571
2020-04-05 23:06:12
centos
centos
log4j security update
2017-08-31 18:57:53
githubexploit
githubexploit
Exploit for Deserialization of Untrusted Data in Apache Log4J
2019-12-25 16:46:11
Exploit for Deserialization of Untrusted Data in Apache Log4J
2021-12-13 19:14:23
Exploit for Deserialization of Untrusted Data in Apache Log4J
2021-12-13 07:48:49
rosalinux
rosalinux
Advisory ROSA-SA-2021-1909
2021-07-02 17:26:24
attackerkb
attackerkb
CVE-2019-17571
2019-12-20 00:00:00
amazon
amazon
Important: log4j
2022-01-18 20:15:00
Medium: log4j
2022-01-18 21:37:00
mageia
mageia
Updated davmail packages fix security vulnerability
2023-04-15 22:03:44
gentoo
gentoo
Apache Log4j: Multiple Vulnerabilities
2024-02-18 00:00:00
cert
cert
Apache Log4j allows insecure JNDI lookups
2021-12-15 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
Oracle Critical Patch Update Advisory - July 2022
2022-07-19 00:00:00
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00