KLA12391 RCE vulnerability in Apache Log4j

Remote code execution vulnerability was found in Apache Log4j. Malicious users can exploit this vulnerability to execute arbitrary code.

Original advisories

Apache Log4j Security Vulnerabilities

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Apache-Log4j

CVE list

CVE-2021-45046 critical

Solution

Update to the latest version

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

Affected Products

• Apache Log4j 2.0-beta9 before 2.12.2, 2.13.0 before 2.16.0API Portal for VMware TanzuAbbott GLP Track SystemAkamai Siem Integration ConnectorAppDynamics with Cisco Secure ApplicationBCT LIBERBCT e-InvoiceBMC AMI Ops InsightBMC Bladelogic Database AutomationBMC Helix Data ManagerBMC Helix ITSMBMC Helix PlatformBMC Remedy Smart ReportingBMC TrueSight Automation ConsoleBarco OpSpaceBeckman Coulter Information SystemsBioJava Java library for processing biological dataBosch Rexroth Bosch IoT gatewayBroadcom Cloud Workload Assurance (CWA)Broadcom Cloud Workload Protection (CWP)Broadcom Cloud Workload Protection for Storage (CWP:S)Broadcom Industrial Control System Protection (ICSP)Broadcom LiveUpdate Administrator (LUA)Broadcom Symantec Advanced AuthenticationBroadcom Symantec Endpoint Detection and Response (EDR) On-premiseBroadcom Symantec Endpoint Protection Manager (SEPM)Broadcom Symantec Privileged Access Manager (PAM)CIS CAT LiteCIS CAT Pro Assessor v3 Full and DissolvableCIS CAT Pro Assessor v4CIS CSAT ProCisco AppDynamicsCisco Application Policy Infrastructure Controller (APIC) - Network Insights Base AppCisco Automated Subsea TuningCisco BroadWorksCisco Business Process AutomationCisco CX CloudCisco Call StudioCisco Cloud ConnectCisco CloudCenterCisco CloudlockCisco Common Services Platform Collector (CSPC)Cisco Connected Mobile Experiences (CMX)Cisco Contact Center Domain Manager (CCDM)Cisco Contact Center Management Portal (CCMP)Cisco Crosswork Data GatewayCisco Crosswork Network ControllerCisco Crosswork Optimization EngineCisco Crosswork Platform InfrastructureCisco Crosswork Situation ManagerCisco Crosswork Zero Touch Provisioning (ZTP)Cisco Cyber Vision Sensor Management ExtensionCisco DNA CenterCisco DNA Spaces ConnectorCisco Data Center Network Manager (DCNM)Cisco Duo Security for GovernmentCisco Emergency ResponderCisco Enterprise Chat and EmailCisco Evolved Programmable Network ManagerCisco eSIM FlexCitrix Endpoint Management (XenMobile Server)Dell APEX ConsoleDell APEX Data Storage ServicesDell Cloud IQDell Connectrix (Cisco MDS DCNM)Dell EMC BSN Controller NodeDell EMC Cloud Disaster RecoveryDell EMC Data Protection CentralDell EMC Data Protection SearchDell EMC ECSDell EMC Enterprise Storage Analytics for vRealize OperationsDell EMC Integrated System for Azure Stack HCIDell EMC Integrated System for Microsoft Azure Stack HubDell EMC NetWorkerDell EMC Networking Virtual Edge Platform with VersaOSDell EMC OpenManage Enterprise ServicesDell EMC PowerStoreDell EMC Ruckus SmartZone 300 ControllerDell EMC Ruckus Virtual SoftwareDell EMC Streaming Data PlatformDell EMC XCDell Open Management Enterprise - ModularDell OpenManage EnterpriseDell Secure Connect Gateway (SCG) ApplianceDell Secure Connect Gateway (SCG) Policy ManagerDell SupportAssist EnterpriseDell Unisphere CentralDell VblockDell VxBlockDell Wyse Management SuiteDell vRealize Data Protection Extension Data ManagementElastic LogstashElastic searchEwon (HMS-Networks) eCatcherFedEx Ship ManagerFileCap ServerGFI Software Kerio ConnectHPE Real Time Management System (RTMS)Hitachi Energy AxisHitachi Energy FOXMAN-UNHitachi Energy Lumada APM On-premisesHitachi Energy Lumada APM SaaSHitachi Energy Network Manager Outage Management Interface (OMI) – Third Party Oracle Database Components (Trace File Analyzer, SQL Developer, Property Graph)Hitachi Energy Network Manager SCADA/EMS, Ranger and NMR Product – Third Party Oracle Database Components (Trace File Analyzer, SQL Developer, Property Graph)Hitachi Energy RelCareHitachi Energy UNEMHitachi Energy e-Mesh MonitorHitachi Energy nMarket Global I-SEMIBM Cognos AnalyticsJava Melody 1.90.0Kaltura Blackboard Learn SaaS in the classic Learn experienceKaltura Blackboard Learn Self- and Managed-HostingNVIDIA CUDA Toolkit Nsight Eclipse EditionNVIDIA CUDA Toolkit Visual ProfilerNVIDIA DGX systemsNVIDIA NetQNulab BacklogNulab CacooNulab TypetalkNutanix BeamNutanix CalmNutanix Collector PortalNutanix Flow Security CentralNutanix FrameNutanix Karbon Platform ServiceNutanix LeapNutanix Prism CentralNutanix SizerPTV Group Map&MarketPTV Group PTV Content Update ServicePTV Group PTV DeveloperPTV Group PTV MaaS ModellerPTV Group PTV Route Optimiser CLPTV Group PTV Route Optimiser STPTV Group PTV Route Optimizer SaaS / DemonstratorPTV Group PTV TLN planner internetPTV Group PTV Visum PublisherPTV Group PTV xServerPalo Alto PAN-OS for PanoramaPalo-Alto Networks Exact Data Matching CLIPhoenix Contact Cloud ServicesQlikTech International Qlik CatalogRuneCast AnalyzerSAP Hana CockpitSAP XS Advanced RuntimeSchneider Electric EASYFITSchneider Electric EcoStruxure IT ExpertSchneider Electric EcoStruxure IT GatewaySchneider Electric Ecoreal XLSchneider Electric Facility Expert Small BusinessSchneider Electric MSESchneider Electric NEW630Schneider Electric NetBotz750/755Schneider Electric SDK BOMSchneider Electric SDK-DocgenSchneider Electric SDK-TNCSchneider Electric SDK-UMSSchneider Electric SDK3D-2DRendererSchneider Electric SDK3D-360WidgetSchneider Electric SNC-APISchneider Electric SNC-CMMSchneider Electric SNC-SEMTECHSchneider Electric SPIMV3Schneider Electric SWBEditorSchneider Electric SWBEngineSchneider Electric Select and Config DATASchneider Electric Wiser by SE platformSingle Sign-On for VMware Tanzu Application ServiceSnow Software Snow CommanderSnow Software VM Access ProxySonicWall Email SecuritySonicWall NSM On-PremiseSpring Cloud Gateway for VMware TanzuSpring Cloud Services for VMware TanzuStorage Center - Dell Storage ManagerStormShield Visibility CenterSyncRO Soft SRL Batch Document ConverterSyncRO Soft SRL Git ClientSyncRO Soft SRL Oxygen Feedback EnterpriseSyncRO Soft SRL Oxygen License ServerSyncRO Soft SRL Oxygen PDF ChemistrySyncRO Soft SRL Oxygen SDKSyncRO Soft SRL Oxygen Web Author Test Server Add-onSyncRO Soft SRL Oxygen XML AuthorSyncRO Soft SRL Oxygen XML Content FusionSyncRO Soft SRL Oxygen XML DeveloperSyncRO Soft SRL Oxygen XML EditorSyncRO Soft SRL Oxygen XML Publishing EngineSyncRO Soft SRL Oxygen XML Web AuthorSyncRO Soft SRL Oxygen XML WebHelpSyncRO Soft SRL Web Author PDF PluginSyncRO Soft SRL XSD to JSON Schema ConverterTrend Micro Deep Discovery DirectorVMware App MetricsVMware Carbon Black Cloud Workload ApplianceVMware Carbon Black EDR serverVMware Cloud Director Object Storage ExtensionVMware Cloud Provider Lifecycle ManagerVMware Greenplum TextVMware HCXVMware Harbor Container Registry for TKGIVMware Healthwatch for Tanzu Application ServiceVMware HorizonVMware Identity ManagerVMware Integrated OpenStackVMware NSX Data Center for vSphereVMware NSX-T Data CenterVMware NSX-T Intelligence ApplianceVMware SD-WAN VCOVMware Site Recovery Manager, vSphere ReplicationVMware Smart Assurance M&RVMware Smart Assurance NCMVMware Smart Assurance SAM [Service Assurance Manager]VMware Spring Cloud Gateway for KubernetesVMware Tanzu Application Services for VMsVMware Tanzu GemFireVMware Tanzu Greenplum Platform Extension FrameworkVMware Tanzu Kubernetes Grid Integrated EditionVMware Tanzu Observability ProxyVMware Tanzu Observability by Wavefront NozzleVMware Tanzu Operations ManagerVMware Tanzu SchedulerVMware Telco Cloud OperationsVMware Unified Access Gateway (UAG)VMware Workspace ONE AccessVMware vRealize AutomationVMware vRealize Business for CloudVMware vRealize Log InsightVMware vRealize Network InsightVMware vRealize OperationsVMware vRealize OrchestratorvRealize Operations Tenant App for VMware Cloud DirectorvRealize Orchestrator (vRO) Plug-ins for Dell EMC Storage