KLA12394 DoS vulnerability in Apache Log4j

Denial of service vulnerability was found in Apache Log4j. Malicious users can exploit this vulnerability to cause denial of service.

Original advisories

Fixed in Log4j 2.17.0

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Apache-Log4j

CVE list

CVE-2021-45105 high

Solution

Update to the latest version

Impacts

• DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

• SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

Affected Products

• Apache Log4j 2.0-beta9 before 2.3.1, 2.4.0 before 2.12.3, 2.13.0 before 2.17.0Abbott GLP Track SystemAkamai Siem Integration ConnectorBCT e-InvoiceBMC Helix PlatformBarco OpSpaceBioJava Java library for processing biological dataBosch Rexroth Bosch IoT gatewayBroadcom Symantec Advanced AuthenticationCIS CAT LiteCIS CAT Pro Assessor v3 Full and DissolvableCIS CAT Pro Assessor v4CIS CSAT ProDell APEX ConsoleDell APEX Data Storage ServicesDell Cloud IQDell Connectrix (Cisco MDS DCNM)Dell Connectrix B-Series SANnavDell Data Domain OSDell EMC AvamarDell EMC BSN Controller NodeDell EMC Cloud Disaster RecoveryDell EMC Data Protection CentralDell EMC Data Protection SearchDell EMC ECSDell EMC Enterprise Storage Analytics for vRealize OperationsDell EMC Integrated System for Azure Stack HCIDell EMC Integrated System for Microsoft Azure Stack HubDell EMC Metro NodeDell EMC NetWorkerDell EMC Networking Virtual Edge Platform with VersaOSDell EMC OpenManage Enterprise ServicesDell EMC PowerFlex ApplianceDell EMC PowerFlex RackDell EMC PowerFlex Software (SDS)Dell EMC PowerProtect DP Series Appliance (iDPA)Dell EMC PowerProtect Data ManagerDell EMC PowerStoreDell EMC RecoverPointDell EMC Ruckus SmartZone 300 ControllerDell EMC Ruckus Virtual SoftwareDell EMC SRM vAppDell EMC Streaming Data PlatformDell EMC VxRailDell EMC XCDell Open Management Enterprise - ModularDell OpenManage EnterpriseDell SRS Policy ManagerDell Secure Connect Gateway (SCG) ApplianceDell Secure Connect Gateway (SCG) Policy ManagerDell SupportAssist EnterpriseDell Unisphere CentralDell VNXe 3200Dell VblockDell VxBlockDell Wyse Management SuiteDell vRealize Data Protection Extension Data ManagementElastic LogstashElastic searchEwon (HMS-Networks) eCatcherFedEx Ship ManagerFileCap ServerGFI Software Kerio ConnectHPE Real Time Management System (RTMS)Hitachi Energy FOXMAN-UNHitachi Energy UNEMHitachi Energy nMarket Global I-SEMKaltura Blackboard Learn SaaS in the classic Learn experienceKaltura Blackboard Learn Self- and Managed-HostingNVIDIA DGX systemsNVIDIA NetQNulab BacklogNulab CacooNulab TypetalkNutanix AOS (STS)Nutanix BeamNutanix CalmNutanix Collector PortalNutanix Flow Security CentralNutanix FrameNutanix KarbonNutanix LeapNutanix MSPNutanix MineNutanix ObjectsNutanix Prism CentralNutanix SizerNutanix VolumesNutanix Witness VMPTV Group Map&MarketPTV Group PTV Content Update ServicePTV Group PTV DeveloperPTV Group PTV MaaS ModellerPTV Group PTV Route Optimiser CLPTV Group PTV Route Optimiser STPTV Group PTV Route Optimizer SaaS / DemonstratorPTV Group PTV TLN planner internetPTV Group PTV Visum PublisherPTV Group PTV xServerPalo Alto PAN-OS for PanoramaPhoenix Contact Cloud ServicesQlikTech International ComposeQlikTech International Enterprise ManagerQlikTech International GeoAnalyticsQlikTech International Qlik CatalogQlikTech International ReplicateRevenera FlexNet Publisher 64-bit License Server ManagerRuneCast AnalyzerSAP Hana CockpitSAP XS Advanced RuntimeSnow Software Snow CommanderSnow Software VM Access ProxySonicWall Email SecuritySonicWall NSM On-PremiseStorage Center - Dell Storage ManagerSyncRO Soft SRL Batch Document ConverterSyncRO Soft SRL Git ClientSyncRO Soft SRL Oxygen Feedback EnterpriseSyncRO Soft SRL Oxygen License ServerSyncRO Soft SRL Oxygen PDF ChemistrySyncRO Soft SRL Oxygen SDKSyncRO Soft SRL Oxygen Web Author Test Server Add-onSyncRO Soft SRL Oxygen XML AuthorSyncRO Soft SRL Oxygen XML Content FusionSyncRO Soft SRL Oxygen XML DeveloperSyncRO Soft SRL Oxygen XML EditorSyncRO Soft SRL Oxygen XML Publishing EngineSyncRO Soft SRL Oxygen XML Web AuthorSyncRO Soft SRL Oxygen XML WebHelpSyncRO Soft SRL Web Author PDF PluginSyncRO Soft SRL XSD to JSON Schema ConverterTrend Micro Deep Discovery DirectorvRealize Orchestrator (vRO) Plug-ins for Dell EMC Storage