Rewterz Threat Alert – FormBook Malware – Active IOCs
January 18, 2022Rewterz Threat Advisory – CVE-2022-0185 – Linux Kernel Vulnerability
January 19, 2022Rewterz Threat Alert – FormBook Malware – Active IOCs
January 18, 2022Rewterz Threat Advisory – CVE-2022-0185 – Linux Kernel Vulnerability
January 19, 2022Severity
High
Analysis Summary
CVE-2022-23307
Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the in Apache Chainsaw component. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2022-23305
Apache Log4j is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the JDBCAppender, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVE-2022-23302
Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
- Data Manipulation
Affected Vendors
Apache
Affected Products
- Apache Chainsaw 2.0.0
- Apache Log4j 1.2
Remediation
Upgrade to the latest version of Apache Log4j, Apache Chainsaw, available from the Apache Web site.
Apache Log4j:
Apache Chainsaw: