Kaspersky Threats

Detect date

?

12/18/2021

Severity

?

High

Description

Denial of service vulnerability was found in Apache Log4j. Malicious users can exploit this vulnerability to cause denial of service.

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Affected products

Apache Log4j 2.0-beta9 before 2.3.1, 2.4.0 before 2.12.3, 2.13.0 before 2.17.0
Abbott GLP Track System
Akamai Siem Integration Connector
BCT e-Invoice
BMC Helix Platform
Barco OpSpace
BioJava Java library for processing biological data
Bosch Rexroth Bosch IoT gateway
Broadcom Symantec Advanced Authentication
CIS CAT Lite
CIS CAT Pro Assessor v3 Full and Dissolvable
CIS CAT Pro Assessor v4
CIS CSAT Pro
Dell APEX Console
Dell APEX Data Storage Services
Dell Cloud IQ
Dell Connectrix (Cisco MDS DCNM)
Dell Connectrix B-Series SANnav
Dell Data Domain OS
Dell EMC Avamar
Dell EMC BSN Controller Node
Dell EMC Cloud Disaster Recovery
Dell EMC Data Protection Central
Dell EMC Data Protection Search
Dell EMC ECS
Dell EMC Enterprise Storage Analytics for vRealize Operations
Dell EMC Integrated System for Azure Stack HCI
Dell EMC Integrated System for Microsoft Azure Stack Hub
Dell EMC Metro Node
Dell EMC NetWorker
Dell EMC Networking Virtual Edge Platform with VersaOS
Dell EMC OpenManage Enterprise Services
Dell EMC PowerFlex Appliance
Dell EMC PowerFlex Rack
Dell EMC PowerFlex Software (SDS)
Dell EMC PowerProtect DP Series Appliance (iDPA)
Dell EMC PowerProtect Data Manager
Dell EMC PowerStore
Dell EMC RecoverPoint
Dell EMC Ruckus SmartZone 300 Controller
Dell EMC Ruckus Virtual Software
Dell EMC SRM vApp
Dell EMC Streaming Data Platform
Dell EMC VxRail
Dell EMC XC
Dell Open Management Enterprise - Modular
Dell OpenManage Enterprise
Dell SRS Policy Manager
Dell Secure Connect Gateway (SCG) Appliance
Dell Secure Connect Gateway (SCG) Policy Manager
Dell SupportAssist Enterprise
Dell Unisphere Central
Dell VNXe 3200
Dell Vblock
Dell VxBlock
Dell Wyse Management Suite
Dell vRealize Data Protection Extension Data Management
Elastic Logstash
Elastic search
Ewon (HMS-Networks) eCatcher
FedEx Ship Manager
FileCap Server
GFI Software Kerio Connect
HPE Real Time Management System (RTMS)
Hitachi Energy FOXMAN-UN
Hitachi Energy UNEM
Hitachi Energy nMarket Global I-SEM
Kaltura Blackboard Learn SaaS in the classic Learn experience
Kaltura Blackboard Learn Self- and Managed-Hosting
NVIDIA DGX systems
NVIDIA NetQ
Nulab Backlog
Nulab Cacoo
Nulab Typetalk
Nutanix AOS (STS)
Nutanix Beam
Nutanix Calm
Nutanix Collector Portal
Nutanix Flow Security Central
Nutanix Frame
Nutanix Karbon
Nutanix Leap
Nutanix MSP
Nutanix Mine
Nutanix Objects
Nutanix Prism Central
Nutanix Sizer
Nutanix Volumes
Nutanix Witness VM
PTV Group Map&Market
PTV Group PTV Content Update Service
PTV Group PTV Developer
PTV Group PTV MaaS Modeller
PTV Group PTV Route Optimiser CL
PTV Group PTV Route Optimiser ST
PTV Group PTV Route Optimizer SaaS / Demonstrator
PTV Group PTV TLN planner internet
PTV Group PTV Visum Publisher
PTV Group PTV xServer
Palo Alto PAN-OS for Panorama
Phoenix Contact Cloud Services
QlikTech International Compose
QlikTech International Enterprise Manager
QlikTech International GeoAnalytics
QlikTech International Qlik Catalog
QlikTech International Replicate
Revenera FlexNet Publisher 64-bit License Server Manager
RuneCast Analyzer
SAP Hana Cockpit
SAP XS Advanced Runtime
Snow Software Snow Commander
Snow Software VM Access Proxy
SonicWall Email Security
SonicWall NSM On-Premise
Storage Center - Dell Storage Manager
SyncRO Soft SRL Batch Document Converter
SyncRO Soft SRL Git Client
SyncRO Soft SRL Oxygen Feedback Enterprise
SyncRO Soft SRL Oxygen License Server
SyncRO Soft SRL Oxygen PDF Chemistry
SyncRO Soft SRL Oxygen SDK
SyncRO Soft SRL Oxygen Web Author Test Server Add-on
SyncRO Soft SRL Oxygen XML Author
SyncRO Soft SRL Oxygen XML Content Fusion
SyncRO Soft SRL Oxygen XML Developer
SyncRO Soft SRL Oxygen XML Editor
SyncRO Soft SRL Oxygen XML Publishing Engine
SyncRO Soft SRL Oxygen XML Web Author
SyncRO Soft SRL Oxygen XML WebHelp
SyncRO Soft SRL Web Author PDF Plugin
SyncRO Soft SRL XSD to JSON Schema Converter
Trend Micro Deep Discovery Director
vRealize Orchestrator (vRO) Plug-ins for Dell EMC Storage

Solution

Update to the latest version

Original advisories

Fixed in Log4j 2.17.0

Impacts

?

DoS

[?]

Detect date ?	12/18/2021
Severity ?	High
Description	Denial of service vulnerability was found in Apache Log4j. Malicious users can exploit this vulnerability to cause denial of service.
Exploitation	Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Affected products	Apache Log4j 2.0-beta9 before 2.3.1, 2.4.0 before 2.12.3, 2.13.0 before 2.17.0 Abbott GLP Track System Akamai Siem Integration Connector BCT e-Invoice BMC Helix Platform Barco OpSpace BioJava Java library for processing biological data Bosch Rexroth Bosch IoT gateway Broadcom Symantec Advanced Authentication CIS CAT Lite CIS CAT Pro Assessor v3 Full and Dissolvable CIS CAT Pro Assessor v4 CIS CSAT Pro Dell APEX Console Dell APEX Data Storage Services Dell Cloud IQ Dell Connectrix (Cisco MDS DCNM) Dell Connectrix B-Series SANnav Dell Data Domain OS Dell EMC Avamar Dell EMC BSN Controller Node Dell EMC Cloud Disaster Recovery Dell EMC Data Protection Central Dell EMC Data Protection Search Dell EMC ECS Dell EMC Enterprise Storage Analytics for vRealize Operations Dell EMC Integrated System for Azure Stack HCI Dell EMC Integrated System for Microsoft Azure Stack Hub Dell EMC Metro Node Dell EMC NetWorker Dell EMC Networking Virtual Edge Platform with VersaOS Dell EMC OpenManage Enterprise Services Dell EMC PowerFlex Appliance Dell EMC PowerFlex Rack Dell EMC PowerFlex Software (SDS) Dell EMC PowerProtect DP Series Appliance (iDPA) Dell EMC PowerProtect Data Manager Dell EMC PowerStore Dell EMC RecoverPoint Dell EMC Ruckus SmartZone 300 Controller Dell EMC Ruckus Virtual Software Dell EMC SRM vApp Dell EMC Streaming Data Platform Dell EMC VxRail Dell EMC XC Dell Open Management Enterprise - Modular Dell OpenManage Enterprise Dell SRS Policy Manager Dell Secure Connect Gateway (SCG) Appliance Dell Secure Connect Gateway (SCG) Policy Manager Dell SupportAssist Enterprise Dell Unisphere Central Dell VNXe 3200 Dell Vblock Dell VxBlock Dell Wyse Management Suite Dell vRealize Data Protection Extension Data Management Elastic Logstash Elastic search Ewon (HMS-Networks) eCatcher FedEx Ship Manager FileCap Server GFI Software Kerio Connect HPE Real Time Management System (RTMS) Hitachi Energy FOXMAN-UN Hitachi Energy UNEM Hitachi Energy nMarket Global I-SEM Kaltura Blackboard Learn SaaS in the classic Learn experience Kaltura Blackboard Learn Self- and Managed-Hosting NVIDIA DGX systems NVIDIA NetQ Nulab Backlog Nulab Cacoo Nulab Typetalk Nutanix AOS (STS) Nutanix Beam Nutanix Calm Nutanix Collector Portal Nutanix Flow Security Central Nutanix Frame Nutanix Karbon Nutanix Leap Nutanix MSP Nutanix Mine Nutanix Objects Nutanix Prism Central Nutanix Sizer Nutanix Volumes Nutanix Witness VM PTV Group Map&Market PTV Group PTV Content Update Service PTV Group PTV Developer PTV Group PTV MaaS Modeller PTV Group PTV Route Optimiser CL PTV Group PTV Route Optimiser ST PTV Group PTV Route Optimizer SaaS / Demonstrator PTV Group PTV TLN planner internet PTV Group PTV Visum Publisher PTV Group PTV xServer Palo Alto PAN-OS for Panorama Phoenix Contact Cloud Services QlikTech International Compose QlikTech International Enterprise Manager QlikTech International GeoAnalytics QlikTech International Qlik Catalog QlikTech International Replicate Revenera FlexNet Publisher 64-bit License Server Manager RuneCast Analyzer SAP Hana Cockpit SAP XS Advanced Runtime Snow Software Snow Commander Snow Software VM Access Proxy SonicWall Email Security SonicWall NSM On-Premise Storage Center - Dell Storage Manager SyncRO Soft SRL Batch Document Converter SyncRO Soft SRL Git Client SyncRO Soft SRL Oxygen Feedback Enterprise SyncRO Soft SRL Oxygen License Server SyncRO Soft SRL Oxygen PDF Chemistry SyncRO Soft SRL Oxygen SDK SyncRO Soft SRL Oxygen Web Author Test Server Add-on SyncRO Soft SRL Oxygen XML Author SyncRO Soft SRL Oxygen XML Content Fusion SyncRO Soft SRL Oxygen XML Developer SyncRO Soft SRL Oxygen XML Editor SyncRO Soft SRL Oxygen XML Publishing Engine SyncRO Soft SRL Oxygen XML Web Author SyncRO Soft SRL Oxygen XML WebHelp SyncRO Soft SRL Web Author PDF Plugin SyncRO Soft SRL XSD to JSON Schema Converter Trend Micro Deep Discovery Director vRealize Orchestrator (vRO) Plug-ins for Dell EMC Storage
Solution	Update to the latest version
Original advisories	Fixed in Log4j 2.17.0
Impacts ?	DoS [?]
Related products	Apache Log4j
CVE-IDS ?	CVE-2021-451054.3Warning
	Find out the statistics of the vulnerabilities spreading in your region

KLA12394DoS vulnerability in Apache Log4j

KLA12394
DoS vulnerability in Apache Log4j