KLA12407
RCE vulnerability in Apache Log4j

Updated: 01/18/2022
Detect date
?
12/14/2021
Severity
?
High
Description

Remote code execution vulnerability was found in Apache Log4j. Malicious users can exploit this vulnerability to execute arbitrary code.

Affected products

Apache Log4j 1.2
Bosch Rexroth Bosch IoT gateway
Hitachi Energy nMarket CAISO
Hitachi Energy nMarket Global MISO SaaS
Hitachi Energy nMarket Global SPP SaaS
Hitachi Energy nMarket NE
Hitachi Energy nMarket NY
Hitachi Energy nMarket PJM
Hitachi Energy nMarket TX
Kaltura Blackboard Learn SaaS in the classic Learn experience
Kaltura Blackboard Learn Self- and Managed-Hosting
Lecia biosystem Aperio SAM DX Server For GT 450 DX
Lecia biosystem Aperio VERSA
Lecia biosystem CEREBRO
Lecia biosystem LIS Connect
ManageEngine Desktop Central
Vyaire medical Mirth Connect

Solution

Update to the latest version

Original advisories

Fixed in Log4j 2.15.0 (Log4j 1.x mitigation)
CVE-2021-4104

Impacts
?
ACE 
[?]
Related products
Apache Log4j
CVE-IDS
?
Find out the statistics of the vulnerabilities spreading in your region