MidnightBSD

Advisories for qos

CVE-2017-5929 HIGH

QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-502,

Products Affected

Vendor Product Version
qos logback *
redhat satellite 6.4
redhat satellite_capsule 6.4
CVE-2018-8088 HIGH

org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. EventData in the slf4j-ext module in QOS.CH SLF4J, has been fixed in SLF4J versions 1.7.26 later and in the 2.0.x series.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat virtualization 4.0
redhat enterprise_linux_server_tus 7.6
qos slf4j *
oracle goldengate_application_adapters 12.3.2.1.0
redhat enterprise_linux_eus 7.6
redhat jboss_enterprise_application_platform 6.4.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_aus 7.7
oracle goldengate_stream_analytics *
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_eus 7.5
qos slf4j 1.8.0
redhat enterprise_linux_server_tus 7.7
oracle utilities_framework 4.4.0.0.0
redhat enterprise_linux_server_tus 7.4
oracle utilities_framework 4.3.0.4.0
redhat enterprise_linux_server_aus 7.4
redhat virtualization_host 4.0
oracle utilities_framework 4.3.0.2.0
redhat enterprise_linux_server 7.0
oracle utilities_framework 4.2.0.3.0
redhat jboss_enterprise_application_platform 6.0.0
redhat enterprise_linux_eus 7.4
redhat jboss_enterprise_application_platform 7.1
oracle utilities_framework 4.2.0.2.0
oracle utilities_framework 4.3.0.5.0
oracle utilities_framework 4.3.0.6.0
oracle utilities_framework 4.3.0.3.0
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_eus 7.7
CVE-2020-9488 MEDIUM

Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.7 LOW CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N 2.2 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
oracle spatial_and_graph 12.2.0.1
oracle retail_customer_management_and_segmentation_foundation 17.0
oracle jd_edwards_world_security a9.4
oracle policy_automation *
oracle policy_automation_for_mobile_devices *
oracle spatial_and_graph 18c
oracle retail_xstore_point_of_service 19.0.2
oracle financial_services_institutional_performance_analytics 8.1.0
oracle retail_eftlink 18.0.1
oracle financial_services_institutional_performance_analytics 8.0.6
oracle retail_advanced_inventory_planning 14.1
oracle communications_offline_mediation_controller 12.0.0.3.0
oracle insurance_policy_administration_j2ee 11.0.2.25
oracle peoplesoft_enterprise_peopletools 8.57
oracle retail_bulk_data_integration 15.0.3.0
oracle policy_automation_connector_for_siebel 10.4.6
oracle retail_integration_bus 14.1
oracle retail_predictive_application_server 15.0.3.0
oracle retail_eftlink 15.0.2
oracle storagetek_acsls 8.5.1
oracle data_integrator 12.2.1.3.0
debian debian_linux 10.0
debian debian_linux 9.0
oracle retail_assortment_planning 16.0.3.0
oracle financial_services_market_risk_measurement_and_management 8.0.8
oracle utilities_framework 4.2.0.2.0
oracle retail_bulk_data_integration 16.0.3.0
oracle retail_predictive_application_server 14.1.3.0
oracle insurance_rules_palette 11.2.0.26
oracle retail_customer_management_and_segmentation_foundation 18.0
oracle insurance_insbridge_rating_and_underwriting 5.6.1.0
oracle retail_insights_cloud_service_suite 19.0
oracle communications_unified_inventory_management 7.4.0
oracle spatial_and_graph 19c
oracle retail_integration_bus 15.0
oracle financial_services_institutional_performance_analytics 8.7.0
oracle retail_order_broker_cloud_service 19.1
oracle primavera_unifier 18.8
oracle communications_unified_inventory_management 7.3.0
oracle communications_billing_and_revenue_management 7.5.0.23.0
oracle retail_xstore_point_of_service 15.0.4
oracle retail_assortment_planning 15.0.3.0
oracle flexcube_core_banking *
oracle enterprise_manager_for_peoplesoft 13.4.1.1
oracle retail_eftlink 19.0.1
oracle insurance_policy_administration_j2ee 11.1.0.15
oracle retail_integration_bus 16.0
oracle insurance_insbridge_rating_and_underwriting *
oracle financial_services_market_risk_measurement_and_management 8.0.6
oracle insurance_rules_palette 10.2.0.37
oracle insurance_policy_administration_j2ee 11.2.0.26
oracle flexcube_private_banking 12.1.0
oracle insurance_rules_palette 10.2.4.12
oracle retail_xstore_point_of_service 16.0.6
oracle retail_xstore_point_of_service 17.0.4
oracle retail_order_broker_cloud_service 18.0
apache log4j *
oracle utilities_framework 4.4.0.2.0
oracle retail_customer_management_and_segmentation_foundation 16.0
oracle peoplesoft_enterprise_peopletools 8.58
oracle data_integrator 12.2.1.4.0
oracle utilities_framework 2.2.0.0.0
oracle flexcube_core_banking 5.2.0
oracle insurance_rules_palette 11.1.0.15
oracle siebel_ui_framework *
oracle financial_services_price_creation_and_discovery 8.0.6
oracle insurance_rules_palette 11.0.2.25
oracle retail_eftlink 16.0.3
oracle insurance_policy_administration_j2ee 10.2.4.12
oracle retail_predictive_application_server 16.0.3.0
oracle retail_order_broker_cloud_service 19.2
oracle financial_services_analytical_applications_infrastructure *
oracle storagetek_tape_analytics_sw_tool 2.3.1
oracle weblogic_server 10.3.6.0.0
oracle retail_eftlink 17.0.2
oracle siebel_apps_-_marketing *
oracle communications_billing_and_revenue_management 12.0.0.3.0
oracle financial_services_market_risk_measurement_and_management 8.1.0
oracle utilities_framework *
oracle communications_eagle_ftp_table_base_retrieval 4.5
qos reload4j *
oracle retail_customer_management_and_segmentation_foundation 19.0
oracle primavera_unifier 19.12
debian debian_linux 11.0
oracle financial_services_price_creation_and_discovery 8.0.7
oracle health_sciences_information_manager 3.0.1
oracle communications_application_session_controller 3.9m0p1
oracle retail_xstore_point_of_service 18.0.3
oracle utilities_framework 4.4.0.0.0
oracle retail_order_broker_cloud_service 19.0
oracle retail_order_broker_cloud_service 19.3
oracle peoplesoft_enterprise_peopletools 8.56
oracle utilities_framework 4.2.0.3.0
oracle oracle_goldengate_application_adapters 19.1.0.0.0
oracle retail_order_broker_cloud_service 16.0
oracle financial_services_retail_customer_analytics 8.0.6
oracle communications_services_gatekeeper 7.0
oracle insurance_policy_administration_j2ee 10.2.0.37
oracle flexcube_private_banking 12.0.0
CVE-2020-9493 MEDIUM

A deserialization flaw was found in Apache Chainsaw versions prior to 2.1.0 which could lead to malicious code execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-502,CWE-502,

Products Affected

Vendor Product Version
apache chainsaw *
apache log4j *
qos reload4j *
CVE-2021-42550 HIGH

In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-502,CWE-502,

Products Affected

Vendor Product Version
qos logback *
netapp service_level_manager -
netapp cloud_manager -
redhat satellite 6.0
siemens sinec_nms *
netapp snap_creator_framework -
qos logback 1.3.0
CVE-2022-23302 MEDIUM

JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-502,CWE-502,

Products Affected

Vendor Product Version
oracle communications_network_integrity 7.3.6
oracle e-business_suite_cloud_manager_and_cloud_backup_module 2.2.1.1.1
oracle financial_services_revenue_management_and_billing_analytics 2.8.0.0
broadcom brocade_sannav -
oracle middleware_common_libraries_and_tools 12.2.1.4.0
oracle enterprise_manager_base_platform 13.4.0.0
oracle healthcare_foundation 8.1.0
apache log4j *
oracle communications_unified_inventory_management 7.4.1
oracle tuxedo 12.2.2.0.0
oracle hyperion_infrastructure_technology *
oracle identity_management_suite 12.2.1.3.0
oracle advanced_supply_chain_planning 12.1
oracle business_intelligence 12.2.1.4.0
oracle communications_messaging_server 8.1
oracle communications_instant_messaging_server 10.0.1.5.0
oracle mysql_enterprise_monitor *
oracle business_intelligence 5.9.0.0.0
oracle hyperion_data_relationship_management *
oracle e-business_suite_cloud_manager_and_cloud_backup_module *
netapp snapmanager -
oracle business_process_management_suite 12.2.1.4.0
oracle weblogic_server 12.2.1.3.0
oracle communications_offline_mediation_controller 12.0.0.5.0
oracle financial_services_revenue_management_and_billing_analytics 2.7.0.0
oracle business_intelligence 12.2.1.3.0
oracle advanced_supply_chain_planning 12.2
oracle jdeveloper 12.2.1.3.0
oracle communications_unified_inventory_management 7.4.2
oracle identity_manager_connector 11.1.1.5.0
oracle financial_services_revenue_management_and_billing_analytics 2.7.0.1
oracle weblogic_server 14.1.1.0.0
oracle weblogic_server 12.2.1.4.0
oracle enterprise_manager_base_platform 13.5.0.0
oracle business_process_management_suite 12.2.1.3.0
oracle communications_offline_mediation_controller *
oracle communications_eagle_ftp_table_base_retrieval 4.5
qos reload4j *
oracle identity_management_suite 12.2.1.4.0
CVE-2022-23305 MEDIUM

By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default. Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,CWE-89,

Products Affected

Vendor Product Version
oracle communications_network_integrity 7.3.6
oracle e-business_suite_cloud_manager_and_cloud_backup_module 2.2.1.1.1
oracle financial_services_revenue_management_and_billing_analytics 2.8.0.0
broadcom brocade_sannav -
oracle middleware_common_libraries_and_tools 12.2.1.4.0
oracle enterprise_manager_base_platform 13.4.0.0
oracle healthcare_foundation 8.1.0
apache log4j *
oracle communications_unified_inventory_management 7.4.1
oracle tuxedo 12.2.2.0.0
oracle hyperion_infrastructure_technology *
oracle identity_management_suite 12.2.1.3.0
oracle advanced_supply_chain_planning 12.1
oracle business_intelligence 12.2.1.4.0
oracle communications_messaging_server 8.1
oracle communications_instant_messaging_server 10.0.1.5.0
oracle mysql_enterprise_monitor *
oracle business_intelligence 5.9.0.0.0
oracle hyperion_data_relationship_management *
oracle e-business_suite_cloud_manager_and_cloud_backup_module *
netapp snapmanager -
oracle business_process_management_suite 12.2.1.4.0
oracle weblogic_server 12.2.1.3.0
oracle communications_offline_mediation_controller 12.0.0.5.0
oracle financial_services_revenue_management_and_billing_analytics 2.7.0.0
oracle business_intelligence 12.2.1.3.0
oracle advanced_supply_chain_planning 12.2
oracle jdeveloper 12.2.1.3.0
oracle communications_unified_inventory_management 7.4.2
oracle identity_manager_connector 11.1.1.5.0
oracle financial_services_revenue_management_and_billing_analytics 2.7.0.1
oracle retail_extract_transform_and_load 13.2.5
oracle weblogic_server 14.1.1.0.0
oracle e-business_suite_information_discovery *
oracle weblogic_server 12.2.1.4.0
oracle enterprise_manager_base_platform 13.5.0.0
oracle business_process_management_suite 12.2.1.3.0
oracle communications_offline_mediation_controller *
oracle communications_eagle_ftp_table_base_retrieval 4.5
qos reload4j *
oracle identity_management_suite 12.2.1.4.0
CVE-2022-23307 HIGH

CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-502,CWE-502,

Products Affected

Vendor Product Version
oracle communications_network_integrity 7.3.6
oracle e-business_suite_cloud_manager_and_cloud_backup_module 2.2.1.1.1
oracle financial_services_revenue_management_and_billing_analytics 2.8.0.0
oracle middleware_common_libraries_and_tools 12.2.1.4.0
oracle enterprise_manager_base_platform 13.4.0.0
oracle healthcare_foundation 8.1.0
apache log4j *
oracle communications_unified_inventory_management 7.4.1
oracle tuxedo 12.2.2.0.0
oracle hyperion_infrastructure_technology *
oracle identity_management_suite 12.2.1.3.0
oracle advanced_supply_chain_planning 12.1
oracle business_intelligence 12.2.1.4.0
oracle communications_messaging_server 8.1
oracle communications_instant_messaging_server 10.0.1.5.0
oracle mysql_enterprise_monitor *
oracle business_intelligence 5.9.0.0.0
oracle hyperion_data_relationship_management *
oracle e-business_suite_cloud_manager_and_cloud_backup_module *
oracle business_process_management_suite 12.2.1.4.0
oracle weblogic_server 12.2.1.3.0
oracle communications_offline_mediation_controller 12.0.0.5.0
oracle financial_services_revenue_management_and_billing_analytics 2.7.0.0
oracle business_intelligence 12.2.1.3.0
oracle advanced_supply_chain_planning 12.2
oracle jdeveloper 12.2.1.3.0
oracle communications_unified_inventory_management 7.4.2
oracle identity_manager_connector 11.1.1.5.0
oracle financial_services_revenue_management_and_billing_analytics 2.7.0.1
oracle retail_extract_transform_and_load 13.2.5
oracle weblogic_server 14.1.1.0.0
oracle weblogic_server 12.2.1.4.0
oracle enterprise_manager_base_platform 13.5.0.0
apache chainsaw *
oracle business_process_management_suite 12.2.1.3.0
oracle communications_offline_mediation_controller *
oracle communications_eagle_ftp_table_base_retrieval 4.5
qos reload4j *
oracle identity_management_suite 12.2.1.4.0
CVE-2023-6378

A serialization vulnerability in logback receiver component part of logback version 1.4.11 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
vulnerability@ncsc.ch 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H 2.5 4.0
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
qos logback *
CVE-2023-6481

A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
vulnerability@ncsc.ch 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H 2.5 4.0

Products Affected

Vendor Product Version
qos logback 1.2.12
qos logback 1.3.13
qos logback 1.4.13