{"id": "CVE-2021-45046", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "
[email protected]", "cvssData": {"version": "2.0", "baseScore": 5.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "
[email protected]", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.0, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.2}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.0, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.2}]}, "published": "2021-12-14T19:15:07.733", "references": [{"url": "http://www.openwall.com/lists/oss-security/2021/12/14/4", "tags": ["Mailing List", "Mitigation", "Third Party Advisory"], "source": "
[email protected]"}, {"url": "http://www.openwall.com/lists/oss-security/2021/12/15/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "
[email protected]"}, {"url": "http://www.openwall.com/lists/oss-security/2021/12/18/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "
[email protected]"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf", "tags": ["Third Party Advisory"], "source": "
[email protected]"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf", "tags": ["Third Party Advisory"], "source": "
[email protected]"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf", "tags": ["Third Party Advisory"], "source": "
[email protected]"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf", "tags": ["Third Party Advisory"], "source": "
[email protected]"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/", "tags": ["Mailing List", "Release Notes"], "source": "
[email protected]"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/", "tags": ["Mailing List", "Release Notes"], "source": "
[email protected]"}, {"url": "https://logging.apache.org/log4j/2.x/security.html", "tags": ["Mitigation", "Release Notes", "Vendor Advisory"], "source": "
[email protected]"}, {"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032", "tags": ["Third Party Advisory"], "source": "
[email protected]"}, {"url": "https://security.gentoo.org/glsa/202310-16", "tags": ["Third Party Advisory"], "source": "
[email protected]"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", "tags": ["Third Party Advisory"], "source": "
[email protected]"}, {"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228", "tags": ["Not Applicable"], "source": "
[email protected]"}, {"url": "https://www.debian.org/security/2021/dsa-5022", "tags": ["Third Party Advisory"], "source": "
[email protected]"}, {"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html", "tags": ["Third Party Advisory"], "source": "
[email protected]"}, {"url": "https://www.kb.cert.org/vuls/id/930724", "tags": ["Third Party Advisory", "US Government Resource"], "source": "
[email protected]"}, {"url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html", "tags": ["Third Party Advisory"], "source": "
[email protected]"}, {"url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "tags": ["Third Party Advisory"], "source": "
[email protected]"}, {"url": "https://www.oracle.com/security-alerts/cpujan2022.html", "tags": ["Patch", "Third Party Advisory"], "source": "
[email protected]"}, {"url": "https://www.oracle.com/security-alerts/cpujul2022.html", "tags": ["Third Party Advisory"], "source": "
[email protected]"}, {"url": "http://www.openwall.com/lists/oss-security/2021/12/14/4", "tags": ["Mailing List", "Mitigation", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2021/12/15/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2021/12/18/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/", "tags": ["Mailing List", "Release Notes"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/", "tags": ["Mailing List", "Release Notes"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://logging.apache.org/log4j/2.x/security.html", "tags": ["Mitigation", "Release Notes", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.gentoo.org/glsa/202310-16", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228", "tags": ["Not Applicable"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.debian.org/security/2021/dsa-5022", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.kb.cert.org/vuls/id/930724", "tags": ["Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.oracle.com/security-alerts/cpujan2022.html", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.oracle.com/security-alerts/cpujul2022.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-45046", "tags": ["US Government Resource"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "
[email protected]", "description": [{"lang": "en", "value": "CWE-917"}]}, {"type": "Primary", "source": "
[email protected]", "description": [{"lang": "en", "value": "CWE-917"}]}], "descriptions": [{"lang": "en", "value": "It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in an information leak and remote code execution in some environments and local code execution in all environments. Log4j 2.16.0 (Java 8) and 2.12.2 (Java 7) fix this issue by removing support for message lookup patterns and disabling JNDI functionality by default."}, {"lang": "es", "value": "Se descubri\u00f3 que la correcci\u00f3n para abordar CVE-2021-44228 en Apache Log4j versiones 2.15.0 estaba incompleta en ciertas configuraciones no predeterminadas. Esto podr\u00eda permitir a los atacantes con control sobre los datos de entrada de Thread Context Map (MDC) cuando la configuraci\u00f3n de registro utiliza un Pattern Layout no predeterminado con un Context Lookup (por ejemplo, $${ctx:loginId}) o un Thread Context Map pattern (%X, %mdc, o %MDC) para elaborar datos de entrada maliciosos utilizando un patr\u00f3n JNDI Lookup que resulta en una fuga de informaci\u00f3n y ejecuci\u00f3n de c\u00f3digo remoto en algunos entornos y ejecuci\u00f3n de c\u00f3digo local en todos los entornos. Log4j versiones 2.16.0 (Java 8) y 2.12.2 (Java 7) solucionan este problema eliminando el soporte para los patrones de b\u00fasqueda de mensajes y deshabilitando la funcionalidad JNDI por defecto"}], "lastModified": "2025-10-27T17:35:56.240", "cisaActionDue": "2023-05-22", "cisaExploitAdd": "2023-05-01", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "155A3CFA-903D-4DC9-9A64-C964FAABACC4", "versionEndExcluding": "2.12.2", "versionStartIncluding": "2.0.1"}, {"criteria": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88DD4847-0961-4CC4-90FC-DFCDC235F62F", "versionEndExcluding": "2.16.0", "versionStartIncluding": "2.13.0"}, {"criteria": "cpe:2.3:a:apache:log4j:2.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17854E42-7063-4A55-BF2A-4C7074CC2D60"}, {"criteria": "cpe:2.3:a:apache:log4j:2.0:beta9:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53F32FB2-6970-4975-8BD0-EAE12E9AD03A"}, {"criteria": "cpe:2.3:a:apache:log4j:2.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B773ED91-1D39-42E6-9C52-D02210DE1A94"}, {"criteria": "cpe:2.3:a:apache:log4j:2.0:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF24312D-1A62-482E-8078-7EC24758B710"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cvat:computer_vision_annotation_tool:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99BBE644-5421-472E-8595-5279E0CC67B1"}, {"criteria": "cpe:2.3:a:intel:audio_development_kit:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "099344DD-8AEE-49A0-88A8-691A8A1E651F"}, {"criteria": "cpe:2.3:a:intel:datacenter_manager:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "070C1452-C349-4953-A748-3039F2217811"}, {"criteria": "cpe:2.3:a:intel:genomics_kernel_library:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18989EBC-E1FB-473B-83E0-48C8896C2E96"}, {"criteria": "cpe:2.3:a:intel:oneapi:-:*:*:*:*:eclipse:*:*", "vulnerable": true, "matchCriteriaId": "720D3597-B74B-4540-AD50-80884183D5DE"}, {"criteria": "cpe:2.3:a:intel:secure_device_onboard:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22BEE177-D117-478C-8EAD-9606DEDF9FD5"}, {"criteria": "cpe:2.3:a:intel:sensor_solution_firmware_development_kit:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F021E2E7-0D8F-4336-82A6-77E521347C4F"}, {"criteria": "cpe:2.3:a:intel:system_debugger:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F66B0A2-22C0-41D5-B866-1764DEC12CB2"}, {"criteria": "cpe:2.3:a:intel:system_studio:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC619106-991C-413A-809D-C2410EBA4CDB"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:sppa-t3000_ses3000_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8320869-CBF4-4C92-885C-560C09855BFA"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:sppa-t3000_ses3000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "755BA221-33DD-40A2-A517-8574D042C261"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:siemens:captial:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07856DAA-EDB4-4522-BA16-CD302C9E39EF", "versionEndExcluding": "2019.1"}, {"criteria": "cpe:2.3:a:siemens:captial:2019.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7AD819D-D093-472E-AA47-1A925111E4C8"}, {"criteria": "cpe:2.3:a:siemens:captial:2019.1:sp1912:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D07A11A-A3C6-4D44-B2E0-A8358D23947A"}, {"criteria": "cpe:2.3:a:siemens:comos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61597661-A3B0-4A14-AA6B-C911E0063390"}, {"criteria": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB524B33-68E7-46A2-B5CE-BCD9C3194B8B"}, {"criteria": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F852C6D-44A0-4CCE-83C7-4501CAD73F9F"}, {"criteria": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA61161C-C2E7-4852-963E-E2D3DFBFDC7B"}, {"criteria": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A76AA04A-BB43-4027-895E-D1EACFCDF41B"}, {"criteria": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A6B60F3-327B-49B7-B5E4-F1C60896C9BB"}, {"criteria": "cpe:2.3:a:siemens:desigo_cc_info_center:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BCF281E-B0A2-49E2-AEF8-8691BDCE08D5"}, {"criteria": "cpe:2.3:a:siemens:desigo_cc_info_center:5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A87EFCC4-4BC1-4FEA-BAA4-8FF221838EBD"}, {"criteria": "cpe:2.3:a:siemens:e-car_operation_center:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B678380B-E95E-4A8B-A49D-D13B62AA454E", "versionEndExcluding": "2021-12-13"}, {"criteria": "cpe:2.3:a:siemens:energy_engage:3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4557476B-0157-44C2-BB50-299E7C7E1E72"}, {"criteria": "cpe:2.3:a:siemens:energyip:8.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "991B2959-5AA3-4B68-A05A-42D9860FAA9D"}, {"criteria": "cpe:2.3:a:siemens:energyip:8.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E5948A0-CA31-41DF-85B6-1E6D09E5720B"}, {"criteria": "cpe:2.3:a:siemens:energyip:8.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C08D302-EEAC-45AA-9943-3A5F09E29FAB"}, {"criteria": "cpe:2.3:a:siemens:energyip:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D53BA68C-B653-4507-9A2F-177CF456960F"}, {"criteria": "cpe:2.3:a:siemens:energyip_prepay:3.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F0C3D5E-579F-42C6-9D8C-37969A1D17D2"}, {"criteria": "cpe:2.3:a:siemens:energyip_prepay:3.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C16C460-9482-4A22-92AC-1AE0E87D7F28"}, {"criteria": "cpe:2.3:a:siemens:gma-manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E180527-5C36-4158-B017-5BEDC0412FD6", "versionEndExcluding": "8.6.2j-398"}, {"criteria": "cpe:2.3:a:siemens:head-end_system_universal_device_integration_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFDADA98-1CD0-45DA-9082-BFC383F7DB97"}, {"criteria": "cpe:2.3:a:siemens:industrial_edge_management:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E33D707F-100E-4DE7-A05B-42467DE75EAC"}, {"criteria": "cpe:2.3:a:siemens:industrial_edge_management_hub:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD3EAC80-44BE-41D2-8D57-0EE3DBA1E1B1", "versionEndExcluding": "2021-12-13"}, {"criteria": "cpe:2.3:a:siemens:logo\\!_soft_comfort:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2AC8AB52-F4F4-440D-84F5-2776BFE1957A"}, {"criteria": "cpe:2.3:a:siemens:mendix:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6AF6D774-AC8C-49CA-A00B-A2740CA8FA91"}, {"criteria": "cpe:2.3:a:siemens:mindsphere:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6423B1A7-F09F-421A-A0AC-3059CB89B110", "versionEndExcluding": "2021-12-11"}, {"criteria": "cpe:2.3:a:siemens:navigator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "48C6A61B-2198-4B9E-8BCF-824643C81EC3", "versionEndExcluding": "2021-12-13"}, {"criteria": "cpe:2.3:a:siemens:nx:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BEE2F7A1-8281-48F1-8BFB-4FE0D7E1AEF4"}, {"criteria": "cpe:2.3:a:siemens:opcenter_intelligence:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C74B9880-FFF9-48CA-974F-54FB80F30D2D", "versionEndIncluding": "3.2"}, {"criteria": "cpe:2.3:a:siemens:operation_scheduler:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74D1F4AD-9A60-4432-864F-4505B3C60659", "versionEndIncluding": "1.1.3"}, {"criteria": "cpe:2.3:a:siemens:sentron_powermanager:4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7ABA5332-8D1E-4129-A557-FCECBAC12827"}, {"criteria": "cpe:2.3:a:siemens:sentron_powermanager:4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C3AA865-5570-4C8B-99DE-431AD7B163F1"}, {"criteria": "cpe:2.3:a:siemens:siguard_dsa:4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "00E03FB6-37F9-4559-8C86-F203D6782920"}, {"criteria": "cpe:2.3:a:siemens:siguard_dsa:4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90439591-BA01-4007-A2B6-B316548D4595"}, {"criteria": "cpe:2.3:a:siemens:siguard_dsa:4.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E1F3B8B4-4D1B-4913-BD5F-1A04B47F829A"}, {"criteria": "cpe:2.3:a:siemens:sipass_integrated:2.80:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83E77D85-0AE8-41D6-AC0C-983A8B73C831"}, {"criteria": "cpe:2.3:a:siemens:sipass_integrated:2.85:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "02B28A44-3708-480D-9D6D-DDF8C21A15EC"}, {"criteria": "cpe:2.3:a:siemens:siveillance_command:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2FC0A575-F771-4B44-A0C6-6A5FD98E5134", "versionEndIncluding": "4.16.2.1"}, {"criteria": "cpe:2.3:a:siemens:siveillance_control_pro:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D1D6B61-1F17-4008-9DFB-EF419777768E"}, {"criteria": "cpe:2.3:a:siemens:siveillance_identity:1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9772EE3F-FFC5-4611-AD9A-8AD8304291BB"}, {"criteria": "cpe:2.3:a:siemens:siveillance_identity:1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF524892-278F-4373-A8A3-02A30FA1AFF4"}, {"criteria": "cpe:2.3:a:siemens:siveillance_vantage:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F30DE588-9479-46AA-8346-EA433EE83A5F"}, {"criteria": "cpe:2.3:a:siemens:siveillance_viewpoint:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4941EAD6-8759-4C72-ABA6-259C0E838216"}, {"criteria": "cpe:2.3:a:siemens:solid_edge_cam_pro:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BF2708F-0BD9-41BF-8CB1-4D06C4EFB777"}, {"criteria": "cpe:2.3:a:siemens:solid_edge_harness_design:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0762031C-DFF1-4962-AE05-0778B27324B9", "versionEndExcluding": "2020"}, {"criteria": "cpe:2.3:a:siemens:solid_edge_harness_design:2020:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96271088-1D1B-4378-8ABF-11DAB3BB4DDC"}, {"criteria": "cpe:2.3:a:siemens:solid_edge_harness_design:2020:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2595AD24-2DF2-4080-B780-BC03F810B9A9"}, {"criteria": "cpe:2.3:a:siemens:solid_edge_harness_design:2020:sp2002:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88096F08-F261-4E3E-9EEB-2AB0225CD6F3"}, {"criteria": "cpe:2.3:a:siemens:spectrum_power_4:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "044994F7-8127-4F03-AA1A-B2AB41D68AF5", "versionEndExcluding": "4.70"}, {"criteria": "cpe:2.3:a:siemens:spectrum_power_4:4.70:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6CB3A8D-9577-41FB-8AC4-0DF8DE6A519C"}, {"criteria": "cpe:2.3:a:siemens:spectrum_power_4:4.70:sp7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17B7C211-6339-4AF2-9564-94C7DE52EEB7"}, {"criteria": "cpe:2.3:a:siemens:spectrum_power_4:4.70:sp8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DBCCBBBA-9A4F-4354-91EE-10A1460BBA3F"}, {"criteria": "cpe:2.3:a:siemens:spectrum_power_7:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12F81F6B-E455-4367-ADA4-8A5EC7F4754A", "versionEndExcluding": "2.30"}, {"criteria": "cpe:2.3:a:siemens:spectrum_power_7:2.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5EF509E-3799-4718-B361-EFCBA17AEEF3"}, {"criteria": "cpe:2.3:a:siemens:spectrum_power_7:2.30:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8CA31645-29FC-4432-9BFC-C98A808DB8CF"}, {"criteria": "cpe:2.3:a:siemens:spectrum_power_7:2.30:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB424991-0B18-4FFC-965F-FCF4275F56C5"}, {"criteria": "cpe:2.3:a:siemens:teamcenter:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B209EFE-77F2-48CD-A880-ABA0A0A81AB1"}, {"criteria": "cpe:2.3:a:siemens:tracealertserverplus:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6340621E-0FAF-4684-B457-E621E51E13A1"}, {"criteria": "cpe:2.3:a:siemens:vesys:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72D238AB-4A1F-458D-897E-2C93DCD7BA6C", "versionEndExcluding": "2019.1"}, {"criteria": "cpe:2.3:a:siemens:vesys:2019.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9778339A-EA93-4D18-9A03-4EB4CBD25459"}, {"criteria": "cpe:2.3:a:siemens:vesys:2019.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1747F127-AB45-4325-B9A1-F3D12E69FFC8"}, {"criteria": "cpe:2.3:a:siemens:vesys:2019.1:sp1912:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18BBEF7C-F686-4129-8EE9-0F285CE38845"}, {"criteria": "cpe:2.3:a:siemens:xpedition_enterprise:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD525494-2807-48EA-AED0-11B9CB5A6A9B"}, {"criteria": "cpe:2.3:a:siemens:xpedition_package_integrator:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1EDCBF98-A857-48BC-B04D-6F36A1975AA5"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"}, {"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sonicwall:email_security:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5BAA8A5-74B3-48EB-8287-302927197A4E", "versionEndExcluding": "10.0.12"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:6bk1602-0aa12-0tp0:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CF99FE8F-40D0-48A8-9A40-43119B259535"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:6bk1602-0aa12-0tp0_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD64FC36-CC7B-4FD7-9845-7EA1DDB0E627", "versionEndExcluding": "2.7.0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:6bk1602-0aa22-0tp0:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F3F61BCB-64FA-463C-8B95-8868995EDBC0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:6bk1602-0aa22-0tp0_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0012304-B1C8-460A-B891-42EBF96504F5", "versionEndExcluding": "2.7.0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:6bk1602-0aa32-0tp0:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B5A189B7-DDBF-4B84-997F-637CEC5FF12B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:6bk1602-0aa32-0tp0_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B02BCF56-D9D3-4BF3-85A2-D445E997F5EC", "versionEndExcluding": "2.7.0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:6bk1602-0aa42-0tp0:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "035AFD6F-E560-43C8-A283-8D80DAA33025"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:6bk1602-0aa42-0tp0_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A2DB5BA-1065-467A-8FB6-81B5EC29DC0C", "versionEndExcluding": "2.7.0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:6bk1602-0aa52-0tp0:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4594FF76-A1F8-4457-AE90-07D051CD0DCB"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:6bk1602-0aa52-0tp0_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "809EB87E-561A-4DE5-9FF3-BBEE0FA3706E", "versionEndExcluding": "2.7.0"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "
[email protected]", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Apache Log4j2 Deserialization of Untrusted Data Vulnerability"}
