rhsa-2021_5137
Vulnerability from csaf_redhat
Published
2021-12-14 21:36
Modified
2024-12-03 13:34
Summary
Red Hat Security Advisory: Openshift Logging Security Release (5.0.10)
Notes
Topic
Openshift Logging Security Release (5.0.10)
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Openshift Logging Bug Fix Release (5.0.10)
Security Fix(es):
* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Openshift Logging Security Release (5.0.10)\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Openshift Logging Bug Fix Release (5.0.10)\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:5137", "url": "https://access.redhat.com/errata/RHSA-2021:5137" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009", "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009" }, { "category": "external", "summary": "2030932", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5137.json" } ], "title": "Red Hat Security Advisory: Openshift Logging Security Release (5.0.10)", "tracking": { "current_release_date": "2024-12-03T13:34:28+00:00", "generator": { "date": "2024-12-03T13:34:28+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:5137", "initial_release_date": "2021-12-14T21:36:36+00:00", "revision_history": [ { "date": "2021-12-14T21:36:36+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-12-14T21:36:36+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-03T13:34:28+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "OpenShift Logging 5.0", "product": { "name": "OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:logging:5.0::el8" } } } ], "category": "product_family", "name": "Red Hat OpenShift Enterprise" }, { "branches": [ { "category": "product_version", "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64", "product": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64", "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.0.10-1" } } }, { "category": "product_version", "name": "openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64", "product": { "name": "openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64", "product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.0.10-2" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64", "product": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64", "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.0.10-1" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64", "product": { "name": "openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64", "product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.0.10-2" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64", "product": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64", "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v5.0.10-1" } } }, { "category": "product_version", "name": "openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64", "product": { "name": "openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64", "product_id": "openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64", "product_identification_helper": { "purl": "pkg:oci/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.0.10-1" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64", "product": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64", "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v5.0.10-1" } } }, { "category": "product_version", "name": "openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64", "product": { "name": "openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64", "product_id": "openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64", "product_identification_helper": { "purl": "pkg:oci/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v5.0.10-1" } } }, { "category": "product_version", "name": "openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64", "product": { "name": "openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64", "product_id": "openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64", "product_identification_helper": { "purl": "pkg:oci/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v5.0.10-1" } } }, { "category": "product_version", "name": "openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64", "product": { "name": "openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64", "product_id": "openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64", "product_identification_helper": { "purl": "pkg:oci/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v5.0.10-1" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le", "product": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le", "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.0.10-1" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le", "product": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le", "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.0.10-1" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le", "product": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le", "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v5.0.10-1" } } }, { "category": "product_version", "name": "openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le", "product": { "name": "openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le", "product_id": "openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le", "product_identification_helper": { "purl": "pkg:oci/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.0.10-1" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le", "product": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le", "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le", "product_identification_helper": { "purl": "pkg:oci/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v5.0.10-1" } } }, { "category": "product_version", "name": "openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le", "product": { "name": "openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le", "product_id": "openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le", "product_identification_helper": { "purl": "pkg:oci/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v5.0.10-1" } } }, { "category": "product_version", "name": "openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le", "product": { "name": "openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le", "product_id": "openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le", "product_identification_helper": { "purl": "pkg:oci/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v5.0.10-1" } } }, { "category": "product_version", "name": "openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le", "product": { "name": "openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le", "product_id": "openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v5.0.10-1" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x", "product": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x", "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.0.10-1" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x", "product": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x", "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.0.10-1" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x", "product": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x", "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v5.0.10-1" } } }, { "category": "product_version", "name": "openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x", "product": { "name": "openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x", "product_id": "openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x", "product_identification_helper": { "purl": "pkg:oci/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.0.10-1" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x", "product": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x", "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x", "product_identification_helper": { "purl": "pkg:oci/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v5.0.10-1" } } }, { "category": "product_version", "name": "openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x", "product": { "name": "openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x", "product_id": "openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x", "product_identification_helper": { "purl": "pkg:oci/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v5.0.10-1" } } }, { "category": "product_version", "name": "openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x", "product": { "name": "openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x", "product_id": "openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x", "product_identification_helper": { "purl": "pkg:oci/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v5.0.10-1" } } }, { "category": "product_version", "name": "openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x", "product": { "name": "openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x", "product_id": "openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x", "product_identification_helper": { "purl": "pkg:oci/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v5.0.10-1" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64 as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64" }, "product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x" }, "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le" }, "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64 as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64" }, "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64 as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64" }, "product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64 as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64" }, "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x" }, "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le" }, "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x" }, "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64 as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64" }, "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le" }, "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x" }, "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le" }, "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64 as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64" }, "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le" }, "product_reference": "openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64 as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64" }, "product_reference": "openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x" }, "product_reference": "openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64 as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64" }, "product_reference": "openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le" }, "product_reference": "openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x" }, "product_reference": "openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64 as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64" }, "product_reference": "openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x" }, "product_reference": "openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le" }, "product_reference": "openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64 as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64" }, "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x" }, "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le as a component of OpenShift Logging 5.0", "product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le" }, "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.0" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-44228", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2021-12-10T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2030932" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.", "title": "Vulnerability description" }, { "category": "summary", "text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64" ], "known_not_affected": [ "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44228" }, { "category": "external", "summary": "RHBZ#2030932", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932" }, { "category": "external", "summary": "RHSB-2021-009", "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44228" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q", "url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q" }, { "category": "external", "summary": "https://logging.apache.org/log4j/2.x/security.html", "url": "https://logging.apache.org/log4j/2.x/security.html" }, { "category": "external", "summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/", "url": "https://www.lunasec.io/docs/blog/log4j-zero-day/" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2021-12-10T02:01:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-12-14T21:36:36+00:00", "details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html", "product_ids": [ "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:5137" }, { "category": "workaround", "details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441", "product_ids": [ "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64" ] } ], "threats": [ { "category": "exploit_status", "date": "2021-12-10T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Moderate" } ], "title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value" }, { "cve": "CVE-2021-45046", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-12-14T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2032580" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.", "title": "Vulnerability description" }, { "category": "summary", "text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)", "title": "Vulnerability summary" }, { "category": "other", "text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64" ], "known_not_affected": [ "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-45046" }, { "category": "external", "summary": "RHBZ#2032580", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046", "url": "https://www.cve.org/CVERecord?id=CVE-2021-45046" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046" }, { "category": "external", "summary": "https://access.redhat.com/security/cve/CVE-2021-44228", "url": "https://access.redhat.com/security/cve/CVE-2021-44228" }, { "category": "external", "summary": "https://logging.apache.org/log4j/2.x/security.html", "url": "https://logging.apache.org/log4j/2.x/security.html" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4", "url": "https://www.openwall.com/lists/oss-security/2021/12/14/4" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2021-12-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-12-14T21:36:36+00:00", "details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html", "product_ids": [ "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:5137" }, { "category": "workaround", "details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).", "product_ids": [ "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:8506f609ee7aae7006f856c9aea1868adbe0689e142d88a7db9fe1a5178f3178_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:177037cc7dd2abedf432efd6addf9d47960d8e9fb116cdfc973ee4999a488383_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa5bbc1b0792179d50e7e102588195b0b11799b94640db5039ff371e8505e32b_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:aa89345bb6281fac7c35d404a2ff753bff3f222557ab6f03c2c401107adf073e_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:4edb9f0a5efe40bdb5ae5f9b68abb4ac952810d1333442993c90bee6831bbe64_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:70fb7698de4592d07001b268b914f468c03618471cb975b6a21c35451999be2a_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:c1dd73551aa53acb75a02875449fa54a995df5888b68421a7e945862a98aa8c2_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf7da672fc4e59894230852c0d5e67e3fcbbcce1fa992784b5348e654ff59417_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:4bba1d96440b7fc19cb61fdacad24bfab5fab610eae01374d830ee51fa8a6bd4_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:71bcbfb03b820d0a2ce7fb5ec6ab4830b2d38ff62ccdcf974139a7244cf5b2ee_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:97bd3a7bf854f3b4ead46336683a82853f78df95c48ab9a4f1c5164105f05f8e_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:09ba9e857b5ba3ac122d71b2c349ab8e13981c34268b6ec9c252519243f77d55_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:98092e9322efec21851e728e69e1b32b7607a4aedccc9ec39fc225849f3b7e1a_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:abf4052884464d6fa82d2b4aed5a612918d395f4229dde26a3c3acfa20fbfb34_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:3273f04559882c0ab7c2b61da96aa7a61f0004d1c87e8070477ba984cfa3dc50_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:77489c11265b4890c23c95b3bb255f707e9bfe02475a65e566fae1d1eb0ca970_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a88c38034287123710fbdfa23056a700dbf918fa563d6ce14c56c99a14000a5c_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7709829dde3568c1e32b4e949054191166545e724803341e4182e080583adbc8_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:d505ef5c45463c45c6bd67873ef038400b79b940ab142153ebdc86d6efdfb619_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:e3d3cba918b8eb95f340e1a6d5a2bc05bb93b6b305a0beccae0b5d37a064986a_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:4b597b22e6dbf1897e728d8384a7fb6f703290a6b4f9755141a9bd35569c1bb4_amd64", "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:680699c945e150eb6fdbd0dd70565ad279fba8c21abbffe1fa7b3a0360f03178_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:6a3e0dcfc27c799d54b9b86d71b61691583d48b71b1f651afb46ae5b00a31ba1_ppc64le" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:8612f54b6b077febf9ab833b6bf6fe4673bc29ed8765323e60c4b7531ef40407_s390x", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:a70f88abff582e94a56f650acb782217e6247dc13343d7803492467a4881a9b0_ppc64le", "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c4fb65aaf2602f06b713da8e5b5674d880f57177510a533135cbb93c7e362eb9_amd64" ] } ], "threats": [ { "category": "exploit_status", "date": "2023-05-01T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Moderate" } ], "title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.