rhsa-2022:0226
Vulnerability from csaf_redhat
Published
2022-01-20 21:39
Modified
2025-03-13 00:06
Summary
Red Hat Security Advisory: Red Hat OpenShift Enterprise Logging bug fix and security update (5.1.7)
Notes
Topic
An update is now available for OpenShift Logging (5.1.7)
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
OpenShift Logging Bug Fix Release (5.1.7)
Security Fix(es):
* nodejs-ua-parser-js: ReDoS via malicious User-Agent header (CVE-2021-27292)
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for OpenShift Logging (5.1.7)\n\nRed Hat Product Security has rated this update as having a security impact of\nModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.", title: "Topic", }, { category: "general", text: "OpenShift Logging Bug Fix Release (5.1.7)\n\nSecurity Fix(es):\n\n* nodejs-ua-parser-js: ReDoS via malicious User-Agent header (CVE-2021-27292)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2022:0226", url: "https://access.redhat.com/errata/RHSA-2022:0226", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1940613", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1940613", }, { category: "external", summary: "2035951", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2035951", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0226.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift Enterprise Logging bug fix and security update (5.1.7)", tracking: { current_release_date: "2025-03-13T00:06:51+00:00", generator: { date: "2025-03-13T00:06:51+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2022:0226", initial_release_date: "2022-01-20T21:39:00+00:00", revision_history: [ { date: "2022-01-20T21:39:00+00:00", number: "1", summary: "Initial version", }, { date: "2022-01-20T21:39:00+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-13T00:06:51+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "OpenShift Logging 5.1", product: { name: "OpenShift Logging 5.1", product_id: "8Base-OSE-LOGGING-5.1", product_identification_helper: { cpe: "cpe:/a:redhat:logging:5.1::el8", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Enterprise", }, { branches: [ { category: "product_version", name: "openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x", product: { name: "openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x", product_id: "openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x", product_identification_helper: { purl: "pkg:oci/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36?arch=s390x&repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator&tag=v5.1.7-2", }, }, }, { category: "product_version", name: "openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x", product: { name: "openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x", product_id: "openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x", product_identification_helper: { purl: "pkg:oci/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0?arch=s390x&repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator&tag=v5.1.7-2", }, }, }, { category: "product_version", name: "openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x", product: { name: "openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x", product_id: "openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x", product_identification_helper: { purl: "pkg:oci/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4?arch=s390x&repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8&tag=v1.0.0-102", }, }, }, { category: "product_version", name: "openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x", product: { name: "openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x", product_id: "openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x", product_identification_helper: { purl: "pkg:oci/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce?arch=s390x&repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8&tag=v6.8.1-98", }, }, }, { category: "product_version", name: "openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x", product: { name: "openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x", product_id: "openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x", product_identification_helper: { purl: "pkg:oci/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d?arch=s390x&repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8&tag=v0.3.0-97", }, }, }, { category: "product_version", name: "openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x", product: { name: "openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x", product_id: "openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x", product_identification_helper: { purl: "pkg:oci/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1?arch=s390x&repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8&tag=v1.7.4-102", }, }, }, { category: "product_version", name: "openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x", product: { name: "openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x", product_id: "openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x", product_identification_helper: { purl: "pkg:oci/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5?arch=s390x&repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8&tag=v6.8.1-108", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le", product: { name: "openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le", product_id: "openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le", product_identification_helper: { purl: "pkg:oci/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7?arch=ppc64le&repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator&tag=v5.1.7-2", }, }, }, { category: "product_version", name: "openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le", product: { name: "openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le", product_id: "openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le", product_identification_helper: { purl: "pkg:oci/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92?arch=ppc64le&repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator&tag=v5.1.7-2", }, }, }, { category: "product_version", name: "openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le", product: { name: "openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le", product_id: "openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le", product_identification_helper: { purl: "pkg:oci/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016?arch=ppc64le&repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8&tag=v1.0.0-102", }, }, }, { category: "product_version", name: "openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le", product: { name: "openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le", product_id: "openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le", product_identification_helper: { purl: "pkg:oci/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4?arch=ppc64le&repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8&tag=v6.8.1-98", }, }, }, { category: "product_version", name: "openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le", product: { name: "openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le", product_id: "openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le", product_identification_helper: { purl: "pkg:oci/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6?arch=ppc64le&repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8&tag=v0.3.0-97", }, }, }, { category: "product_version", name: "openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le", product: { name: "openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le", product_id: "openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le", product_identification_helper: { purl: "pkg:oci/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff?arch=ppc64le&repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8&tag=v1.7.4-102", }, }, }, { category: "product_version", name: "openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le", product: { name: "openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le", product_id: "openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le", product_identification_helper: { purl: "pkg:oci/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc?arch=ppc64le&repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8&tag=v6.8.1-108", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64", product: { name: "openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64", product_id: "openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64", product_identification_helper: { purl: "pkg:oci/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec?arch=amd64&repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator&tag=v5.1.7-2", }, }, }, { category: "product_version", name: "openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64", product: { name: "openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64", product_id: "openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64", product_identification_helper: { purl: "pkg:oci/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9?arch=amd64&repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle&tag=v5.1.7-3", }, }, }, { category: "product_version", name: "openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64", product: { name: "openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64", product_id: "openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64", product_identification_helper: { purl: "pkg:oci/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab?arch=amd64&repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator&tag=v5.1.7-2", }, }, }, { category: "product_version", name: "openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64", product: { name: "openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64", product_id: "openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64", product_identification_helper: { purl: "pkg:oci/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99?arch=amd64&repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle&tag=v5.1.7-3", }, }, }, { category: "product_version", name: "openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64", product: { name: "openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64", product_id: "openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64", product_identification_helper: { purl: "pkg:oci/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7?arch=amd64&repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8&tag=v1.0.0-102", }, }, }, { category: "product_version", name: "openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64", product: { name: "openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64", product_id: "openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64", product_identification_helper: { purl: "pkg:oci/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4?arch=amd64&repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8&tag=v6.8.1-98", }, }, }, { category: "product_version", name: "openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64", product: { name: "openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64", product_id: "openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64", product_identification_helper: { purl: "pkg:oci/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f?arch=amd64&repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8&tag=v0.3.0-97", }, }, }, { category: "product_version", name: "openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64", product: { name: "openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64", product_id: "openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64", product_identification_helper: { purl: "pkg:oci/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217?arch=amd64&repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8&tag=v1.7.4-102", }, }, }, { category: "product_version", name: "openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64", product: { name: "openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64", product_id: "openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64", product_identification_helper: { purl: "pkg:oci/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21?arch=amd64&repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8&tag=v6.8.1-108", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64 as a component of OpenShift Logging 5.1", product_id: "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64", }, product_reference: "openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64", relates_to_product_reference: "8Base-OSE-LOGGING-5.1", }, { category: "default_component_of", full_product_name: { name: "openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x as a component of OpenShift Logging 5.1", product_id: "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x", }, product_reference: "openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x", relates_to_product_reference: "8Base-OSE-LOGGING-5.1", }, { category: "default_component_of", full_product_name: { name: "openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64 as a component of OpenShift Logging 5.1", product_id: "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64", }, product_reference: "openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64", relates_to_product_reference: "8Base-OSE-LOGGING-5.1", }, { category: "default_component_of", full_product_name: { name: "openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le as a component of OpenShift Logging 5.1", product_id: "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le", }, product_reference: "openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le", relates_to_product_reference: "8Base-OSE-LOGGING-5.1", }, { category: "default_component_of", full_product_name: { name: "openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64 as a component of OpenShift Logging 5.1", product_id: "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64", }, product_reference: "openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64", relates_to_product_reference: "8Base-OSE-LOGGING-5.1", }, { category: "default_component_of", full_product_name: { name: "openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64 as a component of OpenShift Logging 5.1", product_id: "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64", }, product_reference: "openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64", relates_to_product_reference: "8Base-OSE-LOGGING-5.1", }, { category: "default_component_of", full_product_name: { name: "openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x as a component of OpenShift Logging 5.1", product_id: "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x", }, product_reference: "openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x", relates_to_product_reference: "8Base-OSE-LOGGING-5.1", }, { category: "default_component_of", full_product_name: { name: "openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le as a component of OpenShift Logging 5.1", product_id: "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le", }, product_reference: "openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le", relates_to_product_reference: "8Base-OSE-LOGGING-5.1", }, { category: "default_component_of", full_product_name: { name: "openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le as a component of OpenShift Logging 5.1", product_id: "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le", }, product_reference: "openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le", relates_to_product_reference: "8Base-OSE-LOGGING-5.1", }, { category: "default_component_of", full_product_name: { name: "openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x as a component of OpenShift Logging 5.1", product_id: "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x", }, product_reference: "openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x", relates_to_product_reference: "8Base-OSE-LOGGING-5.1", }, { category: "default_component_of", full_product_name: { name: "openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64 as a component of OpenShift Logging 5.1", product_id: "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64", }, product_reference: "openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64", relates_to_product_reference: "8Base-OSE-LOGGING-5.1", }, { category: "default_component_of", full_product_name: { name: "openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64 as a component of OpenShift Logging 5.1", product_id: "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64", }, product_reference: "openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64", relates_to_product_reference: "8Base-OSE-LOGGING-5.1", }, { category: "default_component_of", full_product_name: { name: "openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x as a component of OpenShift Logging 5.1", product_id: "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x", }, product_reference: "openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x", relates_to_product_reference: "8Base-OSE-LOGGING-5.1", }, { category: "default_component_of", full_product_name: { name: "openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le as a component of OpenShift Logging 5.1", product_id: "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le", }, product_reference: "openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le", relates_to_product_reference: "8Base-OSE-LOGGING-5.1", }, { category: "default_component_of", full_product_name: { name: "openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x as a component of OpenShift Logging 5.1", product_id: "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x", }, product_reference: "openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x", relates_to_product_reference: "8Base-OSE-LOGGING-5.1", }, { category: "default_component_of", full_product_name: { name: "openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64 as a component of OpenShift Logging 5.1", product_id: "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64", }, product_reference: "openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64", relates_to_product_reference: "8Base-OSE-LOGGING-5.1", }, { category: "default_component_of", full_product_name: { name: "openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le as a component of OpenShift Logging 5.1", product_id: "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le", }, product_reference: "openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le", relates_to_product_reference: "8Base-OSE-LOGGING-5.1", }, { category: "default_component_of", full_product_name: { name: "openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64 as a component of OpenShift Logging 5.1", product_id: "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64", }, product_reference: "openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64", relates_to_product_reference: "8Base-OSE-LOGGING-5.1", }, { category: "default_component_of", full_product_name: { name: "openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le as a component of OpenShift Logging 5.1", product_id: "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le", }, product_reference: "openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le", relates_to_product_reference: "8Base-OSE-LOGGING-5.1", }, { category: "default_component_of", full_product_name: { name: "openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x as a component of OpenShift Logging 5.1", product_id: "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x", }, product_reference: "openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x", relates_to_product_reference: "8Base-OSE-LOGGING-5.1", }, { category: "default_component_of", full_product_name: { name: "openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x as a component of OpenShift Logging 5.1", product_id: "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x", }, product_reference: "openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x", relates_to_product_reference: "8Base-OSE-LOGGING-5.1", }, { category: "default_component_of", full_product_name: { name: "openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64 as a component of OpenShift Logging 5.1", product_id: "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64", }, product_reference: "openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64", relates_to_product_reference: "8Base-OSE-LOGGING-5.1", }, { category: "default_component_of", full_product_name: { name: "openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le as a component of OpenShift Logging 5.1", product_id: "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le", }, product_reference: "openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le", relates_to_product_reference: "8Base-OSE-LOGGING-5.1", }, ], }, vulnerabilities: [ { cve: "CVE-2021-27292", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2021-03-17T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1940613", }, ], notes: [ { category: "description", text: "A regular expression denial of service (ReDoS) vulnerability was found in the npm library `ua-parser-js`. If a supplied user agent matches the `Noble` string and contains many spaces then the regex will conduct backtracking, taking an ever increasing amount of time depending on the number of spaces supplied. An attacker can use this vulnerability to potentially craft a malicious user agent resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "nodejs-ua-parser-js: ReDoS via malicious User-Agent header", title: "Vulnerability summary", }, { category: "other", text: "While some components do package a vulnerable version of ua-parser-js, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM) \n - Red Hat OpenShift Jaeger (RHOSJ)\n - Red Hat OpenShift Logging\n\nThe OCP presto-container does ship the vulnerable component, however since OCP 4.6 the Metering product has been deprecated [1], set as wont-fix and may be fixed in a future release.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships graphql-tools that pulls 0.7.23 version of ua-parser-js that uses the affected code.\n\n[1] - https://access.redhat.com/solutions/5707561", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le", ], known_not_affected: [ "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-27292", }, { category: "external", summary: "RHBZ#1940613", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1940613", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-27292", url: "https://www.cve.org/CVERecord?id=CVE-2021-27292", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-27292", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-27292", }, { category: "external", summary: "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76", url: "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76", }, ], release_date: "2021-02-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-01-20T21:39:00+00:00", details: "For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nFor Red Hat OpenShift Logging 5.1, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.8/logging/cluster-logging-upgrading.html", product_ids: [ "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:0226", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "nodejs-ua-parser-js: ReDoS via malicious User-Agent header", }, { cve: "CVE-2021-44832", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2021-12-28T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2035951", }, ], notes: [ { category: "description", text: "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.", title: "Vulnerability description", }, { category: "summary", text: "log4j-core: remote code execution via JDBC Appender", title: "Vulnerability summary", }, { category: "other", text: "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le", ], known_not_affected: [ "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-44832", }, { category: "external", summary: "RHBZ#2035951", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2035951", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-44832", url: "https://www.cve.org/CVERecord?id=CVE-2021-44832", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-44832", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-44832", }, { category: "external", summary: "https://issues.apache.org/jira/browse/LOG4J2-3293", url: "https://issues.apache.org/jira/browse/LOG4J2-3293", }, ], release_date: "2021-12-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-01-20T21:39:00+00:00", details: "For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nFor Red Hat OpenShift Logging 5.1, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.8/logging/cluster-logging-upgrading.html", product_ids: [ "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:0226", }, { category: "workaround", details: "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.", product_ids: [ "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le", "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x", "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64", "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "log4j-core: remote code execution via JDBC Appender", }, ], }
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.