CVE-2022-23305
- Source
- https://cve.org/CVERecord?id=CVE-2022-23305
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-23305.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-23305
- Aliases
- Downstream
- Related
- Published
- 2022-01-18T16:15:08.350Z
- Modified
- 2026-04-02T07:48:27.042638Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default. Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
- References
-
- http://www.openwall.com/lists/oss-security/2022/01/18/4
- https://logging.apache.org/log4j/1.2/index.html
- https://security.netapp.com/advisory/ntap-20220217-0007/
- https://lists.apache.org/thread/pt6lh3pbsvxqlwlp4c5l798dv2hkc85y
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
Affected packages
Git / github.com/qos-ch/reload4j
Affected ranges
- Type
- GIT
- Repo
- https://github.com/qos-ch/reload4j
- Events
-
IntroducedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedFixed
- Database specific
{ "versions": [ { "introduced": "1.2" }, { "last_affected": "1.2.17" }, { "introduced": "0" }, { "fixed": "1.2.18.2" } ] }
Affected versions
1.*
1.3alpha-7
Other
CHAINSAW_2_SANDBOX_MERGE
CORE_VERSION
LEVEL_REPLACES_PRIORITY
PREALPHA_1_3_AS_OF_2004_05_12
PRE_CHAINSAW_MODEL_CONVERSION
PRE_UGLI_MOVE
TAG_CHAINSAW2_MOVE
v1_2_1
v1_2_10-recalled
v1_2_11
v1_2_11_rc1
v1_2_11rc3
v1_2_12
v1_2_12_rc1
v1_2_12_rc2
v1_2_12_rc3
v1_2_12_rc4
v1_2_12_rc5
v1_2_12_rc6
v1_2_13
v1_2_13_rc1
v1_2_13_rc2
v1_2_13_site_update
v1_2_14
v1_2_14_maven
v1_2_14_rc1
v1_2_14_site_update
v1_2_15
v1_2_15_rc1
v1_2_15_rc2
v1_2_15_rc3
v1_2_15_rc4
v1_2_15_rc5
v1_2_15_rc6
v1_2_16
v1_2_16_rc1
v1_2_16_rc2
v1_2_17
v1_2_17-rc1
v1_2_17_rc1
v1_2_17_rc2
v1_2_17_rc3
v1_2_2
v1_2_3
v1_2_4
v1_2_6
v1_2_7
v1_2_9
v1_2_alpha0
v1_2_alpha7
v1_2beta1
v1_2final
v1_3alpha_1
v1_3alpha_6
v_1_0
v_1_0_1
v_1_0_4
v_1_1
v_1_1_1
v_1_1_2
v_1_1_3
v_1_1_b1
v_1_1b2
v_1_1b3
v_1_1b5
v_1_1b6
v_1_1b7
v_1_2beta3
log4j-1.*
log4j-1.2.17
log4j-1.2.17-rc1
v1.*
v1.3alpha8
v1.3alpha8-temp
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "12.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "12.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "5.9.0.0.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "12.2.1.3.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "12.2.1.4.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "12.2.1.3.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "12.2.1.4.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "10.0.1.5.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.3.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "12.0.0.4.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "12.0.0.5.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.4.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.4.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.2.1.1.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.2.1.1.1"
}
]
},
{
"events": [
{
"introduced": "12.2.3"
},
{
"last_affected": "12.2.11"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "13.4.0.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "13.5.0.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.7.0.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.7.0.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.8.0.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.1.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.2.8.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.2.8.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "12.2.1.3.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "12.2.1.4.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "11.1.1.5.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "12.2.1.3.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "12.2.1.4.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.0.29"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "13.2.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "12.2.2.0.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "12.2.1.3.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "12.2.1.4.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "14.1.1.0.0"
}
]
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-23305.json"
vanir_signatures
[
{
"target": {
"file": "src/main/java/org/apache/log4j/jdbc/JDBCAppender.java"
},
"digest": {
"line_hashes": [
"112162913241375894110606264299498013996",
"253534222109106049614853936797861782602",
"201900920781979937231260951296232883245",
"274959824624165360624456804288197413227",
"251618482475154015674895815178174011072",
"41722033093359923112412689341977416624",
"98355026312370344746140443820758271415",
"35916872810092410682540961324814087555"
],
"threshold": 0.9
},
"signature_type": "Line",
"deprecated": false,
"source": "https://github.com/qos-ch/reload4j/commit/07225cff489eacef093939951c1edd80af14fbce",
"signature_version": "v1",
"id": "CVE-2022-23305-8a14b441"
},
{
"target": {
"function": "getLogStatement",
"file": "src/main/java/org/apache/log4j/jdbc/JDBCAppender.java"
},
"digest": {
"function_hash": "270684450888807159696430132664370127464",
"length": 77.0
},
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/qos-ch/reload4j/commit/07225cff489eacef093939951c1edd80af14fbce",
"signature_version": "v1",
"id": "CVE-2022-23305-f76247cf"
}
]