Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
| Vendor | Product | Versions | Fixed In |
|---|---|---|---|
| oracle | insurance_rules_palette | - | - |
| oracle | insurance_rules_palette | - | - |
| oracle | insurance_rules_palette |
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
101
Affected Products
98
References
oracle / insurance_rules_palette
| - |
| - |
| oracle | insurance_rules_palette | - | - |
| oracle | jd_edwards_world_security | - | - |
| oracle | oracle_goldengate_application_adapters | - | - |
| oracle | peoplesoft_enterprise_peopletools | - | - |
| oracle | peoplesoft_enterprise_peopletools | - | - |
| oracle | peoplesoft_enterprise_peopletools | - | - |
| oracle | policy_automation | 12.2.0 - 12.2.20 | - |
| oracle | policy_automation_connector_for_siebel | - | - |
| oracle | policy_automation_for_mobile_devices | 12.2.0 - 12.2.20 | - |
| oracle | primavera_unifier | - | - |
| oracle | primavera_unifier | - | - |
| oracle | retail_advanced_inventory_planning | - | - |
| oracle | retail_assortment_planning | - | - |
| oracle | retail_assortment_planning | - | - |
| oracle | retail_bulk_data_integration | - | - |
| oracle | retail_bulk_data_integration | - | - |
| oracle | retail_customer_management_and_segmentation_foundation | - | - |
| oracle | retail_customer_management_and_segmentation_foundation | - | - |
| oracle | retail_customer_management_and_segmentation_foundation | - | - |
| oracle | retail_customer_management_and_segmentation_foundation | - | - |
| oracle | retail_eftlink | - | - |
| oracle | retail_eftlink | - | - |
| oracle | retail_eftlink | - | - |
| oracle | retail_eftlink | - | - |
| oracle | retail_eftlink | - | - |
| oracle | retail_insights_cloud_service_suite | - | - |
| oracle | retail_integration_bus | - | - |
| oracle | retail_integration_bus | - | - |
| oracle | retail_integration_bus | - | - |
| oracle | retail_order_broker_cloud_service | - | - |
| oracle | retail_order_broker_cloud_service | - | - |
| oracle | retail_order_broker_cloud_service | - | - |
| oracle | retail_order_broker_cloud_service | - | - |
| oracle | retail_order_broker_cloud_service | - | - |
| oracle | retail_order_broker_cloud_service | - | - |
| oracle | retail_predictive_application_server | - | - |
| oracle | retail_predictive_application_server | - | - |
| oracle | retail_predictive_application_server | - | - |
| oracle | retail_xstore_point_of_service | - | - |
| oracle | retail_xstore_point_of_service | - | - |
| oracle | retail_xstore_point_of_service | - | - |
| oracle | retail_xstore_point_of_service | - | - |
| oracle | retail_xstore_point_of_service | - | - |
| oracle | siebel_apps_-_marketing | 21.9 | - |
| oracle | siebel_ui_framework | 21.2 | - |
| oracle | spatial_and_graph | - | - |
| oracle | spatial_and_graph | - | - |
| oracle | spatial_and_graph | - | - |
| oracle | storagetek_acsls | - | - |
| oracle | storagetek_tape_analytics_sw_tool | - | - |
| oracle | utilities_framework | 4.3.0.1.0 - 4.3.0.6.0 | - |
| oracle | utilities_framework | - | - |
| oracle | utilities_framework | - | - |
| oracle | utilities_framework | - | - |
| oracle | utilities_framework | - | - |
| oracle | utilities_framework | - | - |
| oracle | weblogic_server | - | - |
| debian | debian_linux | - | - |
| debian | debian_linux | - | - |
| debian | debian_linux | - | - |
| qos | reload4j | 1.2.18.3 | - |
| apache | log4j | 2.0 - 2.3.2 | - |
| apache | log4j | 2.4 - 2.12.3 | - |
| apache | log4j | 2.13.0 - 2.13.2 | - |
| oracle | communications_application_session_controller | - | - |
| oracle | communications_billing_and_revenue_management | - | - |
| oracle | communications_billing_and_revenue_management | - | - |
| oracle | communications_eagle_ftp_table_base_retrieval | - | - |
| oracle | communications_offline_mediation_controller | - | - |
| oracle | communications_services_gatekeeper | - | - |
| oracle | communications_unified_inventory_management | - | - |
| oracle | communications_unified_inventory_management | - | - |
| oracle | data_integrator | - | - |
| oracle | data_integrator | - | - |
| oracle | enterprise_manager_for_peoplesoft | - | - |
| oracle | financial_services_analytical_applications_infrastructure | 8.0.6.0.0 - 8.1.0.0.0 | - |
| oracle | financial_services_institutional_performance_analytics | - | - |
| oracle | financial_services_institutional_performance_analytics | - | - |
| oracle | financial_services_institutional_performance_analytics | - | - |
| oracle | financial_services_market_risk_measurement_and_management | - | - |
| oracle | financial_services_market_risk_measurement_and_management | - | - |
| oracle | financial_services_market_risk_measurement_and_management | - | - |
| oracle | financial_services_price_creation_and_discovery | - | - |
| oracle | financial_services_price_creation_and_discovery | - | - |
| oracle | financial_services_retail_customer_analytics | - | - |
| oracle | flexcube_core_banking | 11.5.0 - 11.7.0 | - |
| oracle | flexcube_core_banking | - | - |
| oracle | flexcube_private_banking | - | - |
| oracle | flexcube_private_banking | - | - |
| oracle | health_sciences_information_manager | - | - |
| oracle | insurance_insbridge_rating_and_underwriting | 5.0.0.0 - 5.6.0.0 | - |
| oracle | insurance_insbridge_rating_and_underwriting | - | - |
| oracle | insurance_policy_administration_j2ee | - | - |
| oracle | insurance_policy_administration_j2ee | - | - |
| oracle | insurance_policy_administration_j2ee | - | - |
| oracle | insurance_policy_administration_j2ee | - | - |
| oracle | insurance_policy_administration_j2ee | - | - |
| oracle | insurance_rules_palette | - | - |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Exploitability
Impact