CVE-2021-45046
CRITICAL
9,0
Source: [email protected]
Attack Vector: network
Attack Complexity: high
Privileges Required: none
User Interaction: none
Scope: changed
Confidentiality: high
Integrity: high
Availability: high
MEDIUM
5,1
Source: [email protected]
Access Vector: network
Access Complexity: high
Authentication: none
Confidentiality: partial
Integrity: partial
Availability: partial
Description
AI Translation Available
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in an information leak and remote code execution in some environments and local code execution in all environments. Log4j 2.16.0 (Java 8) and 2.12.2 (Java 7) fix this issue by removing support for message lookup patterns and disabling JNDI functionality by default.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,9434
Percentile
1,0th
Updated
EPSS Score Trend (Last 91 Days)
917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
IncompleteCommon Consequences
Security Scopes Affected:
Confidentiality
Integrity
Potential Impacts:
Read Application Data
Execute Unauthorized Code Or Commands
Applicable Platforms
Languages:
Java
Application
Siguard Dsa by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:siguard_dsa:4.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Sipass Integrated by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:sipass_integrated:2.85:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Spectrum Power 4 by Siemens
Version Range Affected
To
4.70
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:spectrum_power_4:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Datacenter Manager by Intel
CPE Identifier
View Detailed Analysis
cpe:2.3:a:intel:datacenter_manager:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Solid Edge Harness Design by Siemens
Version Range Affected
To
2020
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:solid_edge_harness_design:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Captial by Siemens
Version Range Affected
To
2019.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:captial:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Debian Linux by Debian
CPE Identifier
View Detailed Analysis
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Audio Development Kit by Intel
CPE Identifier
View Detailed Analysis
cpe:2.3:a:intel:audio_development_kit:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Gma-Manager by Siemens
Version Range Affected
To
8.6.2j-398
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:gma-manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Spectrum Power 7 by Siemens
Version Range Affected
To
2.30
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:spectrum_power_7:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Log4J by Apache
Version Range Affected
From
2.0.1
(inclusive)
To
2.12.2
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Vesys by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:vesys:2019.1:-:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Log4J by Apache
CPE Identifier
View Detailed Analysis
cpe:2.3:a:apache:log4j:2.0:-:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Spectrum Power 4 by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:spectrum_power_4:4.70:sp7:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Genomics Kernel Library by Intel
CPE Identifier
View Detailed Analysis
cpe:2.3:a:intel:genomics_kernel_library:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Vesys by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:vesys:2019.1:sp1912:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Teamcenter by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:teamcenter:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Xpedition Package Integrator by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:xpedition_package_integrator:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Energyip Prepay by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:energyip_prepay:3.7:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
System Debugger by Intel
CPE Identifier
View Detailed Analysis
cpe:2.3:a:intel:system_debugger:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Secure Device Onboard by Intel
CPE Identifier
View Detailed Analysis
cpe:2.3:a:intel:secure_device_onboard:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Solid Edge Harness Design by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:solid_edge_harness_design:2020:-:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Desigo Cc Advanced Reports by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Logo\! Soft Comfort by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:logo\!_soft_comfort:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Energyip Prepay by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:energyip_prepay:3.8:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Captial by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:captial:2019.1:sp1912:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Siveillance Command by Siemens
Version Range Affected
To
4.16.2.1
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:siveillance_command:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Energy Engage by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:energy_engage:3.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Navigator by Siemens
Version Range Affected
To
2021-12-13
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:navigator:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Siveillance Viewpoint by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:siveillance_viewpoint:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
6Bk1602-0Aa42-0Tp0 Firmware by Siemens
Version Range Affected
To
2.7.0
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:siemens:6bk1602-0aa42-0tp0_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Desigo Cc Info Center by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:desigo_cc_info_center:5.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Energyip by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:energyip:8.7:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Log4J by Apache
CPE Identifier
View Detailed Analysis
cpe:2.3:a:apache:log4j:2.0:beta9:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Solid Edge Cam Pro by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:solid_edge_cam_pro:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Desigo Cc Advanced Reports by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Comos by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:comos:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Tracealertserverplus by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:tracealertserverplus:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Mindsphere by Siemens
Version Range Affected
To
2021-12-11
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:mindsphere:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Mendix by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:mendix:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Siveillance Control Pro by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:siveillance_control_pro:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Oneapi by Intel
CPE Identifier
View Detailed Analysis
cpe:2.3:a:intel:oneapi:-:*:*:*:*:eclipse:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Vesys by Siemens
Version Range Affected
To
2019.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:vesys:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Operation Scheduler by Siemens
Version Range Affected
To
1.1.3
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:operation_scheduler:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Sentron Powermanager by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:sentron_powermanager:4.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Energyip by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:energyip:8.6:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
6Bk1602-0Aa52-0Tp0 Firmware by Siemens
Version Range Affected
To
2.7.0
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:siemens:6bk1602-0aa52-0tp0_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Fedora by Fedoraproject
CPE Identifier
View Detailed Analysis
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Sipass Integrated by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:sipass_integrated:2.80:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Solid Edge Harness Design by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:solid_edge_harness_design:2020:sp2002:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Log4J by Apache
Version Range Affected
From
2.13.0
(inclusive)
To
2.16.0
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Spectrum Power 7 by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:spectrum_power_7:2.30:-:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Siguard Dsa by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:siguard_dsa:4.3:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Solid Edge Harness Design by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:solid_edge_harness_design:2020:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Siveillance Identity by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:siveillance_identity:1.5:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Vesys by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:vesys:2019.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Energyip by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:energyip:8.5:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Computer Vision Annotation Tool by Cvat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:cvat:computer_vision_annotation_tool:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Sentron Powermanager by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:sentron_powermanager:4.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Spectrum Power 7 by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:spectrum_power_7:2.30:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Spectrum Power 4 by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:spectrum_power_4:4.70:-:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Desigo Cc Advanced Reports by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Desigo Cc Info Center by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:desigo_cc_info_center:5.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Fedora by Fedoraproject
CPE Identifier
View Detailed Analysis
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Desigo Cc Advanced Reports by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Xpedition Enterprise by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:xpedition_enterprise:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Head-End System Universal Device Integration System by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:head-end_system_universal_device_integration_system:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
6Bk1602-0Aa32-0Tp0 Firmware by Siemens
Version Range Affected
To
2.7.0
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:siemens:6bk1602-0aa32-0tp0_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Email Security by Sonicwall
Version Range Affected
To
10.0.12
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:sonicwall:email_security:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
E-Car Operation Center by Siemens
Version Range Affected
To
2021-12-13
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:e-car_operation_center:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Log4J by Apache
CPE Identifier
View Detailed Analysis
cpe:2.3:a:apache:log4j:2.0:rc1:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Spectrum Power 7 by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:spectrum_power_7:2.30:sp2:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Desigo Cc Advanced Reports by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
6Bk1602-0Aa12-0Tp0 Firmware by Siemens
Version Range Affected
To
2.7.0
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:siemens:6bk1602-0aa12-0tp0_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Nx by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:nx:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Opcenter Intelligence by Siemens
Version Range Affected
To
3.2
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:opcenter_intelligence:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Siveillance Identity by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:siveillance_identity:1.6:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
6Bk1602-0Aa22-0Tp0 Firmware by Siemens
Version Range Affected
To
2.7.0
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:siemens:6bk1602-0aa22-0tp0_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Energyip by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:energyip:9.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Spectrum Power 4 by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:spectrum_power_4:4.70:sp8:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Industrial Edge Management Hub by Siemens
Version Range Affected
To
2021-12-13
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:industrial_edge_management_hub:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Siguard Dsa by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:siguard_dsa:4.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Industrial Edge Management by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:industrial_edge_management:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Sppa-T3000 Ses3000 Firmware by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:o:siemens:sppa-t3000_ses3000_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Log4J by Apache
CPE Identifier
View Detailed Analysis
cpe:2.3:a:apache:log4j:2.0:rc2:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Sensor Solution Firmware Development Kit by Intel
CPE Identifier
View Detailed Analysis
cpe:2.3:a:intel:sensor_solution_firmware_development_kit:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Siveillance Vantage by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:siveillance_vantage:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Captial by Siemens
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:captial:2019.1:-:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Debian Linux by Debian
CPE Identifier
View Detailed Analysis
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
System Studio by Intel
CPE Identifier
View Detailed Analysis
cpe:2.3:a:intel:system_studio:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021…
https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://logging.apache.org/log4j/2.x/security.html
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
https://security.gentoo.org/glsa/202310-16
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-…
https://www.cve.org/CVERecord?id=CVE-2021-44228
https://www.debian.org/security/2021/dsa-5022
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646…
https://www.kb.cert.org/vuls/id/930724
https://www.oracle.com/security-alerts/alert-cve-2021-44228.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpujul2022.html
http://www.openwall.com/lists/oss-security/2021/12/14/4
http://www.openwall.com/lists/oss-security/2021/12/15/3
http://www.openwall.com/lists/oss-security/2021/12/18/1
https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://logging.apache.org/log4j/2.x/security.html
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
https://security.gentoo.org/glsa/202310-16
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-…
https://www.cve.org/CVERecord?id=CVE-2021-44228
https://www.debian.org/security/2021/dsa-5022
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646…
https://www.kb.cert.org/vuls/id/930724
https://www.oracle.com/security-alerts/alert-cve-2021-44228.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpujul2022.html
http://www.openwall.com/lists/oss-security/2021/12/14/4
http://www.openwall.com/lists/oss-security/2021/12/15/3
http://www.openwall.com/lists/oss-security/2021/12/18/1