Test ID:	1.3.6.1.4.1.25623.1.0.854403
Category:	SuSE Local Security Checks
Title:	openSUSE: Security Advisory for log4j12 (openSUSE-SU-2021:1612-1)
Summary:	The remote host is missing an update for the 'log4j12'; package(s) announced via the openSUSE-SU-2021:1612-1 advisory.
Description:	Summary: The remote host is missing an update for the 'log4j12' package(s) announced via the openSUSE-SU-2021:1612-1 advisory. Vulnerability Insight: This update for log4j12 fixes the following issues: - CVE-2021-4104: Disable the JMSAppender class from log4j to protect against the log4jshell vulnerability. [bsc#1193662] This update was imported from the SUSE:SLE-15-SP2:Update update project. Affected Software/OS: 'log4j12' package(s) on openSUSE Leap 15.2. Solution: Please install the updated package(s). CVSS Score: 6.0 CVSS Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2021-4104 CERT/CC vulnerability note: VU#930724 https://www.kb.cert.org/vuls/id/930724 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0033 https://security.netapp.com/advisory/ntap-20211223-0007/ https://security.gentoo.org/glsa/202209-02 https://security.gentoo.org/glsa/202310-16 https://security.gentoo.org/glsa/202312-02 https://security.gentoo.org/glsa/202312-04 https://access.redhat.com/security/cve/CVE-2021-4104 https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126 https://www.cve.org/CVERecord?id=CVE-2021-44228 https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpujul2022.html http://www.openwall.com/lists/oss-security/2022/01/18/3
Copyright	Copyright (C) 2022 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.