CVE-2021-42550: RCE from attacker with configuration edit priviledges through JNDI lookup

Published Dec 16, 2021
·
Updated

A flaw was found in the logback package. When using a specially-crafted configuration, this issue could allow a remote authenticated attacker to execute arbitrary code loaded from LDAP servers.

Other sources

In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.

Affected Software

20 affected componentsFixes available
redhat/candlepin<0:4.1.13-1.el7
0:4.1.13-1.el7
redhat/candlepin<0:4.1.13-1.el8
0:4.1.13-1.el8
qos logback<=1.2.7
qos logback=1.3.0-alpha0
qos logback=1.3.0-alpha1
qos logback=1.3.0-alpha10
qos logback=1.3.0-alpha2
qos logback=1.3.0-alpha3
qos logback=1.3.0-alpha4
qos logback=1.3.0-alpha5
qos logback=1.3.0-alpha6
qos logback=1.3.0-alpha7
qos logback=1.3.0-alpha8
qos logback=1.3.0-alpha9
redhat Satellite=6.0
NetApp Cloud Manager
NetApp Service Level Manager
NetApp Snap Creator Framework
Siemens SINEC NMS<1.0.3
redhat/logback-classic<1.2.9
1.2.9

Remediation

Patch Available

https://jira.qos.ch/browse/LOGBACK-1591

Information

upgrade to >=1.2.9 or >=1.3.0-alpha11

Event History

Dec 16, 2021
CVE Published
via MITRE·12:00 AM
Data Sourced
via MITRE·12:00 AM
RemedyDescriptionSeverityWeakness
Dec 17, 2021
Data Sourced
via Red Hat·09:22 AM
DescriptionSeverityAffected Software

Parent advisories

This vulnerability appears in the following advisories.

Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is CVE-2021-42550?

CVE-2021-42550 is a vulnerability found in the logback package that allows an attacker to execute arbitrary code loaded from LDAP servers.

2

What is the severity of CVE-2021-42550?

CVE-2021-42550 has a severity level of high.

3

Which versions of logback are affected by CVE-2021-42550?

Logback versions 1.2.7 and prior are affected by CVE-2021-42550.

4

How can I fix CVE-2021-42550?

To fix CVE-2021-42550, upgrade to logback version 1.2.9 or higher.

5

Where can I find more information about CVE-2021-42550?

You can find more information about CVE-2021-42550 at the following references: [CVE-2021-42550](https://cve.report/CVE-2021-42550), [LOGBACK-1591](https://jira.qos.ch/browse/LOGBACK-1591), [RHSA-2022:1108](https://access.redhat.com/errata/RHSA-2022:1108).

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203