Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-4125

It was found that the original fix for log4j CVE-2021-44228 and CVE-2021-45046 in the OpenShift metering hive containers was incomplete, as not all JndiLookup.class files were removed. This CVE only applies to the OpenShift Metering hive container images, shipped in OpenShift 4.8, 4.7 and 4.6.

Published

2022-08-24T16:15:09.483

Last Modified

2024-11-21T06:36:57.310

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.1 (HIGH)

Weaknesses

Type: Secondary
CWE-20
Type: Primary
CWE-502

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	redhat	openshift	< 4.6.52	Yes
Application	redhat	openshift	< 4.7.40	Yes
Application	redhat	openshift	< 4.8.24	Yes

References

https://access.redhat.com/security/cve/CVE-2021-4125 Third Party Advisory ([email protected])
https://access.redhat.com/security/cve/CVE-2021-44228 Third Party Advisory ([email protected])
https://access.redhat.com/security/cve/CVE-2021-45046 Third Party Advisory ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=2033121 Issue Tracking, Patch, Third Party Advisory ([email protected])
https://github.com/kube-reporting/hive/pull/71 Third Party Advisory ([email protected])
https://github.com/kube-reporting/hive/pull/72 Third Party Advisory ([email protected])
https://github.com/kube-reporting/hive/pull/73 Third Party Advisory ([email protected])
https://access.redhat.com/security/cve/CVE-2021-4125 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/security/cve/CVE-2021-44228 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/security/cve/CVE-2021-45046 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=2033121 Issue Tracking, Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/kube-reporting/hive/pull/71 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/kube-reporting/hive/pull/72 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/kube-reporting/hive/pull/73 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)