HomeSiemensCVE-2021-44228

CVE-2021-44228

CRITICAL
10.0CVSS
Published: 2021-12-10
Updated: 2025-10-27
AI Analysis

Description

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.

CVSS Metrics

Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector
network
Complexity
low
Privileges
none
User Action
none
Scope
changed
Confidentiality
high
Integrity
high
Availability
high
Weaknesses
CWE-20CWE-400CWE-502CWE-917

Metadata

Primary Vendor
SIEMENS
Published
12/10/2021
Last Modified
10/27/2025
Source
NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

siemens : 6bk1602-0aa12-0tp0_firmwaresiemens : 6bk1602-0aa22-0tp0_firmwaresiemens : 6bk1602-0aa32-0tp0_firmwaresiemens : 6bk1602-0aa42-0tp0_firmwaresiemens : 6bk1602-0aa52-0tp0_firmwareapache : log4japache : log4japache : log4japache : log4japache : log4japache : log4japache : log4jsiemens : sppa-t3000_ses3000_firmwaresiemens : capitalsiemens : capitalsiemens : capitalsiemens : comossiemens : desigo_cc_advanced_reportssiemens : desigo_cc_advanced_reportssiemens : desigo_cc_advanced_reportssiemens : desigo_cc_advanced_reportssiemens : desigo_cc_advanced_reportssiemens : desigo_cc_advanced_reportssiemens : desigo_cc_info_centersiemens : desigo_cc_info_centersiemens : e-car_operation_centersiemens : energy_engagesiemens : energyipsiemens : energyipsiemens : energyipsiemens : energyipsiemens : energyip_prepaysiemens : gma-managersiemens : head-end_system_universal_device_integration_systemsiemens : industrial_edge_managementsiemens : industrial_edge_management_hubsiemens : logo\!_soft_comfortsiemens : mendixsiemens : mindspheresiemens : navigatorsiemens : nxsiemens : opcenter_intelligencesiemens : operation_schedulersiemens : sentron_powermanagersiemens : sentron_powermanagersiemens : siguard_dsasiemens : sipass_integratedsiemens : sipass_integratedsiemens : siveillance_commandsiemens : siveillance_control_prosiemens : siveillance_identitysiemens : siveillance_identitysiemens : siveillance_vantagesiemens : siveillance_viewpointsiemens : solid_edge_cam_prosiemens : solid_edge_harness_designsiemens : solid_edge_harness_designsiemens : solid_edge_harness_designsiemens : solid_edge_harness_designsiemens : spectrum_power_4siemens : spectrum_power_4siemens : spectrum_power_4siemens : spectrum_power_4siemens : spectrum_power_7siemens : spectrum_power_7siemens : spectrum_power_7siemens : spectrum_power_7siemens : teamcentersiemens : vesyssiemens : vesyssiemens : vesyssiemens : vesyssiemens : vesyssiemens : vesyssiemens : xpedition_enterprisesiemens : xpedition_package_integratorintel : computer_vision_annotation_toolintel : datacenter_managerintel : genomics_kernel_libraryintel : oneapi_sample_browserintel : secure_device_onboardintel : system_studiodebian : debian_linuxdebian : debian_linuxdebian : debian_linuxfedoraproject : fedorafedoraproject : fedorasonicwall : email_securitynetapp : active_iq_unified_managernetapp : active_iq_unified_managernetapp : active_iq_unified_managernetapp : brocade_san_navigatornetapp : cloud_insightsnetapp : cloud_managernetapp : cloud_secure_agentnetapp : oncommand_insightnetapp : ontap_toolsnetapp : snapcenternetapp : solidfire_\&_hci_storage_nodenetapp : solidfire_enterprise_sdscisco : advanced_malware_protection_virtual_private_cloud_appliancecisco : automated_subsea_tuningcisco : broadworkscisco : business_process_automationcisco : business_process_automationcisco : business_process_automationcisco : cloud_connectcisco : cloudcentercisco : cloudcenter_cost_optimizercisco : cloudcenter_suite_admincisco : cloudcenter_workload_managercisco : common_services_platform_collectorcisco : common_services_platform_collectorcisco : connected_mobile_experiencescisco : contact_center_domain_managercisco : contact_center_management_portalcisco : crosswork_data_gatewaycisco : crosswork_data_gatewaycisco : crosswork_network_controllercisco : crosswork_network_controllercisco : crosswork_optimization_enginecisco : crosswork_optimization_enginecisco : crosswork_platform_infrastructurecisco : crosswork_platform_infrastructurecisco : crosswork_zero_touch_provisioningcisco : crosswork_zero_touch_provisioningcisco : customer_experience_cloud_agentcisco : cyber_vision_sensor_management_extensioncisco : data_center_network_managercisco : data_center_network_managercisco : dna_centercisco : dna_centercisco : dna_centercisco : dna_spaces\cisco : emergency_respondercisco : enterprise_chat_and_emailcisco : evolved_programmable_network_managercisco : finessecisco : finessecisco : fog_directorcisco : identity_services_enginecisco : identity_services_enginecisco : integrated_management_controller_supervisorcisco : intersight_virtual_appliancecisco : iot_operations_dashboardcisco : network_assurance_enginecisco : network_services_orchestratorcisco : network_services_orchestratorcisco : network_services_orchestratorcisco : network_services_orchestratorcisco : nexus_dashboardcisco : nexus_insightscisco : optical_network_controllercisco : packaged_contact_center_enterprisecisco : packaged_contact_center_enterprisecisco : paging_servercisco : prime_service_catalogcisco : sd-wan_vmanagecisco : sd-wan_vmanagecisco : sd-wan_vmanagecisco : sd-wan_vmanagecisco : smart_phycisco : ucs_centralcisco : ucs_directorcisco : unified_communications_managercisco : unified_communications_managercisco : unified_communications_managercisco : unified_communications_managercisco : unified_communications_managercisco : unified_communications_managercisco : unified_communications_manager_im_and_presence_servicecisco : unified_communications_manager_im_and_presence_servicecisco : unified_contact_center_enterprisecisco : unified_contact_center_enterprisecisco : unified_contact_center_expresscisco : unified_customer_voice_portalcisco : unified_customer_voice_portalcisco : unified_customer_voice_portalcisco : unified_customer_voice_portalcisco : unified_intelligence_centercisco : unity_connectioncisco : video_surveillance_operations_managercisco : virtual_topology_systemcisco : virtualized_infrastructure_managercisco : virtualized_infrastructure_managercisco : virtualized_voice_browsercisco : wan_automation_enginecisco : webex_meetings_servercisco : webex_meetings_servercisco : webex_meetings_servercisco : webex_meetings_servercisco : webex_meetings_servercisco : webex_meetings_servercisco : webex_meetings_servercisco : webex_meetings_servercisco : webex_meetings_servercisco : webex_meetings_servercisco : webex_meetings_servercisco : webex_meetings_servercisco : webex_meetings_servercisco : webex_meetings_servercisco : webex_meetings_servercisco : workload_optimization_managercisco : unified_sip_proxycisco : unified_workforce_optimizationcisco : fxoscisco : fxoscisco : fxoscisco : fxoscisco : fxoscisco : fxoscisco : fxoscisco : fxoscisco : automated_subsea_tuningcisco : broadworkscisco : cloudcenter_suitecisco : cloudcenter_suitecisco : cloudcenter_suitecisco : cloudcenter_suitecisco : cloudcenter_suitecisco : common_services_platform_collectorcisco : common_services_platform_collectorcisco : common_services_platform_collectorcisco : common_services_platform_collectorcisco : common_services_platform_collectorcisco : common_services_platform_collectorcisco : common_services_platform_collectorcisco : connected_analytics_for_network_deploymentcisco : connected_analytics_for_network_deploymentcisco : connected_analytics_for_network_deploymentcisco : connected_analytics_for_network_deploymentcisco : connected_analytics_for_network_deploymentcisco : connected_analytics_for_network_deploymentcisco : connected_analytics_for_network_deploymentcisco : connected_analytics_for_network_deploymentcisco : connected_analytics_for_network_deploymentcisco : connected_analytics_for_network_deploymentcisco : connected_analytics_for_network_deploymentcisco : connected_analytics_for_network_deploymentcisco : crosswork_network_automationcisco : crosswork_network_automationcisco : crosswork_network_automationcisco : crosswork_network_automationcisco : crosswork_network_automationcisco : cx_cloud_agentcisco : cyber_visioncisco : cyber_vision_sensor_management_extensioncisco : dna_centercisco : dna_spacescisco : dna_spaces_connectorcisco : emergency_respondercisco : emergency_respondercisco : emergency_respondercisco : enterprise_chat_and_emailcisco : enterprise_chat_and_emailcisco : enterprise_chat_and_emailcisco : evolved_programmable_network_managercisco : evolved_programmable_network_managercisco : evolved_programmable_network_managercisco : evolved_programmable_network_managercisco : evolved_programmable_network_managercisco : evolved_programmable_network_managercisco : finessecisco : finessecisco : finessecisco : finessecisco : finessecisco : finessecisco : firepower_threat_defensecisco : firepower_threat_defensecisco : firepower_threat_defensecisco : firepower_threat_defensecisco : firepower_threat_defensecisco : firepower_threat_defensecisco : firepower_threat_defensecisco : firepower_threat_defensecisco : identity_services_enginecisco : identity_services_enginecisco : identity_services_enginecisco : identity_services_enginecisco : identity_services_enginecisco : identity_services_enginecisco : integrated_management_controller_supervisorcisco : integrated_management_controller_supervisorcisco : intersight_virtual_appliancecisco : mobility_services_enginecisco : network_assurance_enginecisco : network_dashboard_fabric_controllercisco : network_dashboard_fabric_controllercisco : network_dashboard_fabric_controllercisco : network_dashboard_fabric_controllercisco : network_dashboard_fabric_controllercisco : network_dashboard_fabric_controllercisco : network_dashboard_fabric_controllercisco : network_dashboard_fabric_controllercisco : network_insights_for_data_centercisco : network_services_orchestratorcisco : optical_network_controllercisco : paging_servercisco : paging_servercisco : paging_servercisco : paging_servercisco : paging_servercisco : paging_servercisco : paging_servercisco : paging_servercisco : prime_service_catalogcisco : sd-wan_vmanagecisco : sd-wan_vmanagecisco : sd-wan_vmanagecisco : sd-wan_vmanagecisco : sd-wan_vmanagecisco : sd-wan_vmanagecisco : sd-wan_vmanagecisco : smart_phycisco : smart_phycisco : smart_phycisco : smart_phycisco : smart_phycisco : smart_phycisco : ucs_central_softwarecisco : ucs_central_softwarecisco : ucs_central_softwarecisco : ucs_central_softwarecisco : ucs_central_softwarecisco : ucs_central_softwarecisco : ucs_central_softwarecisco : ucs_central_softwarecisco : ucs_central_softwarecisco : ucs_central_softwarecisco : ucs_central_softwarecisco : unified_communications_managercisco : unified_communications_managercisco : unified_communications_managercisco : unified_communications_managercisco : unified_communications_managercisco : unified_communications_manager_im_\&_presence_servicecisco : unified_communications_manager_im_\&_presence_servicecisco : unified_computing_systemcisco : unified_contact_center_enterprisecisco : unified_contact_center_enterprisecisco : unified_contact_center_enterprisecisco : unified_contact_center_enterprisecisco : unified_contact_center_enterprisecisco : unified_contact_center_expresscisco : unified_contact_center_expresscisco : unified_contact_center_expresscisco : unified_contact_center_expresscisco : unified_contact_center_management_portalcisco : unified_customer_voice_portalcisco : unified_customer_voice_portalcisco : unified_customer_voice_portalcisco : unified_customer_voice_portalcisco : unified_intelligence_centercisco : unified_intelligence_centercisco : unified_intelligence_centercisco : unified_intelligence_centercisco : unified_sip_proxycisco : unified_sip_proxycisco : unified_sip_proxycisco : unified_sip_proxycisco : unified_workforce_optimizationcisco : unity_connectioncisco : unity_connectioncisco : video_surveillance_managercisco : video_surveillance_managercisco : video_surveillance_managercisco : video_surveillance_managercisco : virtual_topology_systemcisco : wan_automation_enginecisco : wan_automation_enginecisco : wan_automation_enginecisco : wan_automation_enginecisco : wan_automation_enginecisco : wan_automation_enginecisco : wan_automation_enginecisco : wan_automation_enginecisco : webex_meetings_servercisco : webex_meetings_serversnowsoftware : snow_commandersnowsoftware : vm_access_proxybentley : synchrobentley : synchro_4dpercussion : rhythmyxapple : xcode

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD