Uploaded image for project: 'logback'
  1. logback
  2. LOGBACK-1591 Possibility of vulnerability - registered as CVE-2021-42550
  3. LOGBACK-1593

sessionViaJNDI function of SMTPAppender may suffers from jndi injections

    XMLWordPrintable

Details

    Description

      Hello friend! Similar to CVE-2021-4104, in logback's SMTPAppender, it is possible to override the configuration to enable sessionViaJNDI and specify jndiLocation as a malicious jndi server, leading to jndi injection and even RCE. more details in the attached pdf

      Attachments

        1. poc.pdf
          691 kB
          Diggid

        Activity

          People

            ceki Ceki Gülcü
            Diggid Diggid
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: