CVE-2022-23305— SQL injection in JDBC Appender in Apache Log4j V1
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-23305
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SQL injection in JDBC Appender in Apache Log4j V1
Source: NVD (National Vulnerability Database)
Vulnerability Description
By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default. Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Apache Log4j SQL注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Apache Log4j是美国阿帕奇(Apache)基金会的一款基于Java的开源日志记录工具。 Apache Log4j 存在SQL注入漏洞,该漏洞源于 Log4j 1.2.x 中的 JDBCAppender 接受 SQL 语句作为配置参数,其中要插入的值是来自 PatternLayout 的转换器。 消息转换器 %m 可能总是包含在内。 这允许攻击者通过将精心制作的字符串输入到记录的应用程序的输入字段或标题中来操纵 SQL,从而允许执行意外的 SQL 查询。 请注意,此问题仅在专门配置为使用 JDBC
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Apache Software Foundation | Apache Log4j 1.x | 1.2.1 ~ unspecified | - |
II. Public POCs for CVE-2022-23305
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint. | https://github.com/HynekPetrak/log4shell-finder | POC Details |
| 2 | test 反向辣鸡数据投放 CVE-2022-23305 工具 利用 教程 Exploit POC | https://github.com/AlphabugX/CVE-2022-RCE | POC Details |
| 3 | CVE-2022-23305 Log4J JDBCAppender SQl injection POC | https://github.com/tkomlodi/CVE-2022-23305_POC | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-23305
请登录查看更多情报信息。
- https://logging.apache.org/log4j/1.2/index.htmlx_refsource_MISC
- https://lists.apache.org/thread/pt6lh3pbsvxqlwlp4c5l798dv2hkc85yx_refsource_MISC
- https://security.netapp.com/advisory/ntap-20220217-0007/x_refsource_CONFIRM
- https://www.oracle.com/security-alerts/cpujul2022.htmlx_refsource_MISC
- https://www.oracle.com/security-alerts/cpuapr2022.htmlx_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2022-23305
Same Patch Batch · Apache Software Foundation · 2022-01-18 · 3 CVEs total
| CVE-2022-23302 | Deserialization of untrusted data in JMSSink in Apache Log4j 1.x | |
| CVE-2022-23307 | A deserialization flaw in the Chainsaw component of Log4j 1 can lead to malicious code exe |
IV. Related Vulnerabilities
Same vendor: Apache Software Foundation
- CVE-2026-39816
Apache NiFi: Missing Execute Code Required Permission on Tin - CVE-2026-25199
Apache CloudStack: Proxmox Extension Allows Unauthorized Cro - CVE-2026-25077
Apache CloudStack: Unauthenticated Command Injection in Dire - CVE-2025-69233
Apache CloudStack: Domain/account resources limits not honor - CVE-2025-66467
Apache CloudStack: MinIO policy remains intact on bucket del
Same weakness: CWE-89
- CVE-2021-47941
WordPress Plugin Survey & Poll 1.5.7.3 SQL Injection via sss - CVE-2021-47930
Balbooa Joomla Forms Builder 2.0.6 SQL Injection Unauthentic - CVE-2021-47928
Opencart TMD Vendor System 3.x Blind SQL Injection via produ - CVE-2026-8231
CodeAstro Online Catering Ordering System deleteorder.php sq - CVE-2025-14179
SQL injection in pdo_firebird via NUL bytes in quoted string
V. Comments for CVE-2022-23305
No comments yet