Main Vulnerability Database Vulnerabilities #VU120231

#VU120231 Improper validation of certificate with host mismatch in Apache Log4j - CVE-2025-68161

Published: December 22, 2025

Vulnerability identifier: #VU120231

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:L/SA:N/E:U/U:Green

CVE-ID: CVE-2025-68161

CWE-ID: CWE-297

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Apache Log4j

Software vendor:
Apache Foundation

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to the Socket Appender does not perform TLS hostname verification of the peer certificate, even when the "verifyHostName" configuration attribute or the "log4j2.sslVerifyHostName" system property is set to true. A remote attacker can perform MitM attack and intercept or redirect the log traffic.

Remediation

Install updates from vendor's website.

External links

https://lists.apache.org/thread/tv58ozvsvt9nobwkzlhdztwq2b131f9h

#VU120231 Improper validation of certificate with host mismatch in Apache Log4j - CVE-2025-68161

Description

Remediation

External links

Please verify you're human