Search Results for "2021-44228"

Security Bulletin: Vulnerabilities have been identified in Apache Log4j and the application code shipped with the DS8000 Hardware Management Console (HMC)

April 13, 2022 | High Severity

The updates indicated below have been released to address the following vulnerabilities: CVE-2021-44228, CVE-2021-45105, CVE-2021-45046, CVE_2021-4104, CVE-2021-38930, and CVE-2021-38929. ...read more


Security Bulletin: Vulnerabilities have been identified in Apache Log4j and the application code shipped with the DS8000 Hardware Management Console (HMC)

April 8, 2022 | High Severity

The updates indicated below have been released to address the following vulnerabilities: CVE-2021-44228, CVE-2021-45105, CVE-2021-45046, CVE_2021-4104, CVE-2021-38930, and CVE-2021-38929. ...read more


Security Bulletin: CVE-2021-44228 log4j affects MAS Monitor 8.4, 8.5 and 8.6

March 28, 2022 | Critical Severity

A new vulnerability with log4j has been detected. MAS Monitor uses log4j in all releases and interim fixes are now available for our 8.4, 8.5 and 8.6 releases. More details of the vulnerability are available here: https://nvd.nist.gov/vuln/detail/CVE-2021-44228 ...read more


Security Bulletin: MAS Monitor 8.4, 8.5, and 8.6 log4j

March 28, 2022 | High Severity

A new vulnerability with log4j has been detected. MAS Monitor uses log4j in all releases and interim fixes are now available for our 8.4, 8.5 and 8.6 releases. More details of the vulnerability are available here: https://nvd.nist.gov/vuln/detail/CVE-2021-44228 ...read more


Security Bulletin: Apache Log4j vulnerability impacts IBM Watson Knowledge Catalog in Cloud Pak for Data (CVE-2021-44228)

March 21, 2022 | Critical Severity

IBM Watson Knowledge Catalog in Cloud Pak for Data is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-44228) and is used for logging. Customers are encouraged to take quick action to update their systems to Apache Log4j 2.15.0. ...read more


Security Bulletin: Vulnerability in Apache Log4j affects IBM Cloud Pak for Network Automation (CVE-2021-44228)

March 15, 2022 | High Severity

A vulnerability was identified within the Apache Log4j library that is used by IBM Cloud Pak for Network Automation to provide logging functionality. This vulnerability has been addressed. ...read more


Security Bulletin: IBM TRIRIGA Reporting a component of IBM TRIRIGA Application Platform upgrade from Log4j 2.17 to 2.17.1 to protect from infinite recursion in lookup evaluation

March 15, 2022 | Critical Severity

IBM TRIRIGA Reporting a component of IBM TRIRIGA Application Platform upgrade from Log4j 2.17 to 2.17.1 to protect from infinite recursion in lookup evaluation (CVE-2021-45105) ...read more


Security Bulletin: Vulnerablity in Apache Log4j affects IBM Tivoli Composite Application Manager for Application Diagnostics (CVE-2021-44228)

March 14, 2022 | Critical Severity

The following security vulnerability has been identified in the WebSphere Application Server. Apache Log4j 2.x is not used by IBM Tivoli Composite Application Manager for Application Diagnostics, but log4j-1.2.4.jar is present in one of the ear files installed on WebSphere Application Server and should be removed from the installation. ...read more


Security Bulletin: IBM Cloud Pak System is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-45046, CVE-2021-44228)

March 7, 2022 | Critical Severity

Apache Log4j is used for logging in multiple components of the IBM Cloud Pak System (CPS) appliance: Logstash, VMware vCenter, IBM Hardware Management Console and product pattern type (pType). Arbitrary code execution vulnerabilities have been identified in Apache Log4j. ...read more