High Severity

Security Bulletin: A Remote Attack Vulnerability in Apache Log4j affects IBM Common Licensing's License Key Server (LKS) Administration And Reporting Tool (ART) and its Agent(CVE-2021-4104,CVE-2021-44832,CVE-2021-3100,CVE-2022-33915).

June 27, 2022

Categorized: High Severity

Share this post:

There is a high risk Remote Attack Vulnerability in Apache Log4j (CVE-2021-4104,CVE-2021-44832,CVE-2021-3100,CVE-2022-33915) which is used by IBM LKS Administration And Reporting Tool and its Agent. A fix is available to address the vulnerability.

CVE(s): CVE-2022-33915, CVE-2021-4104, CVE-2021-3100, CVE-2021-44832

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Common Licensing ART 9.0
IBM Common Licensing Agent 9.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6598713
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/229133
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/215048
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/224962
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/216189


Previous Post

Security Bulletin: Vulnerabilities in the Java JDK affect IBM Event Streams (CVE-2022-21365, CVE-2022-21360, CVE-2022-21349, CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21294, CVE-2022-21293, CVE-2022-21291, CVE-2022-21248)

Next Post

Security Bulletin: IBM SDK, Java Technology Edition, Security Update October 2021
More stories

Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to denial of service due to CVE-2022-31129

August 10, 2022 | High Severity

Automation Assets in IBM Cloud Pak for Integration is vulnerable to denial of service due to CVE-2022-31129 with details below ...read more

Security Bulletin: Multiple security vulnerabilities has been identified in IBM® DB2® shipped with IBM PureData System for Operational Analytics

August 10, 2022 | High Severity

IBM® DB2® is shipped as a component of IBM PureData System for Operational Analytics. Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletin (CVE-2022-22389, CVE-2022-22390, CVE-2022-25313, CVE-2022-25236, CVE-2022-25235, CVE-2022-25314, CVE-2022-25315). ...read more

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities

August 10, 2022 | High Severity

Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities with details below ...read more