Critical Severity

Security Bulletin: Apache Log4j vulnerability impacts IBM Sterling Global Mailbox (CVE-2021-45046)

January 19, 2022

Share this post:

IBM Sterling Global Mailbox is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-45046) and is used for logging. Mitigation steps detailed below.

CVE(s): CVE-2021-45046

Affected product(s) and affected version(s):

Affected Product(s)	Version(s)
IBM Sterling Global Mailbox (GM)	6.0.3 to 6.1.1.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6537760
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/215195

Critical Severity

Security Bulletin: IBM Integrated Analytics System is vulnerable to denial of service and arbitrary code execution due to Apache Log4j (CVE-2021-45105, CVE-2021-45046)

Search Posts

Resources

Feed for PSIRT Blog Posts

IBM Product Security Vulnerabilities

See information about: IBM Security Bulletins, IBM Security Vulnerability Management (PSIRT), Reporting a Security Issue, IBM Secure Engineering

Learn More

IBM Product Support Portal

Access IBM Product Support to: Subscribe to Notifications, Download Fixes & PTFs (Fix Central), Access the Directory of IBM Worldwide Contacts

See What's New

Helpful Information

Security Bulletin: Vulnerability in PostgreSQL may affect IBM Spectrum Protect Plus

June 30, 2022 | Critical Severity

PostgreSQL could allow a remote attacker to gain unauthorized access to the system which may affect IBM Spectrum Protect Plus. ...read more

Security Bulletin: Multiple vulnerabilities affect IBM® Db2® On Openshift and IBM® Db2® and Db2 Warehouse® on Cloud Pak for Data

June 29, 2022 | Critical Severity

IBM has released the following fix for IBM® Db2® On Openshift and IBM® Db2® and Db2 Warehouse® on Cloud Pak for Data in response to multiple vulnerabilities found in multiple components. ...read more

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js

June 29, 2022 | Critical Severity

IBM Watson Discovery for IBM Cloud Pak for Data contains vulnerable versions of Node.js modules used in Web clients. ...read more

Critical Severity

Security Bulletin: Apache Log4j vulnerability impacts IBM Sterling Global Mailbox (CVE-2021-45046)

Security Bulletin: IBM Integrated Analytics System is vulnerable to denial of service and arbitrary code execution due to Apache Log4j (CVE-2021-45105, CVE-2021-45046)

Security Bulletin: IBM® Security SOAR could be vulnerable to a downgrade attack because of missing Strict-Transport-Security headers for some endpoints (CVE-2021-29785).

Search Posts

Archives

Resources

IBM Product Security Vulnerabilities

IBM Product Support Portal

Helpful Information

Security Bulletin: Vulnerability in PostgreSQL may affect IBM Spectrum Protect Plus

June 30, 2022 | Critical Severity

Security Bulletin: Multiple vulnerabilities affect IBM® Db2® On Openshift and IBM® Db2® and Db2 Warehouse® on Cloud Pak for Data

June 29, 2022 | Critical Severity

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js

June 29, 2022 | Critical Severity