Critical Severity

Security Bulletin: Due to the use of Apache Log4j, IBM Spectrum Conductor is vulnerable to arbitrary code execution (CVE-2021-44832 and CVE-2021-45046) and denial of service (CVE-2021-45105)

Share this post:

Apache Log4j is used by IBM Spectrum Conductor for generating logs in some of its components such as ELK, ascd, GUI and so on. This bulletin provides interim fixes which include Apache Log4j 2.17.1 to fix arbitrary code execution (CVE-2021-44832 and CVE-2021-45046) and denial of service (CVE-2021-45105) in IBM Spectrum Conductor.

CVE(s): CVE-2021-45105, CVE-2021-45046, CVE-2021-44832

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Spectrum Conductor 2.4.1
IBM Spectrum Conductor 2.5.0
IBM Spectrum Conductor 2.5.1

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6541736
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/215647
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/215195
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/216189

More stories

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities in Apache Thrift

May 12, 2022 | Critical Severity

IBM Security Guardium has fixed these vulnerabilities by updating the Apache Thrift component. ...read more


Security Bulletin: A vulnerability in Samba affects IBM Spectrum Scale SMB protocol access method (CVE-2021-44142)

May 12, 2022 | Critical Severity

A Samba vulnerability affects IBM Spectrum Scale SMB protocol access method that could allow a remote authenticated attacker to execute arbitrary code on the system. ...read more


Security Bulletin: Vulnerability in IBM SDK Java affects IBM Cloud Pak System (CVE-2020-27221)

May 11, 2022 | Critical Severity

Vulnerability in IBM SDK Java affects IBM Cloud Pak System. OS Image for Red Enterprise Linux shipped with Cloud Pak System addressed this vulnerability. ...read more