Critical Severity
Security Bulletin: IBM Planning Analytics Workspace: Apache log4j Vulnerability (CVE-2021-44228)
December 15, 2021
Categorized: Critical Severity
Share this post:
The IBM Planning Analytics Workspace component of IBM Planning Analytics is affected by a security vulnerability. Apache Log4j is used by IBM Planning Analytics Workspace as part of its logging infrastructure. This bulletin addresses the exposure to the Apache Log4j (CVE-2021-44228) vulnerability.
CVE(s): CVE-2021-44228
Affected product(s) and affected version(s):
IBM Planning Analytics Workspace 2.0.57 and higher
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6525700
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/214921
Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from expat, Golang Go, gcc, openssl and libxml.
May 16, 2022 | Critical Severity
Multiple issues were identified in Red Hat UBI(ubi8/ubi-minimal) v8.5-x packages "expat", "gcc", "openssl", "libxml" and go-toolset v1.16.x that were shipped with IBM MQ Operator and IBM supplied MQ Advanced container images. ...read more
Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities in Apache Thrift
May 12, 2022 | Critical Severity
IBM Security Guardium has fixed these vulnerabilities by updating the Apache Thrift component. ...read more
Security Bulletin: A vulnerability in Samba affects IBM Spectrum Scale SMB protocol access method (CVE-2021-44142)
May 12, 2022 | Critical Severity
A Samba vulnerability affects IBM Spectrum Scale SMB protocol access method that could allow a remote authenticated attacker to execute arbitrary code on the system. ...read more