Critical Severity

Security Bulletin: IBM Security Guardium is vulnerable to a denial of service vulnerability in Apache log4j2 component (CVE-2021-45105 & CVE-2021-45046)

Share this post:

IBM Security Guardium is vulnerable to a remote code execution vulnerability in Apache Log4j 2 component. IBM Security Guardium has addressed the vulnerabilities with an upgrade.

CVE(s): CVE-2021-45105, CVE-2021-45046

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Security Guardium 10.5
IBM Security Guardium 10.6
IBM Security Guardium 11.0
IBM Security Guardium 11.1
IBM Security Guardium 11.2
IBM Security Guardium 11.3
IBM Security Guardium 11.4

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6537142
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/215647
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/215195

More stories

Security Bulletin: Vulnerability in PostgreSQL may affect IBM Spectrum Protect Plus

June 30, 2022 | Critical Severity

PostgreSQL could allow a remote attacker to gain unauthorized access to the system which may affect IBM Spectrum Protect Plus. ...read more


Security Bulletin: Multiple vulnerabilities affect IBM® Db2® On Openshift and IBM® Db2® and Db2 Warehouse® on Cloud Pak for Data

June 29, 2022 | Critical Severity

IBM has released the following fix for IBM® Db2® On Openshift and IBM® Db2® and Db2 Warehouse® on Cloud Pak for Data in response to multiple vulnerabilities found in multiple components. ...read more


Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js

June 29, 2022 | Critical Severity

IBM Watson Discovery for IBM Cloud Pak for Data contains vulnerable versions of Node.js modules used in Web clients. ...read more