High Severity

Security Bulletin: IBM Security Identity Governance and Intelligence is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-4104)

Share this post:

IBM Security Identity Governance and Intelligence (ISIGI) is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-4104). Apache Log4j is used as part of ISIGI’s logging infrastructure. The fix includes Apache Log4j version 2.17.1.

CVE(s): CVE-2021-4104

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Security Identity Governance and Intelligence 5.2.6

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6586512
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/215048

More stories

Security Bulletin: One or more security vulnerabilities has been identified in IBM® DB2® shipped with IBM PureData System for Operational Analytics (CVE-2020-4230,CVE-2020-4135,CVE-2020-4204,CVE-2020-4200)

June 23, 2022 | High Severity

IBM® DB2® is shipped as a component of IBM PureData System for Operational Analytics. Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletin (CVE-2020-4230,CVE-2020-4135,CVE-2020-4204,CVE-2020-4200). ...read more



Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

June 23, 2022 | High Severity

IBM Security Guardium has addressed the following vulnerabilities. ...read more