High Severity

Security Bulletin: Vulnerabilities in Apache Log4j affect IBM App Connect Enterprise V11, V12 and IBM Integration Bus (CVE-2021-4104)

December 21, 2021

Categorized: High Severity

Share this post:

Vulnerabilities in Apache Log4j affect the logging infrastructure in the Kafka Nodes in IBM App Connect Enterprise v11, v12 and IBM Integration Bus version 10. IBM App Connect Enterprise V11, V12 and IBM Integration Bus v10 have addressed the applicable CVE. Given current information and analysis, IBM Integration Bus V9 is not affected.

CVE(s): CVE-2021-4104

Affected product(s) and affected version(s):

IBM App Connect Enterprise V12.0.1.0 to V12.0.3.0

IBM App Connect Enterprise V11.0.0.0 to V11.0.0.15

IBM Integration Bus V10.0.0.6 to V10.0.0.25

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6529056
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/215048


Previous Post

Security Bulletin: IBM Event Streams is potentially affected by multiple node vulnerabilities

Next Post

Security Bulletin: Apache Log4j Vulnerability Afffects IBM Secure Proxy (CVE-2021-45046)
More stories

Security Bulletin: IBM MQ for HPE NonStop Server is affected by OpenSSL vulnerability CVE-2022-0778

May 20, 2022 | High Severity

An issue was identifed in OpenSSL when MQ is using it to parse certificates. ...read more

Security Bulletin: OpenSSL publicly disclosed vulnerability affects IBM MobileFirst Platform Foundation

May 17, 2022 | High Severity

IBM MobileFirst Platform Foundation has addressed the following vulnerability by updating the version of OpenSSL ...read more

Security Bulletin: Vulnerabilities in IBM HTTP Server affect IBM Netezza Performance Portal

May 17, 2022 | High Severity

IBM HTTP Server is used by IBM Netezza Performance Portal. IBM Netezza Performance Portal has addressed the applicable CVEs. ...read more