Critical Severity
Security Bulletin: Vulnerability in Apache Log4j affects IBM Spectrum Archive Enterprise Edition (CVE-2021-44228)
December 17, 2021
Categorized: Critical Severity
Share this post:
A vulnerability in Apache Log4j could allow an attacker to execute arbitrary code on the system. This vulnerability may affect the IBM Spectrum Archive Enterprise Edition (EE). Two other editions, Library Edition (LE) and Single Drive Edition (SDE) are not affected.
CVE(s): CVE-2021-44228
Affected product(s) and affected version(s):
| Affected Product(s) | Version(s) |
| Enterprise Edition | 1.3.0.0 – 1.3.2.1 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6527808
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/214921
Security Bulletin: Multiple Vulnerabilities in jackson-databind shipped with IBM Cloud Pak System
August 12, 2022 | Critical Severity
Vulnerabilities identified in jackson-databind shipped with IBM Cloud Pak System. IBM Clous Pak System addresssed vulnerabilities. ...read more
Security Bulletin: Vulnerability in Apache Log4j affects IBM InfoSphere Master Data Management (CVE-2021-44228 )
August 12, 2022 | Critical Severity
There is a vulnerability in the Apache Log4j open source library used by IBM InfoSphere Master Data Management v11.6 and v12.0. ...read more
Security Bulletin: IBM Security Identity Manager Virtual Appliance is vulnerable to arbitrary code execution due to Apache Log4j and other issues (CVE-2021-4104, CVE-2021-45046, CVE-2021-38951)
August 12, 2022 | Critical Severity
IBM Security Identity Manager Virtual Appliance (ISIM VA) is vulnerable to arbitrary code execution due to Apache Log4j CVE-2021-4101 and CVE-2021-45046. Apache Log4j is used by ISIM VA as part of its logging infrastructure. This fix upgrades to Apache Log4j v2.17.1. IBM Security Identity Manager Virtual Appliance (ISIM VA) has also upgraded the other vulnerable components listed below. ...read more