High Severity

Security Bulletin: Vulnerability in Apache Log4j affects IBM Spectrum Control (CVE-2021-4104)

Share this post:

A vulnerability in Apache Log4j could allow an attacker to execute arbitrary code on the system. This vulnerability may affect IBM Spectrum Control due to its use of Log4j for logging, tracing, alerting, and the local help documentation.

CVE(s): CVE-2021-4104

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Spectrum Control 5.4.0 – 5.4.5

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6537016
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/215048

More stories

Security Bulletin: Vulnerability in Moment affects IBM Process Mining . CVE-2022-31129

August 17, 2022 | High Severity

There is a vulnerability in Moment that could allow a denial of service. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. ...read more


Security Bulletin: Vulnerability in FasterXML jackson-databind affects IBM Process Mining . CVE-2020-36518

August 17, 2022 | High Severity

There is a vulnerability in FasterXML jackson-databind that could allow a denial of service. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. ...read more


Security Bulletin: AIX is vulnerable to arbitrary command execution (CVE-2022-1292 and CVE-2022-2068) or an attacker may obtain sensitive information (CVE-2022-2097) due to OpenSSL

August 17, 2022 | High Severity

A vulnerability in OpenSSL could allow a remote attacker to execute arbitrary commands (CVE-2022-1292 and CVE-2022-2068) or obtain sensitive information (CVE-2022-2097). OpenSSL is used by AIX as part of AIX's secure network communications. ...read more