Critical Severity
Security Bulletin: Vulnerability in Apache Log4j affects IBM Spectrum Protect Plus Container Backup and Restore for Kubernetes and OpenShift (CVE-2021-44228)
December 15, 2021
Categorized: Critical Severity
Share this post:
A vulnerability in Apache Log4j could allow an attacker to execute arbitrary code on the system. This vulnerability may affect IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift due to its use of the Strimzi operator.
CVE(s): CVE-2021-44228
Affected product(s) and affected version(s):
| Affected Product(s) | Version(s) |
| IBM Spectrum Protect Plus Container Backup and Restore for Kubernetes | 10.1.9 |
| IBM Spectrum Protect Plus Container Backup and Restore for OpenShift | 10.1.9 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6527090
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/214921
Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from expat, Golang Go, gcc, openssl and libxml.
May 16, 2022 | Critical Severity
Multiple issues were identified in Red Hat UBI(ubi8/ubi-minimal) v8.5-x packages "expat", "gcc", "openssl", "libxml" and go-toolset v1.16.x that were shipped with IBM MQ Operator and IBM supplied MQ Advanced container images. ...read more
Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities in Apache Thrift
May 12, 2022 | Critical Severity
IBM Security Guardium has fixed these vulnerabilities by updating the Apache Thrift component. ...read more
Security Bulletin: A vulnerability in Samba affects IBM Spectrum Scale SMB protocol access method (CVE-2021-44142)
May 12, 2022 | Critical Severity
A Samba vulnerability affects IBM Spectrum Scale SMB protocol access method that could allow a remote authenticated attacker to execute arbitrary code on the system. ...read more