High Severity

Security Bulletin: Vulnerability in Apache Log4j affects IBM Spectrum Scale (CVE-2021-4104)

Share this post:

A vulnerability in Apache Log4j could allow an attacker to execute arbitrary code on the system. This vulnerability may affect IBM Spectrum Scale due to its use of Log4j for logging.

CVE(s): CVE-2021-4104

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Spectrum Scale 5.0.0 – 5.0.5.11 (All HDFS Transparency versions)
IBM Spectrum Scale 5.1.0 – 5.1.1 (HDFS Transparency version – 2.7.3 – 3.1.0)

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6551880
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/215048

More stories

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to denial of service due to Go CVE-2021-43565

August 8, 2022 | High Severity

Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to denial of service due to Go CVE-2021-43565 with details below ...read more


Security Bulletin: IBM Workload Scheduler is potentially vulnerable to denial of service due to CVE-2022-0778 affecting OpenSSL component

August 8, 2022 | High Severity

OpenSSL vulnerability CVE-2022-0778 has been disclosed by the OpenSSL Project. OpenSSL is used by IBM Workload Schedulerfor secure communications between the components. ...read more


Security Bulletin: IBM Security SiteProtector System is affected by multiple Apache HTTP Server Vulnerabilities

August 8, 2022 | High Severity

Apache HTTP Server provides HTTP services for SiteProtector. IBM Security SiteProtector System has addressed the following vulnerabilities in an express update (CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-26377, CVE-2022-31813 and CVE-2022-30556) : ...read more