Critical Severity

Security Bulletin: Vulnerability in Apache Log4j affects WebSphere Application Server (CVE-2021-44228)

Share this post:

There is a vulnerability in the Apache Log4j open source library used by WebSphere Application Server. This affects the WebSphere Application Server Admin Console and the UDDI Registry Application. This vulnerability has been addressed.

CVE(s): CVE-2021-44228

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
WebSphere Application Server 9.0
WebSphere Application Server 8.5

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6525706
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/214921

More stories

An update on the Apache Log4j 2.x vulnerabilities

Jan 27, 2022 10:35 am EST | Critical Severity

Updated January 27, 10:35am: IBM’s top priority remains the security of our clients and products. IBM is actively responding to the remote code execution vulnerability in the Apache Log4j 2 Java library dubbed Log4Shell (or LogJam). ...read more


Security Bulletin:IBM® Db2® On Openshift and IBM® Db2® and Db2 Warehouse® on Cloud Pak for Data is vulnerable to denial of service and arbitrary code execution due to Apache Log4j (CVE-2021-45105 and CVE-2021-45046)

Jan 26, 2022 7:01 pm EST | Critical Severity

Apache Log4j open source library used by IBM® Db2® On Openshift and IBM® Db2® and Db2 Warehouse® on Cloud Pak for Data are affected by multiple vulnerabilities (CVE-2021-45105 and CVE-2021-45046). This library is used by the Db2 Federation and Db2 Graph feature as part of its logging infrastructure. The fix includes includes Apache Log4j v2.17.0. ...read more


Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to denial of service and arbitrary code execution due to Apache Log4j (CVE-2021-45105 and CVE-2021-45046)

Jan 26, 2022 7:00 pm EST | Critical Severity

Vulnerabilities in Apache Log4j (CVE-2021-45105, CVE-2021-45046) impacts IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data. Several components of IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data use Apache Log4j to log diagnostic data unrelated to customer input. The fix below includes Apache Log4j 2.17. ...read more