Nov 29, 2021 7:01 pm EST
Categorized: Critical Severity
Share this post:
IBM Cúram Social Program Management uses the Apache Log4j libraries, for which there is a publicly known vulnerability. For this vulnerability, Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer.
Affected product(s) and affected version(s):
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6519984
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/173314