High Severity

Security Bulletin: Vulnerability in Apache Log4j may affect IBM Spectrum Archive Enterprise Edition (CVE-2021-4104)

January 26, 2022

Categorized: High Severity

Share this post:

A vulnerability in Apache Log4j v1 could result in remote code execution. IBM Spectrum Archive Enterprise Edition includes the IBM Spectrum Protect Backup-Archive Client which installs the vulnerable Log4j v1 files. The below fix package includes Apache Log4j 2.17.1.

CVE(s): CVE-2021-4104

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
Enterprise Edition 1.3.0.0 – 1.3.0.7

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6551074
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/215048


Previous Post

Security Bulletin: Vulnerability in Apache Log4j may affect IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data (CVE-2021-4104)

Next Post

Security Bulletin:IBM® Db2® On Openshift and IBM® Db2® and Db2 Warehouse® on Cloud Pak for Data is vulnerable to denial of service and arbitrary code execution due to Apache Log4j (CVE-2021-45105 and CVE-2021-45046)
More stories

Security Bulletin: IBM MQ for HPE NonStop Server is affected by OpenSSL vulnerability CVE-2022-0778

May 20, 2022 | High Severity

An issue was identifed in OpenSSL when MQ is using it to parse certificates. ...read more

Security Bulletin: OpenSSL publicly disclosed vulnerability affects IBM MobileFirst Platform Foundation

May 17, 2022 | High Severity

IBM MobileFirst Platform Foundation has addressed the following vulnerability by updating the version of OpenSSL ...read more

Security Bulletin: Vulnerabilities in IBM HTTP Server affect IBM Netezza Performance Portal

May 17, 2022 | High Severity

IBM HTTP Server is used by IBM Netezza Performance Portal. IBM Netezza Performance Portal has addressed the applicable CVEs. ...read more