Medium Severity

Security Bulletin: Vulnerability in Apache Log4j may affect IBM Spectrum Archive Enterprise Edition (CVE-2021-44832)

Share this post:

A vulnerability in Apache Log4j could result in remote code execution. IBM Spectrum Archive Enterprise Edition includes the IBM Spectrum Protect Backup-Archive Client which installs the vulnerable Log4j files. The below fix package includes Apache Log4j 2.17.1.

CVE(s): CVE-2021-44832

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
Enterprise Edition 1.3.1.0 – 1.3.2.3

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6549768
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/216189

More stories