Medium Severity

Security Bulletin: Vulnerability inApache Log4j – CVE-2021-44832 may affect IBM Watson Assistant for IBM Cloud Pak for Data

January 27, 2022

Categorized: Medium Severity

Share this post:

A potential vulnerability inApache Log4j – CVE-2021-44832 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data.  Several components of IBM Watson Assistant for IBM Cloud Pak for Data use Log4j to log diagnostic data unrelated to customer input. Refer to details for additional information.

CVE(s): CVE-2021-44832

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
WA for ICP 1.5.0, 4.0.0, 4.0.2, 4.0.4

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6551436
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/216189


Previous Post

Security Bulletin: IBM Watson Studio in Cloud Pak for Data is vulnerable to denial of service and arbitrary code execution due to Apache Log4j (CVE-2021-45105, CVE-2021-45046)

Next Post

Security Bulletin: Vulnerability in Apache Log4j affects IBM Cloud Private (CVE-2021-44228)
More stories

Security Bulletin: IBM DataPower Gateway vulnerable to HTTP header injection

May 17, 2022 | Medium Severity

IBM has addressed the CVE ...read more

Security Bulletin: IBM DataPower Gateway vulnerable to temporary DoS

May 17, 2022 | Medium Severity

IBM has addressed the CVEs ...read more

Security Bulletin: Potential Denial of Service in IBM DataPower Gateway

May 16, 2022 | Medium Severity

IBM has addressed the CVE ...read more