IBM Business Automation Content Analyzer on Cloud (BACAoC) is not affected by, or vulnerable to CVE-2021-44228.

Flashes (Alerts)

Abstract

I am using IBM Business Automation Content Analyzer on Cloud. What is the impact of CVE-2021-44228?

Content

CVE-2021-44228 describes a vulnerability in the Apache Log4j 2.X Java library dubbed Log4Shell.

IBM Business Automation Content Analyzer on Cloud does not include any version of log4j 2.x. Therefore, BACAoC is not vulnerable to the Log4Shell CVE.

IBM Business Automation Content Analyzer on Cloud does use Log4j version 1, however usage of this version of log4j is not vulnerable to the Log4Shell exploit.

For an IBM perspective on this vulnerability, please review the information from IBM at:

https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/

[{"Type":"MASTER","Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSUM7G","label":"IBM Business Automation Content Analyzer on Cloud"},"ARM Category":[{"code":"a8m3p0000006xMcAAI","label":"Automation Content Analyzer"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]

Tips

IBM Business Automation Content Analyzer on Cloud (BACAoC) is not affected by, or vulnerable to CVE-2021-44228.

Flashes (Alerts)

Abstract

Content

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?