IBM Support

Security Bulletin: IBM Security Directory Integrator NOT Affected by CVE-2021-44228 Exploit

Created by Raghavan Arun on
Published URL:
https://www.ibm.com/support/pages/node/6527078
6527078

Security Bulletin


Summary

IBM Security Directory Integrator NOT Affected by CVE-2021-44228 Exploit.

Vulnerability Details

After conducting extensive research on product code base, it is determined that all versions of IBM Security Directory Integrator are not vulnerable to Java library Apache log4j v2 with JNDI exploit (CVE-2021-44228).

Get Notified about Future Security Bulletins

References

Off
https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md
https://nvd.nist.gov/vuln/detail/CVE-2021-44228

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.

Document Location

Worldwide

[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSXZ8BA","label":"IBM Security Directory Integrator"},"ARM Category":[{"code":"a8m0z0000001hY9AAI","label":"Install"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]

Document Information

Modified date:
15 December 2021

UID

ibm16527078