تنبيه IBM

أصدرت IBM عدّة تحديثات لمعالجة عددٍ من الثغرات في المنتجات التالية:

المنتجات المتأثرة بثغرة Apache Log4j:

IBM Tivoli System Automation Application Manager
- 4.1
BM Cloud Pak for Multicloud Management Security Services
- Before 2.3 Fixpack 3
IBM Cloud Pak for Multicloud Management Monitoring
- Before 2.3 Fixpack 3
IBM Cloud APM, Base Private
- 8.1.4
IBM Cloud APM, Advanced Private
- 8.1.4
IBM Jazz Reporting Service
- 6.0.6.1
- 7.0
- 6.0.6
- 7.0.1
RELM
- 6.0.6.1
- 6.0.6
ENI
- 7.0.1
- 7.0
Global Configuration Management
- 6.0.6-7.0.1
RQM
- 6.0.6.1
- 6.0.6
ETM
- 7.0.1
- 7.0.0
EWM
- 7.0.1
- 7.0
RTC
- 6.0.6.1
- 6.0.6
DOORS Next
- 7.0
- 7.0.1
RDNG
- 6.0.6.1
- 6.0.6
- 7.0.2
RMM
- 7.0.1
- 6.0.6.1
- 6.0.6
- 7.0
Rhapsody DM
- 6.0.6
- 6.0.6.1
ELM
- 7.0.1
- 7.0
- 6.0.6.1
- 6.0.6
IBM Spectrum Protect for Space Management
- 8.1.11.0-8.1.13.1
- 7.1.8.10-7.1.8.13
IBM Sterling Partner Engagement Manager Standard and Essentials
- 6.1.2.3.3
- 6.2.0.1.2
IBM Sterling Connect:Direct for zOS
- 6.2
IBM Spectrum Protect Snapshot for Windows (formerly IBM Tivoli Storage FlashCopy Manager for Windows)
- 8.1.11.0-8.1.13.1
IBM Tivoli Storage FlashCopy Manager for Windows
- 4.1.6.10-4.1.6.x
IBM Spectrum Protect Backup-Archive Client
- 8.1.11.0-8.1.13.1
- 7.1.8.10-7.1.8.13
IBM Spectrum Protect for Virtual Environments: Data Protection for VMware
- 8.1.11.0-8.1.13.1
- 7.1.8.10-7.1.8.13
IBM Spectrum Protect for Virtual Environments: Data Protection for Hyper-V
- 8.1.11.0-8.1.13.1
IBM Tivoli Monitoring
- 6.3.0 fix pack 7 service pack 5

يمكن للمهاجم استغلال الثغرات وتنفيذ ما يلي:

يوصي المركز بتحديث النسخ المتأثرة، حيث أصدرت IBM توضيحًا لهذه التحديثات: