The official site for Saudi CERT
IBM Alert
3095
Warning Date
Severity Level
Warning Number
Target Sector
2 January, 2022
● Critical
2022-4156
All
IBM has released security updates to address Apache Log4j vulnerability in the following products:
- IBM Sterling Global Mailbox (GM)
- 6.0.3 to 6.1.1.0
- IBM Sterling B2B Integrator
- 6.0.0.0 – 6.1.1.0
- IBM Db2
- V10.5, V11.1, and V11.5
- i2 Analyze
- 4.3.5.0
- 4.3.4.0
- 4.3.3.0
- 4.3.2.0
- 4.3.2.0
- i2 Connect
- 1.1.1
- 1.1.0
- 1.0.3
- 1.0.2
- i2 Analyst's Notebook Premium
- 9.3.
- 9.3.0
- IBM Spectrum Scale for IBM Elastic Storage Server
- V5.3.6.0 – V5.3.7.3
- IBM Spectrum Scale for IBM Elastic Storage Server
- V6.0.1.0 – V6.1.2.1
- IBM Spectrum Scale
- 5.0.5.0 – 5.0.5.11
- 5.1.0.0 – 5.1.2.1
- IBM Spectrum Scale on AWS Marketplace
- Spectrum Scale 5.0.5.3 BYOL v1.3.1
- IBM Spectrum Scale container native storage access (CNSA)
- 5.1.0.1 – 5.1.2.1
- IBM Sterling File Gateway
- 6.0.0.0 – 6.1.1.0
- IBM Elastic Storage System
- V6.0.1.0 – V6.0.2.3
- V6.1.0.0 – V6.1.2.1
Remote attacker could exploit this vulnerability by executing arbitrary code.
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- https://www.ibm.com/support/pages/node/6537760
- https://www.ibm.com/support/pages/node/6537664
- https://www.ibm.com/support/pages/node/6528678
- https://www.ibm.com/support/pages/node/6537918
- https://www.ibm.com/support/pages/node/6537752
- https://www.ibm.com/support/pages/node/6537670
- https://www.ibm.com/support/pages/node/6537748
- https://www.ibm.com/support/pages/node/6537750
For the latest updates on IBM products being affected by the Apache Log4j vulnerability:
Rate the content
Share the page
