The official site for Saudi CERT
Your review has been sent successfully
IBM Updates
3286
Warning Date
Severity Level
Warning Number
Target Sector
16 December, 2021
● Critical
2021-4081
All
Description:
IBM has released security updates to address several vulnerabilities in the following products:
Products that affected by the Apache Log4j vulnerability:
- HMC
- V10.1.1010.0
- V10.1.1010.0
- V9.2.950.0
- IBM Cloud Object Storage Systems
- Long Term Support Release – 3.16.0.47 and Prior 3.16.0 Releases
- Active Release – 3.16.1.39 and Prior 3.16.1 Releases
- IBM Application Navigator
- QRadar User Behavior Analytics
- IBM WebSphere Hybrid Edition
- all
- WebSphere Application Server
- 9.0
- 8.5
- IBM Transformation Extender
- 10.0.3.0
- 10.1.0.0
- 10.1.0.1
- 10.1.1.0
- IBM Cognos Controller
- 10.4.2
- i2 Analyze
- 4.3.5.0 bundled with EIA 2.4.1.0
- 4.3.4.0 bundled with EIA 2.4.0.0
- 4.3.3.0 bundled with EIA 2.3.4.0
- i2 Connect
- 1.1.1 shipped with i2 Analyze 4.3.5.0
- 1.1.0 shipped with i2 Analyze 4.3.4.0
- 1.0.3 shipped with i2 Analyze 4.3.3.0
- Analyst's Notebook Premium
- 9.3.1 Chart store component
- 9.3.0 Chart Store component
- i2 Analyze
- 4.3.2.0 bundled with EIA 2.3.2.0
- 4.3.1.1 bundled with EIA 2.3.1.1
- 4.3.1.0 bundled with EIA 2.3.1.0
- i2 Connect
- 1.0.2 shipped with i2 Analyze 4.3.2.0
- 1.0.1.1 shipped with i2 Analyze 4.3.1.1
- 1.0.1.0 shipped with i2 Analyze 4.3.1.0
- Analyst's Notebook Preium
- 9.2.2 Chart Store component
- IBM Cognos Analytics
- 11.2.x
- 11.1.x
- 11.0.x
- IBM Security Access Manager
- 9.0.7.1
- IBM Security Verify Access
- 10.0.0.0
- Resilient OnPrem
- IBM Security SOAR
- IBM Planning Analytics Workspace
- 2.0.57 and higher
- IBM Spectrum Symphony
- 7.2.0.2
- 7.2.1
- 7.2.1.1
- 7.3
- 7.3.1
- 7.3.2
- IBM Security Access Manager Appliance
- 9.0.0.0 – 9.0.7.2
- IBM Security Access Manager Docker
- 9.0.5.0 – 9.0.7.2
- IBM Spectrum Protect Client web user interface
- 8.1.7.0-8.1.13.0 (Linux and Windows)
- 8.1.9.0-8.1.13.0 (AIX)
- IBM Spectrum Protect for Virtual Environments: Data Protection for VMware
- 8.1.0.0-8.1.13.0
- 7.1.0.0-7.1.8.12
- IBM Spectrum Protect for Virtual Environments: Data Protection for Hyper-V
- 8.1.4.0-8.1.13.0
- IBM Watson Explorer Deep Analytics Edition Foundational Components
- 12.0.0.0
- 12.0.1
- 12.0.2.0 – 12.0.2.2
- 12.0.3.0 – 12.0.3.7
- IBM Watson Explorer Deep Analytics Edition Analytical Components
- 12.0.0.0
- 12.0.1
- 12.0.2.0 – 12.0.2.2
- 12.0.3.0 – 12.0.3.7
- IBM Watson Explorer Deep Analytics Edition oneWEX
- 12.0.0.0, 12.0.0.1
- 12.0.1
- 12.0.2.0 – 12.0.2.2
- 12.0.3.0 – 12.0.3.7
- IBM Watson Explorer Foundational Components
- 11.0.0.0 – 11.0.0.3
- 11.0.1
- 11.0.2.0 – 11.0.2.11
- IBM Watson Explorer Analytical Components
- 11.0.0.0 – 11.0.0.3
- 11.0.1
- 11.0.2.0 – 11.0.2.11
- IBM Spectrum Conductor
- 2.4.1
- 2.5.0
- 2.5.1
- IBM Security Guardium
- 10.6
- 11.3
- 11.4
- IBM Spectrum Protect Plus Container Backup and Restore for Kubernetes
- 10.1.9
- IBM Spectrum Protect Plus Container Backup and Restore for OpenShift
- 10.1.9
- IBM Security Access Manager for Enterprise Single-Sign On
- 8.2.2
- IBM Spectrum Protect Operations Center
- 8.1.0.000-8.1.13.000
- 7.1.0.000-7.1.14.000
- IBM Spectrum Control
- 5.4.0 – 5.4.5
- IBM WebSphere Remote Server – Product Family
- 9.0
- 8
- IBM Emptoris Supplier Lifecycle Mgmt
- 10.1.1.x
- 10.1.0.x
- 10.1.3.x
- App Connect Professional
- 7.5.4.0
- 7.5.5.0
- 7.5.2.0
- 7.5.3.0
- IBM MQ Appliance
- 9.1 LTS
- 9.2 CD
- 9.2 LTS
- 9.1 CD
- IBM Emptoris Strategic Supply Management Platform
- 10.1.0.x
- 10.1.1.x
- 10.1.3.x
- IBM Spectrum Protect Operations Center
- 7.1.0.000-7.1.13.xxx
- IBM Emptoris Sourcing
- 10.1.0.x
- 10.1.1.x
- 10.1.3.x
- IBM Db2
- V9.7
- V10.1
- V10.5
- V11.1
- V11.5
- WebSphere Application Server
- 9.0
- 8.5
- 8.0
- 7.0
- IBM WebSphere Cast Iron Solution
- 7.5.4.0
- v7.5.1.0
- Sterling Connect Direct File Agent
- 1.4
- APM AM
- 8.1.4
- APM SaaS
- 8.1.4
- APM on-premise
- 8.1.4
- IBM Spectrum Copy Data Management
- 2.2.13 and below
Threats:
An attacker could exploit these vulnerabilities by doing the following:
- Denial of service attack (DoS)
- Obtain sensitive information
- Bypass security restrictions
- Privilege escalation
- Remote code execution
Best practice and Recommendations:
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-cve-2021-44228-affects-power-hmc/
- https://www.ibm.com/blogs/psirt/security-bulletin-apache-log4j-vulnerabilities-affect-ibm-cloud-object-storage-systems-clevos-cve-2021-44228/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-application-navigator-is-vulnerable-to-an-remote-attacker-exploitation-of-apache-log4j-cve-2021-44228/
- https://www.ibm.com/blogs/psirt/security-bulletin-log4j-as-used-in-ibm-qradar-user-behavior-analytics-application-add-on-to-ibm-qradar-siem-is-vulnerable-to-remote-code-execution-rce-cve-2021-44228/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-websphere-application-server-which-is-bundled-in-ibm-websphere-hybrid-edition-cve-2021-44228/
- https://www.ibm.com/blogs/psirt/security-bulletin-apache-log4j-vulnerability-affects-ibm-transformation-extender-cve-2021-44228/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-planning-analytics-workspace-apache-log4j-vulnerability-cve-2021-44228/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cognos-controller-10-4-2-if15-apache-log4j-vulnerability-cve-2021-44228/
- https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vulnerability-affects-ibm-emptoris-supplier-lifecycle-mgmt-cve-2021-2335/
- https://www.ibm.com/blogs/psirt/security-bulletin-i2-analyze-i2-connect-and-analysts-notebook-premium-are-affected-by-the-log4j-vulnerability-cve-2021-44228-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-app-connect-professional-is-affected-by-gnu-c-library-vulnerability/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-is-vulnerable-to-a-denial-of-service-attack-cve-2021-38875/
- https://www.ibm.com/blogs/psirt/security-bulletin-app-connect-professional-is-affected-by-gnu-c-library-vulnerability-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cognos-analytics-apache-log4j-vulnerability-cve-2021-44228/
- https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vulnerability-affects-ibm-emptoris-strategic-supply-management-platform-cve-2021-2335/
- https://www.ibm.com/blogs/psirt/security-bulletin-information-disclosure-in-ibm-spectrum-protect-operations-center-cve-2021-38901-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-access-manager-9-0-7-1-and-ibm-security-verify-access-10-0-0-0-may-be-affected-by-the-log4j-vulnerability-cve-2021-44228-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-soar-is-using-a-component-with-a-known-vulnerability-underscore-js-cve-2021-23358/
- https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vulnerability-affects-ibm-emptoris-sourcing-cve-2021-2336/
- https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vulnerability-affects-ibm-emptoris-strategic-supply-management-platform-cve-2021-2334/
- https://www.ibm.com/blogs/psirt/security-bulletin-app-connect-professional-is-affected-by-gnu-c-library-vulnerability-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vulnerability-affects-ibm-emptoris-contract-management-cve-2021-2336/
- https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vulnerability-affects-ibm-emptoris-sourcing-cve-2021-2335/
- https://www.ibm.com/blogs/psirt/security-bulletin-app-connect-professional-is-affected-by-gnu-c-library-vulnerability-4/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-is-vulnerable-to-an-information-disclosure-as-it-uses-weaker-than-expected-cryptographic-algorithms-that-could-allow-an-attacker-to-decrypt-highly-sensitive-in-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-cve-2021-44228-affects-power-hmc-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vulnerability-affects-ibm-emptoris-supplier-lifecycle-mgmt-cve-2021-2336/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-planning-analytics-2-0-apache-log4j-vulnerability-cve-2021-44228/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-may-be-vulnerable-to-an-information-disclosure-when-using-the-load-utility-as-under-certain-circumstances-the-load-utility-does-not-enforce-directory-restricti-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vulnerability-affects-ibm-emptoris-program-management-cve-2021-2334/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-apache-log4j-affect-the-ibm-websphere-application-server-and-ibm-websphere-application-server-liberty-cve-2021-4104-cve-2021-45046/
- https://www.ibm.com/blogs/psirt/security-bulletin-app-connect-professional-is-affected-by-gnu-c-library-vulnerability-5/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-addressed-in-ibm-spectrum-symphony/
- https://www.ibm.com/blogs/psirt/security-bulletin-apache-log4j-affects-ibm-sterling-connectdirect-file-agent-cve-2021-4104/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-access-manager-has-fixed-a-vulnerability-in-the-log4j-library-shipped-with-the-product-cve-2021-4104/
- https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vulnerability-affects-ibm-emptoris-contract-management-cve-2021-2334/
- https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vulnerability-affects-ibm-emptoris-program-management-cve-2021-2336/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-exists-in-watson-explorer-cve-2021-44228-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-some-features-of-ibm-db2-cve-2021-44228/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-soar-is-using-a-component-with-known-vulnerabilities-elasticsearch-cve-2021-22144-cve-2021-22145-cve-2021-22147/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-addressed-in-ibm-spectrum-conductor/
- https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vulnerability-affects-ibm-emptoris-supplier-lifecycle-mgmt-cve-2021-2334/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-is-vulnerable-to-an-information-disclosure-as-a-result-of-a-connected-user-having-indirect-read-access-to-a-table-where-they-are-not-authorized-to-select-from-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-app-connect-professional-is-affected-by-gnu-c-library-vulnerability-6/
- https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vulnerability-affects-ibm-emptoris-sourcing-cve-2021-2334/
- https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vulnerability-affects-ibm-emptoris-contract-management-cve-2021-2335/
- https://www.ibm.com/blogs/psirt/security-bulletin-websphere-cast-iron-and-app-connect-professional-are-affected-by-vulnerabilities-in-busybox-arpwatch-apr-acpid-augeas-firefox-ctdb/
- https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vulnerability-affects-ibm-emptoris-program-management-cve-2021-2335/
- https://www.ibm.com/blogs/psirt/security-bulletin-app-connect-professional-is-affected-by-gnu-c-library-vulnerability-7/
- https://www.ibm.com/blogs/psirt/security-bulletin-miscellaneous-security-vulnerabilities-in-ibm-spectrum-copy-data-management-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-78-14-0-esr-cve-2021-38493-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if14/
- https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vulnerability-affects-ibm-emptoris-strategic-supply-management-platform-cve-2021-2336/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-could-allow-a-local-user-elevated-privileges-due-to-allowing-modification-of-columns-of-existing-tasks-cve-2021-38926-3/
- https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-ibm-spectrum-protect-client-web-user-interface-and-ibm-spectrum-protect-for-virtual-environments-cve-2021-44228/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-vulnerable-to-a-remote-code-execution-vulnerability-in-log4j2-component/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-ibm-spectrum-protect-plus-container-backup-and-restore-for-kubernetes-and-openshift-cve-2021-44228/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-ibm-security-access-manager-for-enterprise-single-sign-on-cve-2021-44228/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-ibm-spectrum-protect-operations-center-cve-2021-44228/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-ibm-spectrum-control-cve-2021-44228/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-has-been-identified-in-websphere-application-server-shipped-with-ibm-websphere-remote-server-cve-2021-44228/
Last updated at 16 December, 2021
Rate the content
Share the page
