Number: AV22-139
Date: 21 March 2022

Between 14 and 20 March 2022 IBM published Security Bulletins to address vulnerabilities in multiple products. Included were critical updates for the following:

  • IBM – Apache Log4j Vulnerability – multiple versions and platforms
  • IBM Cloud Automation Manager – version 4.2.0.1
  • IBM Control Center – version 6.1.3 and 6.2.0.0
  • IBM Netezza Performance Portal – versions prior to 2.1.1.12
  • IBM Spectrum Protect Operations Center – version 8.1.0.000 to 8.1.13.300
  • IBM Spectrum Protect for Virtual Environments – multiple platforms, version 8.1.0.0 to 8.1.13.3
  • IBM Spectrum Protect for Workstations Central Administration Console – version 8.1.0.0 to 8.1.2.3
  • IBM Tivoli Netcool/OMNIbus Integrations – Probe DSL Factory Framework
  • Tivoli Composite Application Manager for Application Diagnostics – version 7.1.0
  • IBM TRIRIGA – version 4.0
  • IBM TRIRIGA Application Platform – version 3.8
  • Websphere Application Server – v8.5 and v9

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

IBM – Apache Log4j Vulnerability

IBM Product Security Incident Response

Active Exploitation of Apache Log4j Vulnerability (AL21-019)
 



Source link