IBM security advisory

Number: AV22-001
Date: 4 January 2022

Between 29 December 2021 and 3 January 2022 IBM published Security Bulletins to address vulnerabilities in multiple products. Included were critical updates for the following:

  • IBM – Apache Log4j Vulnerability – multiple versions and platforms

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates, when available.

IBM – Apache Log4j Vulnerability
https://www.ibm.com/blogs/psirt/an–update–on–the–apache–log4j–cve–2021–44228–vulnerability/

IBM Product Security Incident Response
https://www.ibm.com/blogs/psirt/

Active Exploitation of Apache Log4j Vulnerability VulnerabilityA flaw or weakness in the design or implementation of an information system or its environment that could be exploited to adversely affect an organization's assets or operations. (AL21-019)
https://cyber.gc.ca/en/alerts/active-exploitation-apache-log4j-vulnerability

 

Date modified: