Number: AV22-105
Date: 28 February 2022
Between 21 and 27 February 2022 IBM published Security Bulletins to address vulnerabilities in multiple products. Included were critical updates for the following:
- IBM – Apache Log4j Vulnerability – multiple versions and platforms
- IBM Cloud Pak for Data System – versions 2.0.0.0 to 2.0.1.1
- IBM HTTP Server – multiple versions
- IBM Netezza for Cloud Pak for Data – versions 11.1.0.0 to 11.2.1.3
- IBM Planning Analytics – version 2.0
- IBM Planning Analytics Workspace – version 2.0
- IBM WebSphere Application Server Liberty – versions 17.0.0.3 to 22.0.0.2
- IBM WebSphere Application Server – multiple versions
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.
IBM – Apache Log4j Vulnerability
IBM Product Security Incident Response
Active Exploitation of Apache Log4j Vulnerability (AL21-019)