Number: AV22-212
Date: 19 April 2022
Between 11 and 17 April 2022 IBM published Security Bulletins to address vulnerabilities in multiple products. Included were critical updates for the following:
- App Connect Enterprise Certified Container – multiple versions
- Cloud APM – version 8.1.4
- Data Risk Manager – 2.0.6.12
- Db2 On Openshift – multiple versions
- Db2 and Db2 Warehouse on Cloud Pak for Data – multiple versions
- Informix Dynamic Server – versions 12.10 and 14.10
- Maximo for Civil Infrastructure – versions 7.6.2.1, 7.6.3 and 7.6.3.1
- Netezza Analytics – multiple versions and platforms
- Process Mining – 1.12.0.3
- Security Guardium – multiple versions
- Security SOAR – versions 26 to 44.1
- Sterling B2B Integrator – multiple versions
- Tivoli Netcool Impact – multiple versions
- Tivoli Network Manager – versions 4.2 to 4.2.0.13
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.
IBM Product Security Incident Response
IBM – Apache Log4j Vulnerability
Active Exploitation of Apache Log4j Vulnerability (AL21-019)
Spring remote code execution vulnerabilities (AL22-004)