Number: AV22-028
Date: 17 January 2022
Between 10 and 16 January 2022 IBM published Security Bulletins to address vulnerabilities in multiple products. Included were critical updates for the following:
- IBM – Apache Log4j Vulnerability – multiple versions and platforms
- IBM Data Risk Manager – version 2.0.6
- IBM HTTP Server – version 9.0
- IBM Planning Analytics – version 2.0
- IBM Planning Analytics Workspace – version 2.0
- IBM Cloud Transformation Advisor – version 2.5.1
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.
IBM – Apache Log4j Vulnerability
IBM Product Security Incident Response
Active Exploitation of Apache Log4j Vulnerability (AL21-019)