Number: AV22-044
Date: 31 January 2022
Between 24 and 30 January 2022 IBM published Security Bulletins to address vulnerabilities in multiple products. Included were critical updates for the following:
- IBM – Apache Log4j Vulnerability – multiple versions and platforms
- Cloud Pak for Security (CP4S) – versions 1.7.2.0, 1.8.0.0 and 1.8.1.0
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates, when available.
IBM – Apache Log4j Vulnerability
IBM Product Security Incident Response
Active Exploitation of Apache Log4j Vulnerability (AL21-019)