Number: AV22-074
Date: 14 February 2022
Between 7 and 13 February 2022 IBM published Security Bulletins to address vulnerabilities in multiple products. Included were critical updates for the following:
- IBM – Apache Log4j Vulnerability – multiple versions and platforms
- IBM Cloud Object Storage Systems – version 3.16.3.36 and prior
- IBM Cloud Private – multiple versions
- IBM Rational Build Forge – versions 8.0 to 8.0.0.20
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates, when available.
IBM – Apache Log4j Vulnerability
IBM Product Security Incident Response
Active Exploitation of Apache Log4j Vulnerability (AL21-019)