Number: AV22-088
Date: 21 February 2022
Between 14 and 20 February 2022 IBM published Security Bulletins to address vulnerabilities in multiple products. Included were critical updates for the following:
- IBM – Apache Log4j Vulnerability – multiple versions and platforms
- IBM Cloud Pak for Data Systems – versions 1.0 to 1.0.7.7
- IBM Integrated Analytics System – versions 1.0.0 to 1.0.27.0
- IBM Planning Analytics – versions prior to 2.0.9.11
- IBM Planning Analytics Workspace – versions prior to 2.0.72
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.
IBM – Apache Log4j Vulnerability
IBM Product Security Incident Response
Active Exploitation of Apache Log4j Vulnerability (AL21-019)