Please watch this page: https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/
IBM is actively working on a this. Del ---------------------------------------------------- "ADSM: Dist Stor Manager" <ADSM-L@VM.MARIST.EDU> wrote on 12/12/2021 01:31:46 AM: > From: "Bommasani, Venu" <venu.bommas...@capgemini.com> > To: ADSM-L@VM.MARIST.EDU > Date: 12/12/2021 01:32 AM > Subject: [EXTERNAL] Any impact on SP client with security > vulnerability: CVE-2021-44228 > Sent by: "ADSM: Dist Stor Manager" <ADSM-L@VM.MARIST.EDU> > > Hello All, > > Our security Team reported below file as vulnerability with > reference of CVE-2021-44228 on Linux servers. > > /opt/tivoli/tsm/client/ba/bin/plugins/vcloudsuite/sdk/log4j-1.2.17.jar > > We haven't received any information from IBM yet under a Sev1 > ticket, But as per Support Team this recent vulnerability > CVE-2021-44228 is still being investigated. > > Does any one has any idea ? remediation ? > > Since vulnerability CVE-2021-44228 treated as Critical, We are > proceeding with removing file directly from all Linux servers. > > Best Regards, > _____________________________________________ > Venu Bommasani > Storage & Data Protection > Mobile: +91 7795213309 / venu.bommas...@capgemini.com< > mailto:venu.bommas...@capgemini.com> > This message contains information that may be privileged or > confidential and is the property of the Capgemini Group. It is > intended only for the person to whom it is addressed. If you are not > the intended recipient, you are not authorized to read, print, > retain, copy, disseminate, distribute, or use this message or any > part thereof. If you receive this message in error, please notify > the sender immediately and delete all copies of this message.
