Security Bulletin: Vulnerabilities in Apache Commons and Log4j affect IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments
<p> Vulnerabilities in Apache Commons and Log4j, such as execution of arbitrary code on the system, man-in-the-middle attack, and information disclosure, could affect the IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments. UPDATED 1/29/2021: Added 7.1 fix for IBM Spectrum Protect for Virtual Environments: Data Protection for VMware UPDATED 5/8/2021: Updated Remediation/Fixes section to correct Platforms for Spectrum Protect Client 8.1 – AIX, Linux, and Windows only. </p>
<p> CVE(s): [/u], [u], Third Party Entry: 177835</p>
<p></
Affected product(s) and affected version(s):</p>
<table style="height: 132px;" border="1" width="728">
<tbody>
<tr style="height: 13px;">
<td style="height: 13px; width: 502.7px;"><strong>Affected Product(s)</strong></td>
<td style="height: 13px; width: 209.3px;"><strong>Version(s)</strong></td>
</tr>
<tr style="height: 18px;">
<td style="height: 18px; width: 502.7px;">IBM Spectrum Protect Client</td>
<td style="height: 18px; width: 209.3px;">8.1.0.0-8.1.10.0</td>
</tr>
<tr style="height: 26px;">
<td style="height: 26px; width: 502.7px;">IBM Spectrum Protect for Virtual Environments: Data Protection for VMware</td>
<td style="height: 26px; width: 209.3px;">8.1.0.0-8.1.10.0
7.1.0.0-7.1.8.9</td>
</tr>
<tr style="height: 26px;">
<td style="height: 26px; width: 502.7px;">IBM Spectrum Protect for Virtual Environments: Data Protection for Hyper-V</td>
<td style="height: 26px; width: 209.3px;">8.1.0.0-8.1.10.0</td>
</tr>
</tbody>
</table>
</p>
<p> Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin:
X-Force Database:
X-Force Database: </p>
<p>The post appeared first on .</p>
[fixed][/fixed]
<p> CVE(s): [/u], [u], Third Party Entry: 177835</p>
<p></
Affected product(s) and affected version(s):</p>
<table style="height: 132px;" border="1" width="728">
<tbody>
<tr style="height: 13px;">
<td style="height: 13px; width: 502.7px;"><strong>Affected Product(s)</strong></td>
<td style="height: 13px; width: 209.3px;"><strong>Version(s)</strong></td>
</tr>
<tr style="height: 18px;">
<td style="height: 18px; width: 502.7px;">IBM Spectrum Protect Client</td>
<td style="height: 18px; width: 209.3px;">8.1.0.0-8.1.10.0</td>
</tr>
<tr style="height: 26px;">
<td style="height: 26px; width: 502.7px;">IBM Spectrum Protect for Virtual Environments: Data Protection for VMware</td>
<td style="height: 26px; width: 209.3px;">8.1.0.0-8.1.10.0
7.1.0.0-7.1.8.9</td>
</tr>
<tr style="height: 26px;">
<td style="height: 26px; width: 502.7px;">IBM Spectrum Protect for Virtual Environments: Data Protection for Hyper-V</td>
<td style="height: 26px; width: 209.3px;">8.1.0.0-8.1.10.0</td>
</tr>
</tbody>
</table>
</p>
<p> Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin:
X-Force Database:
X-Force Database: </p>
<p>The post appeared first on .</p>
