1,126
edits
Difference between revisions of "Apache Log4j & CMOD ODWEK ICN"
Apache Log4j & CMOD ODWEK ICN (view source)
Revision as of 16:06, 11 December 2021
, 16:06, 11 December 2021Minor cleanups on the whole article.
m (Updated for CMOD v9.5 and v9.0) |
m (Minor cleanups on the whole article.) |
||
| Line 1: | Line 1: | ||
{{TOCright}} | {{TOCright}} | ||
This article discusses IBM Content Manager OnDemand (CMOD), the OnDemand Web Enablement Kit (ODWEK), IBM Content Navigator (ICN) and the Apache Log4j library, for which a Remote Code Execution (RCE) vulnerability is actively being exploited, which can give attackers control of the affected servers. | This article discusses IBM Content Manager OnDemand (CMOD), the OnDemand Web Enablement Kit (ODWEK), IBM Content Navigator (ICN) and the Apache Log4j library, for which a Remote Code Execution (RCE) vulnerability is actively being exploited, which can give attackers elevated access, or effective control of the affected servers. | ||
'''Please upgrade as soon as possible, this vulnerability is being actively exploited on publicly facing systems.''' | '''Please upgrade as soon as possible, this vulnerability is being actively exploited on publicly facing systems.''' | ||
This issue has been assigned the following designation: CVE-2021-44228 | This issue has been assigned the following designation: CVE-2021-44228 | ||
Download the latest version here: [https://logging.apache.org/log4j/2.x/download.html Apache Log4j] | |||
== Announcements == | == Announcements == | ||