Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache Log4j

IBM Watson Discovery for IBM Cloud Pak for Data ships with versions of Apache Log4j vulnerable to serialization gadgets.

Affected product(s) and affected version(s):

Affected Product(s)Version(s)
ICP – Discovery2.0.0-2.1.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/1288018

The post Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache Log4j appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/2GEzVCm