After conducting extensive research on product code base, it is determined that all versions of****IBM Security Directory Integrator are**not **vulnerable to Java library Apache log4j v2 with JNDI exploit (CVE-2021-44228).

CPENameOperatorVersion
ibm security directory integratoreqany

CPE	Name	Operator	Version
	ibm security directory integrator	eq	any

ibm 46

threatpost 33

nessus 12

msrc 3

suse 1

githubexploit 53

impervablog 4

malwarebytes 1

thn 3

rapid7blog 8

hackerone 2

f5 1

metasploit 3

wallarmlab 2

qualysblog 1

packetstorm 2

kaspersky 1

nuclei 1

zdt 3

akamaiblog 1

mageia 1

ics 2

freebsd 2

openvas 6

redhat 1

osv 1

veracode 1

talosblog 1

trellix 1

trendmicroblog 1

amd 1

ibm

Security Bulletin: IBM Tivoli System Automation Application Manager is vulnerable to Apache Log4j vulnerability (CVE-2021-44228)

2021-12-21 06:32:09

Security Bulletin: IBM Unified Data Model for Healthcare is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-44228)

2021-12-30 18:29:29

Security Bulletin: Vulnerability in Apache Log4j addressed in IBM Spectrum Symphony

2022-01-07 15:43:37

threatpost

Cybercriminals Swarm Windows Utility Regsvr32 to Spread Malware

2022-02-09 21:56:49

Staff Think Conti Group Is a Legit Employer – Podcast

2022-03-14 21:50:45

NFT Investors Lose $1.7M in OpenSea Phishing Attack

2022-02-22 03:12:30

nessus

openSUSE 15 Security Update : logback (openSUSE-SU-2021:1613-1)

2021-12-25 00:00:00

Debian DLA-2842-1 : apache-log4j2 - LTS security update

2021-12-13 00:00:00

Amazon Linux AMI : log4j-cve-2021-44228-hotpatch (ALAS-2022-1601)

2022-06-16 00:00:00

msrc

Microsoft’s Response to CVE-2021-44228 Apache Log4j 2

2021-12-12 08:00:00

Microsoft’s Response to CVE-2021-44228 Apache Log4j 2

2021-12-12 05:28:18

CVE-2021-44228 Apache Log4j 2 に対するマイクロソフトの対応

2021-12-12 08:00:00

suse

Security update for log4j (important)

2021-12-13 00:00:00

githubexploit

Exploit for Deserialization of Untrusted Data in Apache Log4J

2022-03-03 17:18:43

Exploit for Deserialization of Untrusted Data in Apache Log4J

2021-12-14 16:42:45

Exploit for Improper Input Validation in Apache Log4J

2021-12-19 19:37:48

impervablog

5 Things We’ve Learned About CVE-2021-44228

2021-12-17 06:44:55

2021 in Review, Part 3: 5 Things Security Professionals Were Discussing this Year

2021-12-30 13:26:47

Continuing to Stay Ahead of CVE-2021-44228: Addressing Your Top Questions

2021-12-14 22:55:49

malwarebytes

What SMBs can do to protect against Log4Shell attacks

2021-12-15 20:59:31

thn

Iranian Hackers Compromised a U.S. Federal Agency's Network Using Log4Shell Exploit

2022-11-17 06:22:00

China suspends deal with Alibaba for not sharing Log4j 0-day first with the government

2021-12-22 11:53:00

Hackers Exploit Log4j Vulnerability to Infect Computers with Khonsari Ransomware

2021-12-14 11:09:00

rapid7blog

Log4Shell Strategic Response: 5 Practices for Vulnerability Management at Scale

2022-01-07 18:20:22

Sharing the Gifts of Cybersecurity – Or, a Lesson From My First Year Without Santa

2022-01-03 15:00:00

How InsightAppSec Detects Log4Shell: Your Questions Answered

2022-02-15 15:16:37

hackerone

Judge.me : Log4j RCE on https://judge.me/reviews

2021-12-15 10:30:12

U.S. Dept Of Defense: ███ ████████ running a vulnerable log4j

2021-12-31 00:55:49

K19026212 : Apache Log4j2 Remote Code Execution vulnerability CVE-2021-44228

2021-12-10 00:00:00

metasploit

Log4Shell HTTP Scanner

2021-12-15 13:45:24

MobileIron Core Unauthenticated JNDI Injection RCE (via Log4Shell)

2022-07-29 17:31:15

VMware vCenter Server Unauthenticated JNDI Injection RCE (via Log4Shell)

2022-01-12 20:34:45

wallarmlab

5 things you must know about Log4Shell

2021-12-11 01:22:39

Update on Log4Shell (CVE-2021-44228)

2021-12-10 20:22:36

qualysblog

Qualys Study Reveals How Enterprises Responded to Log4Shell

2022-03-18 13:00:00

packetstorm

VMware vCenter Server Unauthenticated Log4Shell JNDI Injection Remote Code Execution

2022-01-20 00:00:00

AD Manager Plus 7122 Remote Code Execution

2023-04-03 00:00:00

kaspersky

KLA12396 RCE vulnerability in Microsoft Developer Tools

2021-12-16 00:00:00

nuclei

Apache Log4j2 Remote Code Injection

2021-12-11 19:26:50

zdt

Apache Log4j2 2.14.1 - Information Disclosure Exploit

2021-12-14 00:00:00

VMware vCenter Server Unauthenticated Log4Shell JNDI Injection Remote Code Execution Exploit

2022-01-20 00:00:00

Intel Data Center Manager 5.1 Local Privilege Escalation Vulnerability

2022-12-10 00:00:00

akamaiblog

CVE-2021-44228 - Zero Day Vulnerability in Apache Log4j that allows remote code execution (RCE)

2021-12-10 21:00:00

mageia

Updated log4j packages fix security vulnerability

2021-12-11 04:02:37

ics

Johnson Controls exacq Enterprise Manager

2021-12-23 12:00:00

Karakurt Data Extortion Group

2023-12-12 12:00:00

freebsd

bastillion -- log4j vulnerability

2021-12-10 00:00:00

serviio -- affected by log4j vulnerability

2021-12-13 00:00:00

openvas

Ubuntu: Security Advisory (USN-5192-2)

2022-08-26 00:00:00

Fedora: Security Advisory for jansi (FEDORA-2021-66d6c484f3)

2021-12-23 00:00:00

Apache Struts 2.5.x Log4j RCE Vulnerability (Log4Shell) - Version Check

2021-12-13 00:00:00

redhat

(RHSA-2021:5133) Critical: Red Hat AMQ Streams 1.6.5 release and security update

2021-12-14 21:09:18

osv

Critical vulnerability in log4j may affect generated PEAR projects

2021-12-16 21:01:51

veracode

Remote Code Execution (RCE)

2021-12-10 15:09:45

talosblog

How CVSS 4.0 changes (or doesn’t) the way we see vulnerability severity

2024-02-21 13:54:48

trellix

Log4J and The Memory That Knew Too Much

2022-01-19 00:00:00

trendmicroblog

Patch Now: Apache Log4j Vulnerability Called Log4Shell Actively Exploited

2021-12-13 00:00:00

amd

AMD Response to Log4j (Log4Shell) Vulnerability

2021-12-15 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

99.9%

JSON

Related for 8968C94B71BE086C952CFA8BF1B1924C1CF6FFECA8B8864B828E68AABA1D96E8