Lucene search

K
ibmIBM519FF26BE329CC59BFF47E2AAC0D4B73FCA35BCF836D736A007D121863323E8C
HistoryDec 17, 2021 - 5:30 p.m.

Security Bulletin: Is Blueworks Live affected by CVE-2021-44228 (Log4j Vulnerability)?

2021-12-1717:30:47
www.ibm.com
73

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

Summary

Is Blueworks Live affected by CVE-2021-44228 (Log4j Vulnerability)?

Vulnerability Details

Please refer to the Flash Alert published here:
<https://www.ibm.com/support/pages/node/6527936&gt;

Get Notified about Future Security Bulletins

Subscribe to My Notifications to be notified of important
product support alerts like this.

Off

Related Information

[IBM Secure Engineering Web Portal](http://www.ibm.com/security/secure-
engineering/bulletins.html)
IBM Product Security Incident Response Blog

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an “industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response.” IBM PROVIDES THE CVSS SCORES ““AS IS”” WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

Document Location

Worldwide

[{“Type”:“MASTER”,“Line of
Business”:{“code”:“LOB45”,“label”:“Automation”},“Business
Unit”:{“code”:“BU059”,“label”:“IBM Software w/o
TPS”},“Product”:{“code”:“SS2MKC”,“label”:“IBM Blueworks Live”},“ARM
Category”:[{“code”:“a8m50000000L2DTAA0”,“label”:“DevOps-\u003EServer
Issues”}],“Platform”:[{“code”:“PF025”,“label”:“Platform
Independent”}],“Version”:“All Versions”}]

Product Synonym

blueworkslive

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

Related for 519FF26BE329CC59BFF47E2AAC0D4B73FCA35BCF836D736A007D121863323E8C