10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.975 High
EPSS
Percentile
99.9%
Log4j is used by IBM Watson Explorer to log system events for diagnostics. This bulletin provides a remediation for the vulnerability, CVE-2021-44228 by upgrading Watson Explorer and thus addressing the exposure to the log4j vulnerability.
CVEID:CVE-2021-44228
**DESCRIPTION:**Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the failure to protect against attacker controlled LDAP and other JNDI related endpoints by JNDI features. By sending a specially crafted code string, an attacker could exploit this vulnerability to load arbitrary Java code on the server and take complete control of the system. Note: The vulnerability is also called Log4Shell or LogJam.
CVSS Base score: 10
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/214921 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM Watson Explorer Deep Analytics Edition Foundational Components |
12.0.0.0,
12.0.1,
12.0.2.0 - 12.0.2.2,
12.0.3.0 - 12.0.3.7
IBM Watson Explorer Deep Analytics Edition Analytical Components|
12.0.0.0,
12.0.1,
12.0.2.0 - 12.0.2.2,
12.0.3.0 - 12.0.3.7
IBM Watson Explorer Deep Analytics Edition oneWEX|
12.0.0.0, 12.0.0.1,
12.0.1,
12.0.2.0 - 12.0.2.2,
12.0.3.0 - 12.0.3.7
IBM Watson Explorer Foundational Components| 11.0.0.0 - 11.0.0.3,
11.0.1,
11.0.2.0 -
11.0.2.11
IBM Watson Explorer Analytical Components| 11.0.0.0 - 11.0.0.3,
11.0.1,
11.0.2.0 -
11.0.2.11
Affected Product | Affected Versions | How to acquire and apply the fix |
---|---|---|
IBM Watson Explorer DAE | ||
Foundational Components |
12.0.0.0,
12.0.1,
12.0.2.0 - 12.0.2.2, 12.0.3.0 - 12.0.3.7
|
Query Modifier service is affected by this vulnerability. If Query Modifier service is installed (see Installing Query Modifier), please follow the steps below.
1. Stop Query Modifier service if it is running
* Linux: Run /etc/init.d/querymodifier stop
* Windows: Open the Service window, choose the Query Modifier Service, and click the Stop Service button.
2. Navigate to <install_dir>/Engine/nlq
3. Rename querymodifier.jar to querymodifier.jar.bak
4. Copy the downloaded querymodifier.jar to <install_dir>/Engine/nlq
5. Run install command
* Linux: querymodifier-install.sh
* Windows: querymodifier-install.ps1
6. Start Query Modifier service if you use the service
* Linux: Run /etc/init.d/querymodifier start
* Windows: Open the Service window, choose the Query Modifier Service, and click the Start Service button.
IBM Watson Explorer Deep Analytics Edition Analytical Components| 12.0.0.0, 12.0.1, 12.0.2.0 - 12.0.2.2, 12.0.3.0 - 12.0.3.7|
Natural Language Query service is affected by this vulnerability. Please follow the steps below.
1. Stop Natural Language Query service if it is running
esadmin nlqservice.node1 stop
The service name might be such as nlqservice.node2 when using a distributed environment.
2. Navigate to <install_dir>/lib
3. Rename querymodifier.jar to querymodifier.jar.bak
4. Copy the downloaded querymodifier.jar to <install_dir>/lib
5. Start Natural Language Query service if you use the service
esadmin nlqservice.node1 start
IBM Watson Explorer Deep Analytics Edition oneWEX| 12.0.0.0, 12.0.0.1, 12.0.1, 12.0.2.0 - 12.0.2.2, 12.0.3.0 - 12.0.3.7|
Upgrade to Version 12.0.3.8.
See Watson Explorer Version 12.0.3.8 oneWEX for download information and instructions.
IBM Watson Explorer
Foundational Components| 11.0.0.0 - 11.0.0.3,
11.0.1,
11.0.2.0 -
11.0.2.11|
Query Modifier service is affected by this vulnerability. If Query Modifier service is installed (see Installing Query Modifier), please follow the steps below.
1. Stop Query Modifier service if it is running
* Linux: Run /etc/init.d/querymodifier stop
* Windows: Open the Service window, choose the Query Modifier Service, and click the Stop Service button.
2. Navigate to <install_dir>/Engine/nlq
3. Rename querymodifier.jar to querymodifier.jar.bak
4. Copy the downloaded querymodifier.jar to <install_dir>/Engine/nlq
5. Run install command
* Linux: querymodifier-install.sh
* Windows: querymodifier-install.ps1
6. Start Query Modifier service if you use the service
* Linux: Run /etc/init.d/querymodifier start
* Windows: Open the Service window, choose the Query Modifier Service, and click the Start Service button.
IBM Watson Explorer Analytical Components| 11.0.0.0 - 11.0.0.3,
11.0.1,
11.0.2.0 -
11.0.2.11|
Natural Language Query service is affected by this vulnerability. Please follow the steps below.
1. Stop Natural Language Query service if it is running
esadmin nlqservice.node1 stop
The service name might be such as nlqservice.node2 when using a distributed environment.
2. Navigate to <install_dir>/lib
3. Rename querymodifier.jar to querymodifier.jar.bak
4. Copy the downloaded querymodifier.jar to <install_dir>/lib
5. Start Natural Language Query service if you use the service
esadmin nlqservice.node1 start
None
10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.975 High
EPSS
Percentile
99.9%