7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.156 Low
EPSS
Percentile
95.4%
There are multiple vulnerabilities identified within the Apache Log4j library used by a component of IBM Tivoli System Automation Application Manager. The fix includes Apache Log4j 2.17.0.
Refer to the security bulletin(s) listed in the Remediation/Fixes section
IBM Tivoli System Automation Application Manager is impacted due to being dependent on IBM WebSphere Application Server which includes the vulnerable Apache Log4j version.
Affected Product(s) | Version(s) |
---|---|
IBM Tivoli System Automation Application Manager | 4.1 |
Remediate the vulnerability for IBM Tivoli System Automation Application Manager and address the Apache Log4j vulnerability in IBM WebSphere Application Server by following the details in the referenced security bulletin below.
Principal Product and Version(s) | Affected Supporting Product and Version | Affected Supporting Product Security Bulletin |
---|---|---|
IBM Tivoli System Automation Application Manager 4.1 |
4.1.0.1
| IBM WebSphere Application Server is vulnerable Apache Log4j vulnerabilities(CVE-2021-4104)
4.1.0.2
4.1.0.3
4.1.0.4
4.1.0.5
None
CPE | Name | Operator | Version |
---|---|---|---|
tivoli system automation application manager | eq | 4.1 |
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.156 Low
EPSS
Percentile
95.4%