Security Bulletin: Due to use of Apache Log4j, IBM QRadar SIEM is affected by arbitrary code execution (CVE-2019-17571, CVE-2021-44832, CVE-2021-4104)

Summary IBM QRadar SIEM is affected by arbitrary code execution due to Apache Log4j CVE-2019-17571, CVE-2021-44832, CVE-2021-4104. Apache Log4j is used by IBM QRadar SIEM as part of its logging infrastructure. The fix includes Apache Log4j 2.17.2 Vulnerability Details CVEID:CVE-2019-17571...

Security Bulletin: IBM Security Directory Integrator as shipped with IBM Security Directory Suite is affected by Apache Log4j vulnerability (CVE-2021-4104)

Summary The IBM Security Directory Integrator component of IBM Security Directory Server is affected by, but not vulnerable to arbitrary code execution due to Apache Log4j CVE-2021-4104. Apache Log4j is used as part of the logging infrastructure. IBM Security Directory Server has shipped an...

Exposure of Sensitive Information to an Unauthorized Actor in MongoDB Rust Driver

Specific MongoDB Rust Driver versions can include credentials used by the connection pool to authenticate connections in the monitoring event that is emitted when the pool is created. The user's logging infrastructure could then potentially ingest these events and unexpectedly leak the credential...

CVE-2021-20332

CVE-2021-20332 affects the MongoDB Rust Driver. The vulnerability arises because certain driver versions may emit monitoring events during pool creation that include credentials used to authenticate connections. If a user’s logging infrastructure ingests these events, credentials could be leaked....

CVE-2017-3317

Removed by vendor...