IBM Sterling External Authentication Server is vulnerable to an arbitrary code execution due to Apache Log4j, which is used for logging (CVE-2021-44832). The fix includes Apache Log4j 2.17.1.
CVEID:CVE-2021-44832
**DESCRIPTION:**Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code.
CVSS Base score: 6.6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/216189 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM Sterling External Authentication Server | 6.0.3 |
IBM Sterling External Authentication Server | 6.0.2 |
IBM strongly recommends addressing the vulnerability now.
Product | VRMF | iFix | Remediation |
---|---|---|---|
IBM Sterling External Authentication Server | 6.0.3 | iFix 01 Plus Build 141 | Fix Central - 6030 |
IBM Sterling External Authentication Server | 6.0.2 | iFix 04 Plus Build 214 | Fix Central - 6020 |
The Fix Central - 6030 link points to a fix called SSP-SEAS-log4j-2.17.1-jars-for-CVE-2021-44832 which supplies the jars and instructions to replace them. This fix remediates CVE-2021-44228, CVE-2021-45046, CVE-2021-45105 and CVE-2021-44832.
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm sterling secure proxy | eq | 6.0.3 | |
ibm sterling secure proxy | eq | 6.0.2 |